Latest Internet & Cybersecurity News
Researchers Uncover Pre-Stuxnet 'Fast16' Malware Targeting Iran's Nuclear Program
Cybersecurity researchers at SentinelOne discovered 'fast16', a Lua-based malware from 2005 designed to sabotage Iran's uranium enrichment centrifuges by tampering with high-precision calculations. The malware, predating Stuxnet, uses a kernel driver for precision sabotage and links to NSA deconfliction signatures from a 2017 leak.
It aimed to produce inaccurate calculations across facilities when combined with propagation mechanisms.
Global Agencies Warn of China-Linked Covert Hacking Networks
Britain's NCSC and 15 international partners, including FBI, issued guidance on China-linked hackers using compromised routers and smart devices for covert attacks on critical infrastructure. These networks hide origins, enable data theft, and maintain long-term access, with digital evidence disappearing quickly.
UK handles four major cyber incidents weekly, urging AI-powered defenses amid state actor threats from China, Iran, and Russia.
US State Dept Orders Global Warning on Chinese AI IP Theft by DeepSeek and Others
The US State Department sent a diplomatic cable urging attention to Chinese firms like DeepSeek stealing US AI intellectual property through model extraction and distillation. This counters low-cost replication of advanced AI, amid US-China tech tensions before a Trump-Xi summit.
China denies the allegations.
China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks
ESET uncovered GopherWhisper, a China-based APT active since 2023, using Go-based backdoors like LaxGopher for C&C via Slack and data exfiltration in Mongolian government attacks. It employed legitimate services, custom loaders, and injectors, infecting about 12 systems with dozens more likely targeted.
The group shows no ties to known APTs due to unique code and TTPs.
FISA Section 702 Reauthorization Stalls in US Congress
House Speaker Mike Johnson's five-year FISA 702 reauthorization failed on April 17, 2026, leading to a 10-day stop-gap expiring April 30. New legislation proposes a three-year term with reforms like monthly Civil Liberties reviews and attorney approvals for US person queries.
It expands congressional access to FISA Court proceedings.
Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions
The discovery of Fast16 highlights early US-Iran cyber conflicts, with the 2005 malware targeting nuclear facilities before Stuxnet. It connects to leaked NSA tools, underscoring long history of state-sponsored sabotage.
Researchers detailed its stealthy payload in a comprehensive report.
Trump Administration Vows Crackdown on Chinese AI Model Exploitation
The Trump administration promises action against Chinese companies exploiting US-made AI models, aligning with State Dept warnings. This escalates tech rivalry despite recent detente.
It precedes President Trump's Beijing visit with Xi Jinping.
US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor
A US federal agency's Cisco firewall was compromised by the 'Firestarter' backdoor, exposing vulnerabilities in critical infrastructure. This incident underscores supply chain and hardware risks in government networks.
Details emerged in recent cybersecurity reports.
Bitwarden NPM Package Hit in Supply Chain Attack
A Bitwarden NPM package suffered a supply chain attack, potentially compromising developer credentials and software integrity. Such attacks highlight risks in open-source ecosystems.
Immediate patches and alerts were issued.
Vulnerabilities Patched in CrowdStrike and Tenable Products
CrowdStrike and Tenable released patches for critical vulnerabilities exploitable by attackers. Organizations urged to update to prevent potential breaches.
These fixes address recent security flaws in leading cybersecurity tools.
Locked Shields 2026: 41 Nations Strengthen Cyber Resilience
The world's largest cyber exercise, Locked Shields 2026, involved 41 nations enhancing defenses against advanced threats. It focused on collaborative response to state-sponsored attacks.
Participants tested strategies amid rising global incidents.