Latest Internet & Cybersecurity News
AI Attack Trends Reshape Cybersecurity at RSAC 2026
RSAC 2026 highlighted autonomous AI threats and agentic defense as critical emerging challenges, with LLM and generative AI protection becoming the top security priority for enterprises. AI agent adoption is moving faster than organizations can control it, requiring deeper layers of lateral defense and AI-powered mitigation at machine speed.
Quantum Computing Threat Could Collapse Global Cybersecurity Before 2030
New research from Oratomic and Google reveals quantum computers could crack encryption standards like P-256 with as few as 10,000 qubits, far fewer than previously estimated. Google warned of a potential 'quantum apocalypse' by 2029, with governments, financial institutions, and tech companies unknowingly vulnerable to imminent cybersecurity collapse.
AI-Powered Phishing Campaign Compromises 344 Organizations
An AI-powered phishing campaign has compromised hundreds of organizations across construction, law, healthcare, and government sectors by exploiting Microsoft cloud accounts using OAuth tokens. The campaign demonstrates how artificial intelligence is being weaponized to scale social engineering attacks across multiple industries.
Casbaneiro Banking Trojan Targets Latin America and Europe
A sophisticated phishing campaign is targeting Spanish-speaking users in Latin America and Europe, delivering banking trojans like Casbaneiro and Horabot through dynamic PDF lures and WhatsApp automation. The campaign employs ClickFix social engineering tactics to maximize infection rates.
Drift Protocol Suffers Massive Cryptocurrency Heist
Drift Protocol, a decentralized finance platform, suspended services after a significant cyberattack resulting in the theft of hundreds of millions of dollars in cryptocurrency. The incident highlights ongoing vulnerabilities in blockchain-based financial systems.
PyPI Supply Chain Attack Targets Telnyx Python SDK
The Telnyx Python SDK on PyPI was compromised by TeamPCP, a group linked to the Trivy supply-chain attack, with malicious package versions 4.87.1 and 4.87.2 containing multi-stage infostealers. This represents the latest in a series of Python package repository compromises.
Critical strongSwan VPN Vulnerability Enables Denial of Service
CVE-2026-25075, a critical 15-year-old flaw in strongSwan's EAP-TTLS plugin affecting versions 4.5.0 to 6.0.4, allows attackers to crash VPN services through integer underflow and cause massive memory corruption. The vulnerability poses significant risk to organizations relying on strongSwan for secure communications.
Ransomware Group Claims Attack on City of Meriden, Connecticut
A ransomware group claimed responsibility for a cyberattack on Meriden, CT, with services still being restored over a month after the February 17 incident. The attack demonstrates the ongoing vulnerability of municipal infrastructure to organized cybercriminals.
Axios Maintainer Confirms Social Engineering Attack via Fake Teams Update
The Axios maintainer's post mortem revealed UNC1069 successfully exploited social engineering by distributing a remote access trojan disguised as a Teams update. This incident underscores how threat actors target open-source project maintainers to achieve supply chain compromise.
Citrix NetScaler ADC Bug Added to CISA Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency added a Citrix NetScaler ADC bug to its list of known exploited vulnerabilities, giving federal agencies until April 2, 2026, to apply patches. The urgent deadline reflects the critical severity of the vulnerability across government infrastructure.
Passwordless Authentication and Non-Human Identity Security Gain Industry Traction
RSAC 2026 discussions highlighted advancements in passwordless authentication, browser security, non-human identity (NHI) security, and privileged account management as organizations seek to modernize legacy authentication approaches. The conference emphasized the need for zero-standing privilege and shadow agent monitoring in enterprise environments.
Cyber Resilience Becomes Governance Imperative Amid Regulatory Pressure
Cybersecurity in 2026 is increasingly being shaped by regulatory expectations beyond traditional ransomware and zero-day exploits, making cyber resilience a board-level governance priority. The shift reflects evolving compliance requirements and organizational accountability for security posture across industries.