Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

Cybersecurity researchers found a patched vulnerability in Google's Antigravity IDE. Exploiting its file creation & weak input sanitization, attackers could achieve code execution.

No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks Stolen credentials remain top breach vector as AI speeds phishing and testing, increasing ransomware and persistence risk.

Despite rising threats like zero-days & AI exploits, stolen credentials remain the top attack vector. Credential stuffing fuels many breaches—stay vigilant on identity security!

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs NGate abuses HandyPay in Brazil since Nov 2025, stealing NFC data and PINs to enable ATM fraud and unauthorized payments.

Cybersecurity researchers found a new NGate Android malware variant using a patched legitimate app, HandyPay, with AI-generated malicious code, replacing NFCGate. #Cybersecurity

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and persistence.

Cybersecurity alert: A new botnet named PowMix has been targeting CZ workers since Dec 2025. It uses randomized C2 beaconing to avoid detection, warns Cisco Talos.

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation CVE-2026-34197 exploited in Apache ActiveMQ; CISA KEV listing sets April 30, 2026 patch deadline, increasing enterprise RCE risk.

CISA reports active exploitation of CVE-2026-34197 (CVSS 8.8), a serious flaw in Apache ActiveMQ Classic. The vulnerability is now in the KEV list, urging federal agencies to act.

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts 53 DDoS domains seized in Operation PowerOFF across 21 countries, exposing 3 million accounts and disrupting 75,000 users' attacks.

Operation PowerOFF shut down 53 domains & arrested 4, disrupting DDoS-for-hire services used by 75,000+ cybercriminals. A major blow to cybercrime infrastructure.

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions NIST limits CVE enrichment after 263% surge since 2020, prioritizing KEV and federal software, shifting thousands to “Not Scheduled.”

NIST will now only enrich CVEs in the NVD that meet specific criteria due to a rise in submissions. Non-matching CVEs will remain listed but won't be enriched. #Cybersecurity

Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul Google blocked 8.3B ads and suspended 24.9M accounts in 2025 as Android 17 tightened contact and location access, reducing fraud and abuse.

Google's new Play policies boost privacy & fight fraud: blocked 8.3B ads, suspended 24.9M accounts in 2025. Android updates limit contact & location access for apps.

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched Three Defender zero-days exploited since April 10, 2026, enabling privilege escalation and DoS, forcing isolation of affected systems.

Huntress warns: threat actors are exploiting 3 new zero-day flaws in Microsoft Defender—BlueHammer, RedSun, and UnDefend—discovered by Chaotic Eclipse to escalate privileges.

Just discovered a new tech gadget—game changer! 🚀 #techtwitter

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet CVE-2024-3721 and CVE-2023-33538 exploited in TBK DVRs and EoL TP-Link routers, enabling Mirai variants and DDoS risk.

Threat actors exploit security flaws in TBK DVRs and EOL TP-Link routers to deploy Mirai botnets. CVE-2024-3721 (score 6.3) is a key vulnerability targeted. Stay updated!

$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims $13.74M stolen from Grinex on April 15, 2026 after sanctions, disrupting Russia-linked evasion networks.

Grinex, a Kyrgyz crypto exchange sanctioned by the U.S. & UK, suspends ops after a $13.74M hack it blames on foreign intel. Over 1M stolen in what it calls a large-scale cyber attack.

[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data Compromised service accounts caused 68% of 2024 cloud breaches, enabling 200-day dwell times and lateral movement across environments.

In 2024, 68% of cloud breaches were due to unmanaged service accounts and API keys, not phishing. Each employee has 40-50 automated credentials—watching these is key to security.

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025 JanelaRAT hits Latin American banks with 14,739 attacks in Brazil in 2025, enabling credential theft and financial espionage

Banks in Latin America, like Brazil & Mexico, face JanelaRAT—a malware stealing financial & crypto data, tracking keystrokes, taking screenshots, & collecting system info. Stay alert!

Chilean Telescope Array Gets 145 New Powerful Amplifiers For decades, scientists have observed the cosmos with radio antennas to visualize the dark, distant regions of the universe. This includes the gas and dust of the interstellar medium, planet-forming disks, and objects that cannot be observed in visible light. In this field, the Atacama Large Millimeter/Submillimeter Array (ALMA) in Chile stands out as one of the world’s most powerful radio telescopes. Using its 66 parabolic antennas, ALMA observes the millimeter and sub-millimeter radiation emitted by cold molecular clouds from which new stars are born. Each antenna is equipped with high-frequency receivers for ten wavelength ranges, 35 to 50 gigahertz and 787 to 950 GHz, collectively known as Band 1. Thanks to the Fraunhofer Institute for Applied Solid State Physics (IAF) and the Max Planck Institute for Radio Astronomy, ALMA has received an upgrade with the addition of 145 new low-noise amplifiers (LNAs). These amplifiers are part of the facilities’ Band 2 coverage, ranging from 67 to 116 GHz on the electromagnetic spectrum. This additional coverage will allow researchers to study and gain a better understanding of the universe. In particular, they hope to gain new insights into the “cold interstellar medium”: The dust, gas, radiation, and magnetic fields from which stars are born. In addition, scientists will be able to study planet-forming disks in better detail. Last, but certainly not least, they will be able to study complex organic molecules in nearby galaxies, which are considered precursors to the building blocks of life. In short, these studies will allow astronomers and cosmologists to witness how stars and planetary systems form and evolve, and how the presence of organic molecules can lead to the emergence of life.Advanced Amplifiers Enhance ALMA Sensitivity Each LNA includes a series of monolithic microwave integrated circuits (MMICs) developed by Fraunhofer IAF using the semiconducting material indium gallium arsenide. MMICs are based on metamorphic high-electron-mobility transistor technology, a method for creating advanced transistors that are flexible and allow for optimized performance in high-frequency receivers. The addition of LNAs equipped with these circuits will amplify low-noise signals and minimize background noise, dramatically increasing the sensitivity of ALMAs’ receivers. Fabian Thome, head of the subproject at Fraunhofer IAF, explained in an IAF press release:The performance of receivers depends largely on the performance of the first high-frequency amplifiers installed in them. Our technology is characterized by an average noise temperature of 22 K, which is unmatched worldwide. With the new LNAs, signals can be amplified more than 300-fold in the first step. “This enables the ALMA receivers to measure millimeter and submillimeter radiation from the depths of the universe much more precisely and obtain better data. We are incredibly proud that our LNA technology is helping us to better understand the origins of stars and entire galaxies. Both Fraunhofer IAF and the Max Planck Institute for Radio Astronomy were commissioned by the European Southern Observatory to provide the amplifiers. While Fraunhofer IAF was responsible for designing, manufacturing, and testing the MMICs at room temperature, Max Planck was tasked with assembling and qualifying the LNA modules, then testing them in cryogenic conditions. “This is a wonderful recognition of our fantastic collaboration with Fraunhofer IAF, which shows that our amplifiers are not only ‘made in Germany’ but also the best in the world,” said Michael Kramer, executive director at the Max Planck Institute for Radio Astronomy.

Chilean Telescope Array Gets 145 New Powerful Amplifiers

Just discovered a new gadget – tech keeps getting cooler! 🚀 #techtwitter

China’s AI Boyfriend Business Is Taking On a Life of Its Own Gen Z women in China are all in on digital companionship—even setting up dates with real-world versions of their AI boyfriends.

China’s AI Boyfriend Business Is Taking On a Life of Its Own

Free Social Media Tools | Publer Free tools to help you grow your brand on social media, whether you're just starting out or already established. A little growth never hurt nobody!

Here are some free tools to help you grow on social media 🚀

✅ Free social media scheduler (all social networks supported)

✅ Free Link in Bio for Instagram (make your posts clickable)

✅ Free media downloader (no registration needed)

The Race to Build the DeepSeek of Europe Is On As Europe’s longstanding alliance with the US falters, its push to become a self-sufficient AI superpower has become more urgent.

The Race to Build the DeepSeek of Europe Is On

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data Webloc surveils up to 500M devices using ad data; global law enforcement adoption raises warrantless tracking concerns.

Hungarian intelligence, El Salvador police, & US agencies reportedly use Webloc, a geolocation tool by Cobwebs (now Penlink), to track locations via ads. Developed in Israel, now global.

Nvidia’s New Rubin Architecture Thrives on Networking Earlier this week, Nvidia surprise-announced their new Vera Rubin architecture (no relation to the recently unveiled telescope) at the Consumer Electronics Show in Las Vegas. The new platform, set to reach customers later this year, is advertised to offer a ten-fold reduction in inference costs and a four-fold reduction in how many GPUs it would take to train certain models, as compared to Nvidia’s Blackwell architecture. The usual suspect for improved performance is the GPU. Indeed, the new Rubin GPU boasts 50 quadrillion floating-point operations per second (petaFLOPS) of 4-bit computation, as compared to 10 petaflops on Blackwell, at least for transformer-based inference workloads like large language models. However, focusing on just the GPU misses the bigger picture. There are a total of six new chips in the Vera-Rubin-based computers: the Vera CPU, the Rubin GPU, and four distinct networking chips. To achieve performance advantages, the components have to work in concert, says Gilad Shainer, senior vice president of networking at Nvidia. “The same unit connected in a different way will deliver a completely different level of performance,” Shainer says. “That’s why we call it extreme co-design.”Expanded “in-network compute” AI workloads, both training and inference, run on large numbers of GPUs simultaneously. “Two years back, inferencing was mainly run on a single GPU, a single box, a single server,” Shainer says. “Right now, inferencing is becoming distributed, and it’s not just in a rack. It’s going to go across racks.” To accommodate these hugely distributed tasks, as many GPUs as possible need to effectively work as one. This is the aim of the so-called scale-up network: the connection of GPUs within a single rack. Nvidia handles this connection with their NVLink networking chip. The new line includes the NVLink6 switch, with double the bandwidth of the previous version (3,600 gigabytes per second for GPU-to-GPU connections, as compared to 1,800 GB/s for NVLink5 switch). In addition to the bandwidth doubling, the scale-up chips also include double the number of SerDes—serializer/deserializers (which allow data to be sent across fewer wires) and an expanded number of calculations that can be done within the network. “The scale-up network is not really the network itself,” Shainer says. “It’s computing infrastructure, and some of the computing operations are done on the network…on the switch.” The rationale for offloading some operations from the GPUs to the network is two-fold. First, it allows some tasks to only be done once, rather than having every GPU having to perform them. A common example of this is the all-reduce operation in AI training. During training, each GPU computes a mathematical operation called a gradient on its own batch of data. In order to train the model correctly , all the GPUs need to know the average gradient computed across all batches. Rather than each GPU sending its gradient to every other GPU, and every one of them computing the average, it saves computational time and power for that operation to only happen once, within the network. A second rationale is to hide the time it takes to shuttle data in-between GPUs by doing computations on them en-route. Shainer explains this via an analogy of a pizza parlor trying to speed up the time it takes to deliver an order. “What can you do if you had more ovens or more workers? It doesn’t help you; you can make more pizzas, but the time for a single pizza is going to stay the same. Alternatively, if you would take the oven and put it in a car, so I’m going to bake the pizza while traveling to you, this is where I save time. This is what we do.” In-network computing is not new to this iteration of Nvidia’s architecture. In fact, it has been in common use since around 2016. But, this iteration adds a broader swath of computations that can be done within the network to accommodate different workloads and different numerical formats, Shainer says.Scaling out and across The rest of the networking chips included in the Rubin architecture comprise the so-called scale-out network. This is the part that connects different racks to each other within the data center. Those chips are the ConnectX-9, a networking interface card; the BlueField-4 a so-called data processing unit, which is paired with two Vera CPUs and a ConnectX-9 card for offloading networking, storage, and security tasks; and finally the Spectrum-6 Ethernet switch, which uses co-packaged optics to send data between racks. The Ethernet switch also doubles the bandwidth of the previous generations, while minimizing jitter—the variation in arrival times of information packets. “Scale-out infrastructure needs to make sure that those GPUs can communicate well in order to run a distributed computing workload and that means I need a network that has no jitter in it,” he says. The presence of jitter implies that if different racks are doing different parts of the calculation, the answer from each will arrive at different times. One rack will always be slower than the rest, and the rest of the racks, full of costly equipment, sit idle while waiting for that last packet. “Jitter means losing money,” Shainer says. None of Nvidia’s host of new chips are specifically dedicated to connect between data centers, termed ‘“scale-across.” But Shainer argues this is the next frontier. “It doesn’t stop here, because we are seeing the demands to increase the number of GPUs in a data center,” he says. “100,000 GPUs is not enough anymore for some workloads, and now we need to connect multiple data centers together.”

Nvidia’s New Rubin Architecture Thrives on Networking

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Adobe patches CVE-2026-34621 after active exploitation since Dec 2025, preventing remote code execution via malicious PDFs.

Adobe released urgent updates for Acrobat Reader to fix CVE-2026-34621, a critical flaw with a CVSS 8.6 that could let attackers run malicious code. Update now!

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads CPUID breach served STX RAT via trojanized CPU-Z downloads on April 9–10, impacting 150+ victims and multiple industries.

Unknown actors hijacked cpuid.com for less than 24 hours, serving malicious software and deploying STX RAT. Incident ran from April 9, 15:00 to April 10, 10:00 UTC.

Sena Kizildemir Simulates Disasters to Prevent Building Collapses When two airplanes hit the World Trade Center in New York City on 11 September 2001, no one could predict how the Twin Towers would react structurally. The commercial jet airliners severed columns and started fires, weakening steel beams, and causing a “pancaking,” progressive collapse. Skyscrapers had not been designed or constructed with that kind of catastrophic structural failure in mind. IEEE Senior Member Sena Kizildemir is changing that through disaster simulation, one scenario at a time.Sena Kizildemir Employer Thornton Tomasetti, in New York City Job title Project engineer Member grade Senior member Alma maters Işik University in Şile and Lehigh University, in Bethlehem, Pa. A project engineer at Thornton Tomasetti’s applied science division in New York, Kizildemir uses simulations to study how buildings fail under extreme events such as impacts and explosions. The simulation results can help designers develop mitigation strategies. “Simulations help us understand what could happen before it occurs in real life,” she says, “to be able to better plan for it.” She loves that her work mixes creativity with solving real-world problems, she says: “You’re creating something to help people. My favorite question to answer is, ‘Can you make this better or easier?’” For her work, the nonprofit Professional Women in Construction named her one of its 20 Under 40: Women in Construction for 2025. Kizildemir is passionate about mentoring young engineers and being an IEEE volunteer. She says she has made it her mission to “pack as much impact into my years as possible.”A bright student in Türkiye She was born in Istanbul to a father who is a professional drummer and a mother who worked in magazine advertising and sales. Kizildemir and her older brother pursued engineering careers despite neither parent being involved in the field. While she became an expert in civil and mechanical engineering, her brother is an industrial engineer. As a child, she was full of curiosity, she says, interested in figuring out how things were built and how they worked. She loved building objects out of Legos, she says, and one of her earliest memories is using them to make miniature houses for ants. After acing an entrance exam, she won a spot in a STEM-focused high school, where she studied mathematics and physics.“Engineering is one of the few careers where you can make a lasting impact on the world, and I plan on mine being meaningful.” During her final year at the high school, she took the nationwide YKS (Higher Education Foundations Examination). The test determines which universities and programs—such as medicine, engineering, or law—students can pursue. She received a full scholarship to attend Işik University in Şile. Figuring she would study engineering abroad one day, she chose an English-taught program. She says she found that civil engineering best aligned with making the biggest impact on her community and the world. Several of her professors were alumni of Lehigh University, in Bethlehem, Pa., and spoke highly of the school. After earning her bachelor’s degree in civil engineering in 2016, she decided to attend Lehigh, where she earned a full scholarship to its master’s program in civil engineering.Moving abroad and working the rails Her master’s thesis focused on investigating root causes of crack propagation, which threatens railroad safety. Repeated wheel-rail loading causes microcracks, leading to metal fatigue, and residual stress results from specialized heating and cooling treatments during the manufacturing of steel rails. Cracks can develop beneath the rail’s surface. Because they’re invisible to the naked eye, such fractures are challenging to detect, Kizildemir says. The project was done in collaboration with the U.S. Federal Railroad Administration—part of the Department of Transportation—which is looking to adjust technical standards and employ mitigation strategies. Kizildemir and five colleagues designed and implemented testing protocols and physics-based simulations to detect cracks earlier and prevent their spread. Their research has given the Railroad Administration insights into structural defects that are being used to revise rail-building guidelines and inspection protocols. The administration published the first phase of the research in 2024. After graduating in 2018, Kizildemir began a summer internship as a civil engineer at Thornton Tomasetti. She conducted computational modeling using Abaqus software for rails subjected to repeated plastic deformation—material that permanently changes shape when under excessive stress—and presented her recommendations for improvement to the company’s management. During her internship, she worked with professors in different fields, including materials behavior and mechanical engineering. The experience, she says, inspired her to pursue a Ph.D. in mechanical engineering at Lehigh, continuing her research with the Railroad Administration. She earned her degree in 2023. She loved the work and the team at Thornton Tomasetti so much, she says, that she applied to work at the company, where she is now a project engineer.From simulations to real-world applications Her work focuses on developing finite element models for critical infrastructure and extreme events. Finite modeling breaks complex systems or topics into small elements connected together to numerically simulate real-world situations. She creates computational models of structures enduring realistic catastrophic events, such as a vehicle crashing into a building. She uses simulations to understand how buildings react to attacks such as the one on 9/11, which, she says, is often used as an example of why such research is essential. When starting a project, she and her team review building standards and try to identify new issues not yet covered by them. The team then adapts existing codes and standards, usually developed for well-understood hazards such as earthquakes, wind, and floods, to define simulation parameters. When a new structure is being built, for example, it is not designed to withstand a truck crashing into it. But Kizildemir and her team want to know how the building would react should that happen. They simulate the environments and situations, and they make recommendations based on the results to reduce or eliminate risks of structural failure. Mitigation suggestions include specific strategies to be implemented during project design and construction. Simulations can be created for any infrastructure, Kizildemir says. “I love problems that force me to think differently,” she says. “I want to keep growing.” She says she plans to live by Thornton Tomasetti’s internal motto: “When others say no, we say ‘Here’s how.’”Joining IEEE and getting more involved When Kizildemir first heard of IEEE, she assumed it was only for electrical engineers. But after learning how diverse and inclusive the organization is, she joined in 2024. She has since been elevated to a senior member and has become a volunteer. She joined the IEEE Technology and Engineering Management Society. She chaired the conference tracks and IEEE-sponsored sessions at the 2024 Joint Rail Conference, held in Columbia, S.C. She actively contributes to IEEE’s Collabratec platform and has participated in panel review meetings for senior member elevation applications. She’s also a member of ASME and has been volunteering for it since 2023. “Community is what helped get me to where I am today, and I want to pay it forward and make the field better,” she says. “Helping others improves ourselves.”Looking ahead and giving back Kizildemir mentors junior engineers at Thornton Thomasetti and is looking to expand her reach through IEEE’s mentorship programs. “Engineering doesn’t have a gender requirement,” she says she tells girls. “If you’re curious and like understanding how things work and get excited to solve difficult problems, engineering is for you. “Civil engineers don’t just build bridges,” she adds. “There are countless niche areas to be explored. Engineering is one of the few careers where you can make a lasting impact on the world, and I plan on mine being meaningful.” Kizildemir says she wants every engineer to be able to improve their community. Her main piece of advice for recent engineering graduates is that “curiosity, discipline, and the willingness to understand things deeply, to see how things can be done better,” are the keys to success.

Sena Kizildemir Simulates Disasters to Prevent Building Collapses

Thinking Machines Cofounder’s Office Relationship Preceded His Termination Leaders at Mira Murati’s startup believe Barret Zoph engaged in an incident of “serious misconduct.” The details are now coming to light.

Thinking Machines Cofounder’s Office Relationship Preceded His Termination

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk Hundreds of disconnected apps persist in 2026 enterprises, Ponemon finds, enabling AI agents to amplify credential risks and expand attack surfaces.

As identity programs mature, risk rises. New Ponemon research shows hundreds of apps still disconnected from centralized identity systems—creating a hidden security threat for CISOs.

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign APT28 exploits SOHO routers for global DNS hijacking and adversary-in-the-middle attacks, enabling credential theft and espionage.

Russia-linked APT28 (Forest Blizzard) has compromised MikroTik & TP-Link routers to enable cyber espionage since May 2025. The campaign remains ongoing.

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber conflict.

Iran-linked hackers target U.S. critical infrastructure OT devices, including PLCs, disrupting operations, manipulating data, and causing financial impacts, cyber and intel agencies warn.

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial theft.

North Korea-linked threat Contagious Interview targets Go, Rust, PHP with malicious packages impersonating legit tools to deploy malware. Stay vigilant! #CyberSecurity

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems Claude Mythos finds thousands of zero-days as Anthropic launches Project Glasswing, enhancing defenses but exposing AI security risks.

Anthropic launches Project Glasswing, using its new Claude Mythos model to identify security flaws. Selected partners include AWS, Apple, Broadcom, Cisco, and CrowdStrike.