Exploits Turn Windows Defender into Attacker Tool Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are unpatched.

Exploits Turn Windows Defender into Attacker Tool: https://bit.ly/4u6wkD0 by Jai Vijayan

Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware.

Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk: https://bit.ly/42n3m5I by Elizabeth Montalbano

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool The prompt injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and code execution.

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool: https://bit.ly/4tSHdrC by Elizabeth Montalbano

Chinese APT Targets Indian Banks, Korean Policy Circles China is spying on India's financial sector, for some reason, and it's not putting much effort into it, judging by some stale TTPs.

Chinese APT Targets Indian Banks, Korean Policy Circles: https://bit.ly/3OE7mM3 by Nate Nelson #DRGlobal

Serial-to-IP Devices Hide Thousands of Old and New Bugs The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say.

Serial-to-IP Devices Hide Thousands of Old and New Bugs: https://bit.ly/4vFOKvB by Nate Nelson #BHASIA

WhatsApp Leaks User Metadata to Attackers Strangers can infer limited info about you without knowing or messaging you, which could theoretically aid certain kinds of malicious activity.

WhatsApp Leaks User Metadata to Attackers: https://bit.ly/3OswxRJ by Nate Nelson

Every Old Vulnerability Is Now an AI Vulnerability AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones.

Every Old Vulnerability Is Now an AI Vulnerability: https://bit.ly/4sZZGSB by Nik Kale, principal engineer, Coalition for Secure AI

Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid OT-security role.

Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs: https://bit.ly/4ttq6gn by Rob Lemos

NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities The National Institute of Standards and Technology carved a new path for vulnerability remediation by changing the way it prioritizes software flaws.

Latest on @darkreading.bsky.social
#DRTheEdge: NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities https://zpr.io/hAUb2q28reeg #darkreading #cybersecurity

North Korea Uses ClickFix to Target macOS Users' Data North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials and sensitive data from Macs.

North Korea Uses ClickFix to Target macOS Users' Data: https://bit.ly/4tQKyaP by Alexander Culafi

'Harmless' Global Adware Transforms Into an AV Killer A March 2025 update from Dragon Boss established persistence via scheduled tasks and arranged for any future payloads to be excluded from Windows Defender.

'Harmless' Global Adware Transforms Into an AV Killer: https://bit.ly/4dSF5f0 by Nate Nelson

Microsoft's Original Windows Secure Boot Certificate Is Expiring The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. Update those PCs soon.

Microsoft's Original Windows Secure Boot Certificate Is Expiring: https://bit.ly/48TYR6j by Jeffrey Schwartz #DRTechnology

6-Year Ransomware Campaign Targets Turkish Homes & SMBs Enterprises breaches make more headlines, while smaller incidents tend to be under-reported, if at all, allowing such campaigns to last longer.

6-Year Ransomware Campaign Targets Turkish Homes & SMBs: https://bit.ly/4sXkFW9 by Nate Nelson #DRGlobal

Two-Factor Authentication Breaks Free from the Desktop Threat actors know how to bypass security systems outside of traditional IT environments. Implementing 2FA could provide a needed extra security barrier in the physical world.

Latest on @darkreading.bsky.social
#DRTechnology: Two-Factor Authentication Breaks Free from the Desktop https://zpr.io/4WPry6uqAyvu #darkreading #cybersecurity

Two-Factor Authentication Breaks Free from the Desktop Threat actors know how to bypass security systems outside of traditional IT environments. Implementing 2FA could provide a needed extra security barrier in the physical world.

Latest on @darkreading.bsky.social DR Technology: Two-Factor Authentication Breaks Free from the Desktop https://zpr.io/4WPry6uqAyvu #DRTechnology #darkreading #cybersecurity

Microsoft's Original Windows Secure Boot Certificate Is Expiring The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. Update those PCs soon.

Latest on @darkreading.bsky.social DR Technology: Microsoft's Original Windows Secure Boot Certificate Is Expiring https://zpr.io/AArSTVbgZzFA #DRTechnology #darkreading #cybersecurity

Navigating Unique Security Risks of Asia's Digital Supply Chain Regulatory differences, interconnected digital ecosystems, and the rise of AI have created a complex supply chain Asian organizations must wrangle.

Navigating the Unique Security Risks of Asia's Digital Supply Chain: https://bit.ly/4mwKb2P by Alexander Culafi #BHASIA

Preparing for 'Q-Day': Why Quantum Risk Management Is a Must Quantum computers are coming and they may impact systems in unexpected ways that security teams will need to plan for.

Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now: https://bit.ly/4cwgD0E by Rob Wright #BHASIA

Audit: Big Tech Often Ignores CA Law Opt-Out Requests Google, Meta, Microsoft about half the time don't comply with requests to opt out of online tracking per California law mandate, privacy watchdog finds.

Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests: https://bit.ly/48EaZIz by Elizabeth Montalbano

Microsoft, Salesforce Patch AI Agent Data Leak Flaws Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.

Microsoft, Salesforce Patch AI Agent Data Leak Flaws: https://bit.ly/4sCWHiz by Alexander Culafi

Microsoft Bets $10 Billion to Boost Japan's AI, Cybersecurity The deal aims to accelerate AI adoption, train workers, and develop cybersecurity partnerships — the latest move by a hyperscaler to compete in the region.

Microsoft Bets $10B to Boost Japan's AI, Cybersecurity: https://bit.ly/4tPRRQ4 by Rob Lemos #DRGlobal

EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses Stopping EDR killers, which employ bring-your-own-vulnerable-driver (BYOVD) attack techniques, is difficult, but not impossible.

EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses: https://bit.ly/4cJZ1zt by Rob Wright

War Game Exercise Demonstrates How Social Media Manipulation Works: https://bit.ly/4ckUhjX by Elizabeth Montalbano

Report: CISOs Should Prepare for Post-Mythos Exploit Storm A Cloud Security Alliance (CSA) paper warns of an "AI vulnerability storm" triggered by the introduction of Anthropic's Claude Mythos.

CSA: CISOs Should Prepare for Post-Mythos Exploit Storm: https://bit.ly/47ZM9CG by Alexander Culafi

Adobe Patches Exploited Zero-Day That Lingered for Months An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four months.

Adobe Patches Actively Exploited Zero-Day That Lingered for Months: https://bit.ly/4tSPvjz by Jai Vijayan

OT Lacks the Tools for Cryptographic Readiness OT asset owners are being asked by regulators to attest to their post-quantum cryptographic readiness without the appropriate tooling.

Empty Attestations: OT Lacks the Tools for Cryptographic Readiness: https://bit.ly/4c8Edl9 by Brad McInnis, founder and CEO, Cyberzero

APT41 Delivers 'Undetectable' Backdoor to Steal Cloud Credentials The China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.

APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials: https://bit.ly/4vqJgF1 by Elizabeth Montalbano

Your Next Breach Will Look Like Business as Usual These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of credential-based attacks.

Your Next Breach Will Look Like Business as Usual: https://bit.ly/4sL2Vx7 by Jeanette Miller-Osborn, field cyber intelligence officer, Dataminr

Hims Breach Exposes the Most Sensitive Kinds of PHI Threat actors breached the telehealth brand, and now they may know who's bald, overweight, and impotent. What could they do with that information?

Hims Breach Exposes the Most Sensitive Kinds of PHI: https://bit.ly/41qb9Q0 by Nate Nelson

Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands? Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor said.

Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?: https://bit.ly/4tEbYAu by Alexander Culafi