Hello all,
While there were plenty of cyber related news articles to read this week, there weren’t many new major vulnerability announcements. But there were a few. Google patched for two high-risk defects, Microsoft had to release an emergency update for .NET for Windows, Linux, and macOS, and Oracle blessed us with a mass dump of 450 vulnerabilities that require patching. I guess that last number isn’t exactly a few, but they are all from one vendor. There are several good news reports of guilty pleas by criminal dirt bags, an unbelievable long-con against NASA employees, and some experts are expressing doubts about how game-changing Anthropic’s much touted Mythos will actually be, even calling it a “nothingburger”.
Headline NEWS:
- Google Chrome version 147 received an update to plug 19 vulnerabilities. This applies to Windows, Linux, and macOS. Two of the defects are classified as high-risk, involving use-after-free in DevTools, and in the GPU module. Expect other Chromium-based browsers to update soon since they share the same code base. Restarting your browsers weekly to check for updates is highly advised.
- Microsoft ASP.NET, .NET received an emergency update to version 10.0.7. This applies to Windows, Linux, and macOS. According to Microsoft, “An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.” The issue exists in NuGet packages version 10.0.0 through 10.0.6 and can enable a threat actor to elevate privilege by forging authentication cookies and more. Patch soon since many .NET items are public facing.
- Oracle unleashed, or rather announced, 450 vulnerabilities, some of which are critical, across 28 different product families. If you have an Oracle subscription, log in and check for updates for any of your products. If you don’t have a subscription, no patch for you. Oracle’s patches are behind a paywall.
In Ransomware, Malware, and Vulnerabilities News:
- NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software. In an espionage campaign that started in January 2017 and lasted nearly 5 years, Song Wu, a Chinese citizen, tricked dozens of researchers, engineers, and professors into corresponding with him, sharing sensitive defense information. Among those conned were NASA engineers who thought they were emailing with a colleague. Affected by this scam were NASA, the Air Force, Navy, Army, the FAA and more. Lots of very smart people were carefully targeted and fell victim. Ouch.
In Other News Events of Note and Interest:
- The Boy That Cried Mythos: Verification is Collapsing Trust in Anthropic. Davi Ottenheimer authored a very detailed article that rightly questions Anthropic’s claims of Mythos’ bug-finding capabilities. He dissected the 244-page Claude Mythos Preview document released by Anthropic that detailed how the AI functions, the testing, and capabilities. He found that only seven pages contain relevant information, and they do not paint the picture that is being publicly presented. Several other linked articles also call into question just how much of an advance Mythos is, and surmise that Anthropic may be propagating FUD (Fear Uncertainty and Doubt) to elevate their market position.
Musings
I’ve said this before, and it bears repeating. The internet is very much like an actual highway system. If you are going between major cities, most of the time traveling on it is uneventful and calm. But, depending on your destination, and others traveling the same lanes, your journey can easily become a much more harrowing one. Once you reach an off ramp to move into the neighborhood of your destination, things can get significantly more exciting. I recall fondly visiting a now defunct model hobby store in Miami, Florida. The trip there was a pleasant one. But once near the store, you made sure that your windows were up as you drove into the literally armed compound of a parking lot. Make sure you keep your Windows up… to-date that is, and pay attention to your surroundings. You don’t want to enter the armed compound of a threat actor posing as your favorite model boat store.
Keep the shields up!
Viscount Jan Broucinek
Red Dot Security News
Headline NEWS
- Chrome 147 update fixes two high-risk security vulnerabilities
- Microsoft releases emergency patches for critical ASP.NET flaw
- Microsoft .NET 10.0.7 Out-of-Band Security Update
- Microsoft issues emergency update for macOS and Linux ASP.NET threat
- Oracle Patches 450 Vulnerabilities With April 2026 Critical Patch Update
Ransomware, Malware, and Vulnerabilities News
- Good News, Government News, and Interesting
- Amazon’s Eero Exempted From FCC’s Foreign-Made Wi-Fi Router Ban
- FCC alters Wi-Fi router ban to include hotspots, pray it doesn’t alter the deal any further
- White House fraud crackdown sharpens focus on digital identity
- US Busts Myanmar Ring Targeting US Citizens in Financial Fraud
- US gets second Scattered Spider-linked guilty plea
- Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft
- Former ransomware negotiator pleads guilty to BlackCat attacks
- Vulnerabilities and Exploits
- New Windows RPC Vulnerability Lets Attackers Escalate Privileges Across All Windows Versions
- CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
- CISA flags new SD-WAN flaw as actively exploited in attacks
- CISA, NCSC issue Firestarter backdoor warning
- Firestarter malware survives Cisco firewall updates, security patches
- CISA orders feds to patch BlueHammer flaw exploited as zero-day
- Recent Microsoft Defender Vulnerability Exploited as Zero-Day
- Australia working with Anthropic over cybersecurity vulnerabilities
- Cyber-Attacks Surge 63% Annually in Education Sector
- Critical Spring Authorization Server Issue Exposes Systems to XSS and SSRF Attacks
- Brussels launched an age checking app. Hackers say it takes 2 minutes to break it.
- A 17-year-old Excel vulnerability is currently being exploited by threat actors
- Apple fixes bug that cops used to extract deleted chat messages from iPhones
- Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
- Thanks to Anthropic’s New AI Mythos You’re About to See a Lot of Security Updates. Don’t Ignore Them.
- Claude Opus wrote a Chrome exploit for $2,283
- Critical Anthropic’s MCP Vulnerability Enables Remote Code Execution Attacks
- Serial-to-IP Devices Hide Thousands of Old and New Bugs
- Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution
- The zero-days are numbered, by Mozilla
- Living off the Land attacks pose a pernicious threat for enterprises
- Iran alleges secret backdoors in US networking infrastructure
- Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
- New Mirai campaign exploits RCE flaw in EoL D-Link routers
- China-linked crews turn routers into covert attack proxies
- Most enterprises can’t stop stage-three AI agent threats, VentureBeat survey finds
- Hackers exploit file upload bug in Breeze Cache WordPress plugin
- Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks
- Phishing, Malware, and similar
- No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
- Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitation
- Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
- Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
- Microsoft: Teams increasingly abused in helpdesk impersonation attacks
- UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
- Gh0st RAT and CloverPlus Adware Delivered Together in New Dual-Payload Malware Campaign
- New GopherWhisper APT group abuses Outlook, Slack, Discord for comms
- NGate Android malware uses HandyPay NFC app to steal card data
- Hackers target US banking giants Frost Bank and Citizens Bank
- North Korea-Linked UNC1069 Uses Fake Zoom and Teams Meetings to Hack Crypto Professionals
- New GoGra malware for Linux uses Microsoft Graph API for comms
- New PureRAT Campaign Hides PE Payloads in PNG Files and Executes Them Filelessly
- Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
- Breaches, Leaks, and Ransomware
- Vercel confirms breach as hackers claim to be selling stolen data
- Vercel Breach Linked to Infostealer Infection at Context.ai
- Vercel Employee’s AI Tool Access Led to Data Breach
- North Korean hackers blamed for $290M crypto theft
- Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks
- Bitwarden CLI npm package compromised to steal developer credentials
- Trigona ransomware attacks use custom exfiltration tool to steal data
- Cosmetics giant Rituals confirms data breach of customer membership records
- Seiko USA website defaced as hacker claims customer data theft
- The Gentlemen ransomware now uses SystemBC for bot-powered attacks
- ‘The Gentlemen’ Rapidly Rises to Ransomware Prominence
- Over 200 Japanese firms paid ransomware attackers, 60% fail to recover data
- Adaptavist Group breach: Ransomware crew claims mega-haul
- Kyber ransomware gang toys with post-quantum encryption on Windows
- France confirms data breach at government agency that manages citizens’ IDs
- com breach gives scammers what they need to target guests
- Germany believes Russia responsible for global cyber campaign on Signal, WhatsApp, media reports
- 500k Biobank volunteers’ data listed for sale on Alibaba
- Cosmetic brand Rituals the latest company to report hack; Client data stolen
- Data Breaches at Healthcare Organizations in Illinois and Texas Affect 600,000
- Citizens Bank customers’ personal information compromised in data breach
- ADT confirms data breach after ShinyHunters leak threat
- NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
Other News Events of Note and Interest
- Prego Pivots From Budget-Tier Pasta Sauce to Small Microphones That Listen to Your Family’s Intimate Conversations
- Proxmox 9.1.8 Finally Rebalances HA Workloads Automatically
- Clarifying HEVC licensing fees, royalties, and why vendors kill HEVC support
- Firefox 150.0 is out with improved Split View, new features for PDF editor, and more
- Firefox’s New Boss Has a Very Old-School Plan: ‘Build a Better Browser’
- TP-Link Meets With FCC About Router Ban Exemption, Says It’s a ‘US Company’
- Linux 7.1 will have an optional new NTFS driver
- Panasonic creates device-locked QR codes for biometrics
- Rufus gets big update with silent Windows 11 installation, new bloat removal tools and more
- Quantum Computers Are Not a Threat to 128-bit Symmetric Keys
- ‘WhatsApp Plus’ subscription launching soon with new features
- Google Cloud customer wakes up to $18,000+ bill despite $7 budget, thanks to forgotten API key in published project
- NCSC: Passkeys now good enough to be the default standard
- AI, LLM’s, and Skynet
- Are the Costs of AI Agents Also Rising Exponentially?
- GitHub halts new Copilot signups amid soaring usage and rising costs
- Microsoft Moving All GitHub Copilot Subscribers To Token-Based Billing In June
- Schmoozebots: study finds flattery will get AI everywhere
- OpenAI announces GPT-5.5, its latest artificial intelligence model
- DeepSeek Unveils Newest Flagship AI Model a Year after Upending Silicon Valley
- Introducing OpenAI Privacy Filter
- NSA spies are reportedly using Anthropic’s Mythos, despite Pentagon feud
- Assessing Claude Mythos Preview’s cybersecurity capabilities
- Mythos can find the vulnerability. It can’t tell you what to do about it.
- The Boy That Cried Mythos: Verification is Collapsing Trust in Anthropic
- Anthropic Mythos shaping up as nothingburger
- Anthropic’s Claude Mythos Launch Is Built on Misinformation
- Sam Altman throws shade at Anthropic’s cyber model, Mythos: ‘fear-based marketing’
- Mythos access by Discord group reveals real danger of AI-powered hacking
- Anthropic bets on EPSS for the coming bug surge
- Managing AI agents and identity in a heightened risk environment
- Gemini Live gets a minimalist app redesign that lets you do more
- Google will invest as much as $40 billion in Anthropic
- Microsoft
- Windows PCs should no longer repeatedly restart or fail to install update with KB5091157
- April’s Windows 11 update is trapping some PCs in a boot loop
- Microsoft Teams and Outlook are getting significant changes soon
- Announcing Windows Admin Center: Virtualization Mode Public Preview 2
- New RDP Alert After April 2026 Security Update Warns of Unknown Connections
- Microsoft: Windows 11 KB5083769, KB5082052 updates causing Remote Desktop issues
- Microsoft officially says you don’t need extra antivirus on Windows 11
- Windows 11 April update now reveals if Secure Boot 2023 certificate is applied to your PC
- Microsoft traces Universal Print issues to Graph API code change
- Microsoft to roll out Entra passkeys on Windows in late April
- Microsoft now lets admins uninstall Copilot on enterprise devices
- Microsoft rolls out revamped Windows Insider Program
- Modernizing DNS Security for Exchange Online Mail Flow