UK Breaches Survey: AI Outpacing Security
The 2026 UK Government report reveals that while AI adoption is surging, only 25% of firms have implemented specific security protocols.
Intelligence Archives
NO_MATCHING_FILES_FOUND
Anthropic Mythos: The AI Red Teamer
Anthropic's latest model demonstrates an unprecedented ability to identify and exploit zero-day vulnerabilities at "industrial" speeds.
EtherRAT: Admin Tool Spoofing via GitHub
Threat actors are using SEO poisoning and "facade" repositories to distribute malicious installers disguised as common utilities like PsExec.
CISA Accelerates Zero Trust for OT
New guidance focuses on accelerating Zero Trust adoption in Operational Technology (OT) environments to protect critical infrastructure.
Critical Vulnerability: PicoClaw RCE
CVE-2026-6987 identifies a 9.8 severity command injection vulnerability in PicoClaw's Web Launcher Management Plane.
Cisco Catalyst SD-WAN Under Attack
CISA added three critical vulnerabilities in the Cisco Catalyst SD-WAN Manager to its Known Exploited Vulnerabilities catalog.
Oracle April CPU: 480+ Fixes
Oracle's massive quarterly update addresses over 480 security flaws across Communications, Fusion Middleware, and Java platforms.
Germany NIS2: The Compliance Gap
Reports show only one-third of German organizations met the March 6 registration deadline for NIS2 compliance.
Booking.com: High-Value Context Leak
A breach exposing travel dates has enabled a wave of highly believable follow-on phishing attacks against platform users.
Vercel: The OAuth Supply Chain Breach
A compromised third-party AI tool was used to hijack a Vercel employee's OAuth token, leading to internal lateral movement.
U.S. Cyber Strategy Shifts Posture
New strategy signals greater latitude for private-sector offensive operations to deter nation-state ransomware gangs.
Stryker: The Handala Wipe Attack
Handala utilized Microsoft Intune to wipe Windows-based devices at medical giant Stryker, causing widespread outages.
Navia: 2.7 Million Records Exposed
An exposed API vulnerability at Navia led to the theft of Social Security numbers and sensitive health plan information.
CarGurus: 12 Million Users Compromised
Online automotive marketplace confirmed a compromise involving customer account metadata and PII for over 12 million users.
University of Hawaiʻi Ransomware
A major ransomware event compromised personal data of 1.2 million individuals, including driver's licenses and SSNs.
LexisNexis: Reach2Shell Exploitation
Hackers successfully breached LexisNexis servers by exploiting an unpatched high-severity vulnerability to access contact data.
Star Citizen: CIG Data Disclosure
Cloud Imperium Games confirmed unauthorized parties accessed user account information, including names and birthdates.
AkzoNobel U.S. Site Targeted
Chemical giant AkzoNobel confirmed a cyberattack targeting its U.S. infrastructure, resulting in data exfiltration.
HungerRush Extortion Campaign
Threat actor mass-emailed restaurant patrons of HungerRush to demand extortion payments after a server compromise.
UMMC Recovery: Systems Online
University of Mississippi Medical Center reopened clinics following a month-long recovery from a severe ransomware attack.
