April 2026

CPUID site hijacked to serve malware instead of HWMonitor downloads

Six-hour breach turned trusted links into a coin toss between legit tools and credential stealers Visitors to the CPUID website were briefly exposed to malware this week after attackers hijacked part of its backend, turning trusted download links into a delivery mechanism for something far less welcome.…

Project Glasswing and open source software: The good, the bad, and the ugly

Just what FOSS developers need – a flood of AI-discovered vulnerabilities Opinion  Anthropic describes Project Glasswing as a coalition of tech giants committing $100 million in AI resources to hunt down and fix long-hidden vulnerabilities in critical open source software that it's finding with its new Mythos AI…

Britain seeks views before it drops the hammer on signal jammers

Four-week call for evidence intended to help shape laws aimed at devices linked to crime The UK government is seeking views on radiofrequency jammers as it prepares legislation to ban the controversial devices.…

Unpacking AI security in 2026 from experimentation to the agentic era

Cut through the noise and understand the real risks, responsibilities, and responses shaping enterprise AI today. Webinar Promo  2025 was the year of AI experimentation. In 2026, the bills are coming due. AI adoption has moved from isolated pilots to autonomous, enterprise wide deployment, bringing with it a…

Crypto? Huh. Good gawd y’all, what is it good for? $45M in this case

Cops bust latest scam, return $12m to bilked victims US, UK, and Canadian law enforcement Thursday said that they disrupted a $45 million global cryptocurrency scam, freezing $12 million in stolen funds and identifying more than 20,000 cryptocurrency wallet addresses linked to fraud victims across 30 countries.…

‘Several dozen’ high-value corporations hit by new extortion crew in helpdesk phishing spree

Possible link to Mr. Raccoon's claimed Adobe break-in A new extortion crew has targeted “several dozen high-value” corporations through phishing and helpdesk social-engineering, according to Google.…

Chevin pulls the handbrake on FleetWave software after security scare

UK and US customers stuck waiting after fleet management SaaS vendor took affected environments offline A cybersecurity incident has knocked FleetWave into a "major outage" across the UK and US after Chevin Fleet Solutions pulled parts of its SaaS platform offline and left customers scrambling for answers.…

Months-old Adobe Reader zero-day uses PDFs to size up targets

Malicious PDFs abuse legit features to harvest system data and decide which victims get a 2nd-stage payload Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets and decide who's worth fully compromising.…

Microsoft locks out VeraCrypt and WireGuard devs, blames verification process

No emails, no warnings, no humans – just bots, catch-22s, and a 60-day appeals queue Microsoft says that it will work on how it communicates with developers after two leading open source figures were suddenly locked out of their accounts, leaving them unable to sign updates.…

Security researchers tricked Apple Intelligence into cursing at users. It could have been a lot worse

Wash your mouth out with digital soap Apple Intelligence, the personal AI system integrated into newer Macs, iPhones, and other iThings, can be hijacked using prompt injection, forcing the model into producing an attacker-controlled result and putting millions of users at risk, researchers have shown.…

Copyright © 2026 Lugapel