European Commission Cloud Breach Exposes Data From 30 EU Entities
The European Commission's AWS cloud environment was compromised on March 10 through a stolen API key obtained from the Trivy supply-chain attack, with the intrusion going undetected for five days.
CERT-EU attributed the breach to the TeamPCP threat group, which deployed TruffleHog to scan for additional credentials and created new access keys to evade detection.
The exfiltrated 90GB dataset contained names, email addresses, email content, and approximately 51,992 email-related files from up to 71 clients, including 42 internal European Commission clients and at least 29 other EU entities.
ShinyHunters subsequently published the stolen data on March 28, significantly escalating the impact of the breach.
@Cyber_Security_Channel
The European Commission's AWS cloud environment was compromised on March 10 through a stolen API key obtained from the Trivy supply-chain attack, with the intrusion going undetected for five days.
CERT-EU attributed the breach to the TeamPCP threat group, which deployed TruffleHog to scan for additional credentials and created new access keys to evade detection.
The exfiltrated 90GB dataset contained names, email addresses, email content, and approximately 51,992 email-related files from up to 71 clients, including 42 internal European Commission clients and at least 29 other EU entities.
ShinyHunters subsequently published the stolen data on March 28, significantly escalating the impact of the breach.
@Cyber_Security_Channel
BleepingComputer
CERT-EU: European Commission hack exposes data of 30 EU entities
The European Union's Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other Union entities.
❤5🙈2👍1👏1
LinkedIn Scanning Your Files? The Viral Claim That Has Everyone Talking
Rumors swirl that LinkedIn secretly scans your computer via Chrome-based browsers.
While widely shared, LinkedIn and Microsoft deny it, and no proof has surfaced. Stay informed, stay skeptical.
@Cyber_Security_Channel
Rumors swirl that LinkedIn secretly scans your computer via Chrome-based browsers.
While widely shared, LinkedIn and Microsoft deny it, and no proof has surfaced. Stay informed, stay skeptical.
@Cyber_Security_Channel
BleepingComputer
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed extensions and collect device data.
👍8🔥3
AI-Powered Discovery: 23-Year-Old Linux Kernel Vulnerability Exposed by Claude Code
The flaw permits unprivileged users to potentially escalate permissions through a specific sequence of system calls, compromising kernel-level security controls.
Following responsible disclosure, Linux maintainers confirmed the issue, assigned a CVE identifier, and deployed patches in subsequent kernel updates to mitigate the risk.
@Cyber_Security_Channel
The flaw permits unprivileged users to potentially escalate permissions through a specific sequence of system calls, compromising kernel-level security controls.
Following responsible disclosure, Linux maintainers confirmed the issue, assigned a CVE identifier, and deployed patches in subsequent kernel updates to mitigate the risk.
@Cyber_Security_Channel
mtlynch.io
Claude Code Found a Linux Vulnerability Hidden for 23 Years
Claude Code has gotten extremely good at finding security vulnerabilities, and this is only the beginning.
❤3👍3
Mercor-LiteLLM Cyberattack Report
This is a pretty significant supply-chain incident for the AI space.
The fact that Lapsus$ is back and claiming terabytes of data while Mercor says they contained it creates some tension in the narrative.
Worth keeping an eye on how this unfolds for other LiteLLM users.
@Cyber_Security_Channel
This is a pretty significant supply-chain incident for the AI space.
The fact that Lapsus$ is back and claiming terabytes of data while Mercor says they contained it creates some tension in the narrative.
Worth keeping an eye on how this unfolds for other LiteLLM users.
@Cyber_Security_Channel
TechCrunch
Mercor says it was hit by cyberattack tied to compromise of open source LiteLLM project | TechCrunch
The AI recruiting startup confirmed a security incident after an extortion hacking crew took credit for stealing data from the company's systems.
❤10
GPUBreach Exploit: How Hackers Can Hijack Your System Using Just a GPU
New research reveals the GPUBreach attack, which exploits GPU memory (Rowhammer) to escalate privileges and fully compromise systems – affecting major vendors like NVIDIA, AMD, and Qualcomm.
@Cyber_Security_Channel
New research reveals the GPUBreach attack, which exploits GPU memory (Rowhammer) to escalate privileges and fully compromise systems – affecting major vendors like NVIDIA, AMD, and Qualcomm.
@Cyber_Security_Channel
BleepingComputer
New GPUBreach attack enables system takeover via GPU rowhammer
A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise.
🔥5👍4❤3
Join the Webinar: Web, Mobile & Cloud Penetration Testing in 2026. Best Practices to enhance your ImmuniWeb® AI Platform skills, earn CPE credits, and become ImmuniWeb® Certified Professional.
✔️ Key Insights:
• Pitfalls & best practices
• Legal & regulatory landscape
• Risks & benefits of automated pen-testing
• Testing LLMs and AI-powered applications for vulnerabilities
• OWASP Top 10 for LLM: who pays for AI failures
• Red teaming, continuous breach & attack simulation (CBAS)
• Leveraging MITRE ATT&CK Matrix for pen-testing
• Continuous vs one-time pen-testing
• External vs in-house pen-testing
• ImmuniWeb pen-testing products
Date & Time: April 23 at 10am and 5pm CEST
Host: Dr. Ilia Kolochenko, CEO & Chief Architect at ImmuniWeb, Attorney-at-Law.
✅ Register Now:
Session 1 – April 23, 2026 – Geneva 10am | Dubai 1pm | Singapore 5pm
👉 Click here.
Session 2 – April 23, 2026 – Geneva 5pm | New York 11am | California 8am
👉 Click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
✔️ Key Insights:
• Pitfalls & best practices
• Legal & regulatory landscape
• Risks & benefits of automated pen-testing
• Testing LLMs and AI-powered applications for vulnerabilities
• OWASP Top 10 for LLM: who pays for AI failures
• Red teaming, continuous breach & attack simulation (CBAS)
• Leveraging MITRE ATT&CK Matrix for pen-testing
• Continuous vs one-time pen-testing
• External vs in-house pen-testing
• ImmuniWeb pen-testing products
Date & Time: April 23 at 10am and 5pm CEST
Host: Dr. Ilia Kolochenko, CEO & Chief Architect at ImmuniWeb, Attorney-at-Law.
✅ Register Now:
Session 1 – April 23, 2026 – Geneva 10am | Dubai 1pm | Singapore 5pm
👉 Click here.
Session 2 – April 23, 2026 – Geneva 5pm | New York 11am | California 8am
👉 Click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
❤3🔥2👍1
Operation PowerOFF Seizes 53 DDoS-for-Hire Domains in 21-Country Crackdown
A massive international law enforcement operation has dismantled 53 DDoS-for-hire domains in a coordinated takedown spanning 21 countries.
Four individuals were arrested, and authorities exposed over three million criminal accounts tied to the seized services.
The booter and stresser platforms had enabled an estimated 75,000 cybercriminals worldwide to launch on-demand DDoS attacks against websites and critical online infrastructure.
The operation targets a market that has dramatically lowered the barrier to cyberattacks, allowing even unskilled actors to disrupt major organizations at minimal cost.
The seizures were formally announced alongside warnings that additional criminal actors remain under active investigation.
@Cyber_Security_Channel
A massive international law enforcement operation has dismantled 53 DDoS-for-hire domains in a coordinated takedown spanning 21 countries.
Four individuals were arrested, and authorities exposed over three million criminal accounts tied to the seized services.
The booter and stresser platforms had enabled an estimated 75,000 cybercriminals worldwide to launch on-demand DDoS attacks against websites and critical online infrastructure.
The operation targets a market that has dramatically lowered the barrier to cyberattacks, allowing even unskilled actors to disrupt major organizations at minimal cost.
The seizures were formally announced alongside warnings that additional criminal actors remain under active investigation.
@Cyber_Security_Channel
SecurityWeek
53 DDoS Domains Taken Down by Law Enforcement
Authorities in 21 countries participated in a coordinated action against DDoS-for-hire services.
👍3😁2
US Nationals Sentenced for Running North Korean IT Worker Infiltration Scheme
Two New Jersey residents, Kejia Wang and Zhenxing Wang, have been sentenced to 9 years and 92 months respectively for operating a massive scheme that placed North Korean operatives inside American companies.
The pair ran shell companies — Hopana Tech, Tony WKJ, and Independent Lab — and maintained domestic laptop farms to help DPRK operatives secure remote jobs under stolen identities of at least 80 US residents.
The scheme infiltrated more than 100 US companies across 27 states and Washington D.C., including multiple Fortune 500 firms, funneling over $5 million in illicit revenue to North Korea between 2021 and October 2024.
Affected companies incurred over $3 million in remediation and legal costs, and the two defendants were ordered to forfeit a combined $600,000.
The sentencing details were reported by CyberScoop.
@Cyber_Security_Channel
Two New Jersey residents, Kejia Wang and Zhenxing Wang, have been sentenced to 9 years and 92 months respectively for operating a massive scheme that placed North Korean operatives inside American companies.
The pair ran shell companies — Hopana Tech, Tony WKJ, and Independent Lab — and maintained domestic laptop farms to help DPRK operatives secure remote jobs under stolen identities of at least 80 US residents.
The scheme infiltrated more than 100 US companies across 27 states and Washington D.C., including multiple Fortune 500 firms, funneling over $5 million in illicit revenue to North Korea between 2021 and October 2024.
Affected companies incurred over $3 million in remediation and legal costs, and the two defendants were ordered to forfeit a combined $600,000.
The sentencing details were reported by CyberScoop.
@Cyber_Security_Channel
CyberScoop
US nationals sentenced for aiding North Korea’s tech worker scheme
Kejia Wang and Zhenxing Wang established shell companies and hosted laptop farms to help operatives obtain jobs at more than 100 U.S. companies.
❤2👍2🤨2
Slack Scam Alert: Fake Linux Foundation Leader Tricks Devs into Handing Over Secrets
Attackers impersonated a Linux Foundation leader on Slack, tricking developers into clicking a phishing link and installing a fake root certificate to steal credentials and intercept encrypted traffic.
This was trending last week, in case you missed it.
@Cyber_Security_Channel
Attackers impersonated a Linux Foundation leader on Slack, tricking developers into clicking a phishing link and installing a fake root certificate to steal credentials and intercept encrypted traffic.
This was trending last week, in case you missed it.
@Cyber_Security_Channel
theregister
Fake Linux Foundation leader using Slack to phish devs
: Google Sites lure leads to bogus root certificate
👍3
⚠️ Is Your SOC Chasing Metrics or Actually Stopping Attackers?
A clean dashboard often hides messy workflows and gaps you didn't know you had.
If you’re only looking at incident counts, you’re missing the blind spots where real risks stay hidden.
Expose what your metrics miss and speed up decisions with evidence-driven analysis.
👉 See how ANY.RUN fits your SOC
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
A clean dashboard often hides messy workflows and gaps you didn't know you had.
If you’re only looking at incident counts, you’re missing the blind spots where real risks stay hidden.
Expose what your metrics miss and speed up decisions with evidence-driven analysis.
👉 See how ANY.RUN fits your SOC
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
❤7👍4
Unauthorized Users Breached Anthropic's Claude Mythos Security Model for Two Weeks
A small group of unauthorized users quietly accessed Anthropic's Claude Mythos model — a restricted AI tool limited to vetted partners and purpose-built to identify software vulnerabilities.
According to a Bloomberg report, the group has been regularly querying the model since roughly the same day Anthropic announced the program about two weeks ago, operating out of a private Discord channel dedicated to hunting unreleased models.
The attackers combined several techniques: leveraging employee access at a third-party Anthropic contractor, using open-source intelligence tools familiar to security researchers, and running automated bots to scrape GitHub and other unsecured sites for credentials and endpoints.
Anthropic confirmed it is investigating the report, stating the unauthorized access appears to have come through one of its third-party vendor environments.
The incident highlights the difficulty of gatekeeping access even to security-focused frontier models before general availability — and raises concerns about a model explicitly trained to find software flaws falling into unvetted hands.
@Cyber_Security_Channel
A small group of unauthorized users quietly accessed Anthropic's Claude Mythos model — a restricted AI tool limited to vetted partners and purpose-built to identify software vulnerabilities.
According to a Bloomberg report, the group has been regularly querying the model since roughly the same day Anthropic announced the program about two weeks ago, operating out of a private Discord channel dedicated to hunting unreleased models.
The attackers combined several techniques: leveraging employee access at a third-party Anthropic contractor, using open-source intelligence tools familiar to security researchers, and running automated bots to scrape GitHub and other unsecured sites for credentials and endpoints.
Anthropic confirmed it is investigating the report, stating the unauthorized access appears to have come through one of its third-party vendor environments.
The incident highlights the difficulty of gatekeeping access even to security-focused frontier models before general availability — and raises concerns about a model explicitly trained to find software flaws falling into unvetted hands.
@Cyber_Security_Channel
N2K CyberWire
Unauthorized users gain access to Anthropic's Mythos model.
Mustang Panda targets India's financial sector. Business news: Artemis emerges from stealth with $70 million.
🤣7❤4🔥3👍1
GPUBreach Exploit: How Hackers Can Hijack Your System Using Just a GPU
New research reveals the GPUBreach attack, which exploits GPU memory (Rowhammer) to escalate privileges and fully compromise systems — affecting major vendors like NVIDIA, AMD, and Qualcomm.
@Cyber_Security_Channel
New research reveals the GPUBreach attack, which exploits GPU memory (Rowhammer) to escalate privileges and fully compromise systems — affecting major vendors like NVIDIA, AMD, and Qualcomm.
@Cyber_Security_Channel
BleepingComputer
New GPUBreach attack enables system takeover via GPU rowhammer
A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise.
❤6👍5
Why U.S. Critical Infrastructure Is the Highest-Value Target in the Global Cyber War
This surge is directly tied to rising cybersecurity threats to the US critical infrastructure.
Attackers are no longer experimenting; they are executing repeatable, scalable campaigns designed to disrupt essential services.
Cyber_Security_Channel
This surge is directly tied to rising cybersecurity threats to the US critical infrastructure.
Attackers are no longer experimenting; they are executing repeatable, scalable campaigns designed to disrupt essential services.
Cyber_Security_Channel
Cyble
USA Critical Infrastructure Cyberattack Threats In 2026
Explore how a critical infrastructure cyberattack and rising nation-state threats are reshaping US cybersecurity risks in 2026.
❤4
Cloudflare Races to Beat Quantum Threats: Full Post-Quantum Security by 2029
Cloudflare accelerates its post-quantum security roadmap, aiming for full protection, including authentication, across all services by 2029 as quantum computing threats loom closer than expected.
@Cyber_Security_Channel
Cloudflare accelerates its post-quantum security roadmap, aiming for full protection, including authentication, across all services by 2029 as quantum computing threats loom closer than expected.
@Cyber_Security_Channel
The Cloudflare Blog
Cloudflare targets 2029 for full post-quantum security
Recent advances in quantum hardware and software have accelerated the timeline on which quantum attack might happen. Cloudflare is responding by moving our target for full post-quantum security to 2029.
❤3👍3
Zero-Day Alert: Adobe Reader Under Siege by Malicious PDFs Data Theft & RCE Risks Exposed!
Attackers have been exploiting an unpatched Adobe Reader zero-day via malicious PDFs since December 2025, enabling data theft and potential remote code execution even on updated systems. Users are urged to avoid untrusted files until a patch is released.
@Cyber_Security_Channel
Attackers have been exploiting an unpatched Adobe Reader zero-day via malicious PDFs since December 2025, enabling data theft and potential remote code execution even on updated systems. Users are urged to avoid untrusted files until a patch is released.
@Cyber_Security_Channel
Cyber Security News
Hackers Target Adobe Reader Users with Sophisticated Zero-Day Exploit
Security researchers warn that simply opening a booby‑trapped document is enough to trigger the attack on fully up‑to‑date installations of Adobe Reader.
❤3
Cisco Releases Open Source Tool for AI Model Provenance
The new Model Provenance Kit from Cisco, a Python-based toolkit and command-line interface (CLI), aims to address these issues by generating a ‘fingerprint’ for each model based on “metadata signals, tokenizer similarity, and weight-level identity signals such as embedding geometry, normalization layers, energy profiles, and direct weight comparisons”.
Cyber_Security_Channel
The new Model Provenance Kit from Cisco, a Python-based toolkit and command-line interface (CLI), aims to address these issues by generating a ‘fingerprint’ for each model based on “metadata signals, tokenizer similarity, and weight-level identity signals such as embedding geometry, normalization layers, energy profiles, and direct weight comparisons”.
Cyber_Security_Channel
SecurityWeek
Cisco Releases Open Source Tool for AI Model Provenance
The new kit aims to address risks related to poisoned models, regulatory issues, supply chain integrity, and incident response.
❤2👍2
🚨 Lazarus APT is Running An Active Campaign
They are using fake meetings to gain full access to corporate systems, credentials, and sensitive data.
• Who is at risk: Fintech, crypto, and high-value environments where macOS is widely used by developers, executives, and decision-makers.
• Why this is hard to detect: The attack relies on social engineering and native macOS binaries, reducing visibility for traditional EDR tools.
• How SOCs should respond: Identify credential exposure early by introducing @anyrun_app’s cross-platform analysis capabilities during triage that offers a 36% higher detection rate.
→ Read the breakdown and get key defense steps: available here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
They are using fake meetings to gain full access to corporate systems, credentials, and sensitive data.
• Who is at risk: Fintech, crypto, and high-value environments where macOS is widely used by developers, executives, and decision-makers.
• Why this is hard to detect: The attack relies on social engineering and native macOS binaries, reducing visibility for traditional EDR tools.
• How SOCs should respond: Identify credential exposure early by introducing @anyrun_app’s cross-platform analysis capabilities during triage that offers a 36% higher detection rate.
→ Read the breakdown and get key defense steps: available here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
🔥9❤6👍4
EU’s Age Verification App Cracked in 2 Minutes: Security Expert Exposes Fatal Flaws
Security researcher Paul Moore bypassed the EU’s new age verification app in under two minutes by editing a config file, exposing critical design flaws and weak local data storage.
@Cyber_Security_Channel
Security researcher Paul Moore bypassed the EU’s new age verification app in under two minutes by editing a config file, exposing critical design flaws and weak local data storage.
@Cyber_Security_Channel
Cyber Security News
EU’s New Age Verification App Can Be Hacked Within 2 Minutes, Researchers Claim
The European Commission's newly launched Digital Age Verification App, unveiled on April 14, 2026, to protect minors from harmful online content, has already been compromised, with UK-based security consultant Paul Moore demonstrating a full authentication…
👍5
Hackers Breach Canvas Learning Platform, Exposing Data on Millions of Students and Teachers
A cybersecurity attack on the nation's most widely used classroom software has potentially exposed the personal data of millions of students and educators across the country.
Instructure, the company that runs the Canvas learning management system used by more than 7,000 universities, K-12 districts and education ministries worldwide, disclosed the breach to affected institutions this week.
The company confirmed names, email addresses, student ID numbers and private messages between users had been accessed before the breach was contained.
ShinyHunters warned that a failure to pay could result in the release of "several billions of private messages among students and teachers."
A ransom message on the platform appears to give Infrastructure until May 12 to respond and "negotiate a settlement" before the hackers leak information.
@Cyber_Security_Channel
A cybersecurity attack on the nation's most widely used classroom software has potentially exposed the personal data of millions of students and educators across the country.
Instructure, the company that runs the Canvas learning management system used by more than 7,000 universities, K-12 districts and education ministries worldwide, disclosed the breach to affected institutions this week.
The company confirmed names, email addresses, student ID numbers and private messages between users had been accessed before the breach was contained.
ShinyHunters warned that a failure to pay could result in the release of "several billions of private messages among students and teachers."
A ransom message on the platform appears to give Infrastructure until May 12 to respond and "negotiate a settlement" before the hackers leak information.
@Cyber_Security_Channel
The Conversation
Hackers just stole data from 9,000 schools and unis around the world. How can we protect student privacy?
A US-based education tech provider announced a cybersecurity incident affecting its Canvas platform – used by institutions around the world, including Australia.
👍2⚡1👎1
AI Titans Unite: Project Glasswing Deploys Frontier AI to Hunt Down Zero-Days in Critical Software
Project Glasswing, backed by tech giants and powered by Anthropic’s Claude Mythos Preview, uses AI to uncover and patch thousands of zero-day vulnerabilities in critical software, giving defenders the edge in the AI-driven cybersecurity era.
@Cyber_Security_Channel
Project Glasswing, backed by tech giants and powered by Anthropic’s Claude Mythos Preview, uses AI to uncover and patch thousands of zero-day vulnerabilities in critical software, giving defenders the edge in the AI-driven cybersecurity era.
@Cyber_Security_Channel
Anthropic
Project Glasswing: Securing critical software for the AI era
A new initiative to secure the world’s most critical software and give defenders a durable advantage in the coming AI-driven era of cybersecurity.
💩5👎2👍1