Telstra, Optus, TPG say UOMO devised with unrealistic expectations
Telstra, Optus and TPG have told parliament that the federal government’s new universal mobile service obligation (UOMO) bill is built on unrealistic expectations about the…
Month: April 2026
Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities
The US cybersecurity agency CISA on Monday expanded its Known Exploited Vulnerabilities (KEV) catalog with eight more flaws, including three that have not previously been…
The US NSA is using Anthropic’s Claude Mythos despite supply chain risk
The US NSA is using Anthropic’s Claude Mythos despite supply chain risk Pierluigi Paganini April 21, 2026 Axios reports the National Security Agency uses Anthropic Mythos model…
Mythos can find the vulnerability. It can’t tell you what to do about it.
Mythos matters. It is a significant step forward in AI-assisted vulnerability discovery. But it does not mean cybersecurity changed overnight, nor does it mean enterprises…
ESET Threat Report H2 2025
A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts 16…
Why identity is the driving force behind digital transformation
Development Testing Staging Performance testing For all these environments, we’ve got different teams working simultaneously on the same software. For example, when development teams are…
Attacking MSSQL Servers | Huntress
Ever since the SQL Slammer worm of 2003, and even before then, MSSQL database servers exposed to the Internet with default configurations have been targeted,…
NGate Android malware uses HandyPay NFC app to steal card data
A new variant of the NGate malware that steals NFC payment data is targeting Android users by hiding in a trojanized version of HandyPay, a…
Claude Code, Gemini CLI, and GitHub Copilot Vulnerable to Prompt Injection via GitHub Comments
A critical cross-vendor vulnerability class dubbed “Comment and Control” is a new category of prompt injection attacks that weaponizes GitHub pull request titles, issue bodies, and issue…
GitHub Issue Alerts Exploited in OAuth Phishing Scam Targeting Developers
Hackers are abusing GitHub’s own issue-notification emails to phish developers and silently take over their repositories using malicious OAuth applications, effectively turning trusted DevOps tooling…
52M-Download protobuf.js Library Hit by RCE in Schema Handling
Cybersecurity team at Endor Labs has identified a critical remote code execution (RCE) vulnerability in protobuf.js, a JavaScript library downloaded nearly 52 million times per…
Researchers build an encrypted routing layer for private AI inference
Organizations in healthcare, finance, and other sensitive industries want to use large AI models without exposing private data to the cloud servers running those models.…