welivesecurity from ESET
- New NGate variant hides in a trojanized NFC payment app April 21, 2026ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI
- What the ransom note won’t say April 20, 2026An attack is what you see, but a business operation is what you’re up against
- That data breach alert might be a trap April 17, 2026Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot.
- Supply chain dependencies: Have you checked your blind spot? April 16, 2026Your biggest risk may be a vendor you trust. How can SMBs map their third-party blind spots and build operational resilience?
- Recovery scammers hit you when you’re down: Here’s how to avoid a second strike April 10, 2026If you’ve been a victim of fraud, you’re likely already a lead on a ‘sucker list’ – and if you’re not careful, your ordeal may be about to get worse.
- As breakout time accelerates, prevention-first cybersecurity takes center stage April 7, 2026Threat actors are using AI to supercharge tried-and-tested TTPs. When attacks move this fast, cyber-defenders need to rethink their own strategy.
- Digital assets after death: Managing risks to your loved one’s digital estate April 1, 2026Fraudsters often target the accounts of the deceased or their grieving relatives. Here’s how to keep the scammers at bay.
- This month in security with Tony Anscombe – March 2026 edition March 31, 2026The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience plan
- RSAC 2026 wrap-up – Week in security with Tony Anscombe March 27, 2026This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven't caught up with
- A cunning predator: How Silver Fox preys on Japanese firms this tax season March 27, 2026Silver Fox is back in Japan, spoofing tax and HR emails timed to the one season when no one thinks twice about opening them
Security Channel from The Register
- Another npm supply chain worm is tearing through dev environments April 22, 2026Plus, the payload references 'TeamPCP/LiteLLM method' Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as it moves through developers' environments, and it shares significant overlap with the open source infections attributed to TeamPCP last month.…Jessica Lyons
- Anthropic's super-scary bug hunting model Mythos is shaping up to be a nothingburger April 22, 2026Hackpocalypse deferred Anthropic's Mythos model is purportedly so good at finding vulnerabilities that the Claude-maker is afraid to make it available to the general public for fear that criminals will take advantage. But early analysis shows that Mythos may not be as dangerous as some would have you believe.…Jessica Lyons
- Google unleashes even more AI security agents to fight the baddies April 22, 2026Along with a bunch of new services to make sure those same agents don't cause chaos Google Cloud chief operating officer Francis deSouza has summed up his company's security strategy du jour as follows: "You need to use AI to fight AI."…Jessica Lyons
- France's 'Secure' ID agency probes breach as crooks claim 19M records April 22, 2026Gov admits 'incident' as forum sellers boast of fresh haul covering up to a third of the population France's National Agency for "Secure" Documents is explaining a potential data spill just as crooks online claim they've nicked a third of the country's ID information.…Carly Page
- Scotland Yard can keep using live facial recognition on people in London, say judges April 22, 2026Judges say cops face-slurping not a problem under current human rights laws London's Metropolitan Police Service (MPS) has survived a legal challenge that attempted to curb its rollout of live facial recognition (LFR) technology across the capital.…Connor Jones
- Oil crisis? What oil crisis? IT spending de-coupled from wider war shock April 22, 2026Gartner sees accelerating growth in IT spending, powered by cloud and AI infrastructure investment A day after the International Energy Agency (IEA) said the US/Israel/Iran war was creating the worst energy crisis ever faced by the world, Gartner increased its growth forecasts for global IT spending by nearly three percentage points.…Lindsay Clark
- Mythos found 271 Firefox flaws – but none a human couldn’t spot April 22, 2026Mozilla CTO says AI means developers finally have a chance to get on top of security The Mozilla has revealed it tested Anthropic’s bug-finding “Mythos” AI model and feels the results it experienced represent a watershed moment for software defenders.…Simon Sharwood
- Nation-states want to cause harm, not just steal cash - stop handing your cyber defenses to the cheapest contractor April 21, 2026NCSC boss says China's whole-of-state cyber machine has become Britain's peer competitor in cyberspace State-sponsored cyberattacks from Chinese intelligence and military agencies display "an eye-watering level of sophistication," UK National Cyber Security Centre CEO Richard Horne is expected to say in a less-than-cheery opening speech to kick off its annual conference.…Connor Jones
- Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide April 21, 2026Lawmakers decry CISA cuts: 'We are shooting ourselves in the foot' If a cyberattack leads to a death, that's murder. A former FBI cyber division chief urged the US Justice Department to consider felony homicide charges against ransomware actors when attacks on hospitals lead to patient deaths.…Jessica Lyons
- More Cisco SD-WAN bugs battered in attacks April 21, 2026CISA gives federal agencies 4 days to patch America's lead cyber-defense agency has warned that three Cisco Catalyst SD-WAN Manager bugs are under attack, and given federal agencies just four days to patch the security holes.…Jessica Lyons