External News – Cyber Club @ UDM

Krebs On Security

‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
April 21, 2026
A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler […]
Patch Tuesday, April 2026 Edition
April 14, 2026
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day […]
Russia Hacked Routers to Steal Microsoft Office Tokens
April 7, 2026
Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security […]
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
April 6, 2026
An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a […]
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
March 23, 2026
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured […]
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
March 20, 2026
The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three […]

2026 Microsoft Vulnerabilities Report: Why Less Actually Means More Risk
April 21, 2026
In cybersecurity, we often look for comfort in the numbers. If total vulnerability counts are down, we assume the defense […]
Leadership in the Age of AI
April 20, 2026
Last week, I posted an article about how AI makes us more efficient but actually makes us work more.
The NVD Course Correction: Navigating NIST’s Strategic Pivot for 2026
April 17, 2026
For the better part of the last two years, the cybersecurity community has watched the National Vulnerability Database (NVD) with […]
OpenAI Launches GPT-5.4-Cyber, Expands Trusted Access Program as AI Defense Race Heats Up
April 16, 2026
One week after Anthropic unveiled its Mythos frontier model — deployed in a controlled manner through Project Glasswing — OpenAI […]
Anthropic's Claude Mythos Signals a New Era in AI-Powered Cybersecurity—and a Race No One Is Ready For
April 16, 2026
On March 26, 2026, a routine configuration error at Anthropic inadvertently left thousands of unpublished internal assets publicly accessible on […]
ZionSiphon: The Prototype for the Next Generation of OT Warfare
April 16, 2026
As geopolitical tensions between the U.S., Israel, and Iran continue to simmer, the cybersecurity front has often been characterized by […]

Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
April 21, 2026
The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware […]
Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool
April 21, 2026
The prompt injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox […]
Chinese APT Targets Indian Banks, Korean Policy Circles
April 21, 2026
China is spying on India's financial sector, for some reason, and it's not putting much effort into it, judging by […]
Vercel Employee's AI Tool Access Led to Data Breach
April 20, 2026
Stolen OAuth tokens, which are at the root of these breaches, "are the new attack surface, the new lateral movement," […]
Serial-to-IP Devices Hide Thousands of Old & New Bugs
April 20, 2026
The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers […]
WhatsApp Leaks User Metadata to Attackers
April 20, 2026
Strangers can infer limited info about you without knowing or messaging you, which could theoretically aid certain kinds of malicious […]