Latest Internet & Cybersecurity News
Russian GRU APT28 Exploits Routers for DNS Hijacking
Russian General Staff Main Intelligence Directorate (GRU) cyber actors are exploiting vulnerable routers worldwide to intercept sensitive military data. The UK NCSC released an advisory on two clusters of APT28 activity, urging device manufacturers to implement protective monitoring. This highlights ongoing operational debt in network devices.
Iranian APT Targets US Critical Infrastructure PLCs
Iran-affiliated actors are exploiting Rockwell Automation/Allen-Bradley PLCs in US sectors, causing disruptions via HMI and SCADA manipulation. A joint alert from FBI, CISA, NSA, EPA, DOE, and USCYBERCOM warns of operational and financial losses. Activity focuses on internet-facing OT devices.
North Korean Lazarus Group Behind Drift and Axios Attacks
North Korean hackers linked to Lazarus Group executed the recent Drift attack, matching the 2024 Radiant Capital breach actor. Chinese 360 Threat Intelligence connects Axios supply chain intrusion to Lazarus via code overlaps and RustBucket malware. Further clues point directly to this group.
Anthropic Launches Project Glasswing with Mythos AI
Anthropic's Project Glasswing unites AWS, Apple, Google, JPMorgan, and others to use Claude Mythos Preview for defensive vulnerability hunting. The AI has found thousands of high-severity flaws in major OS and browsers. Up to $100M in credits support securing critical software against AI threats.
Wall Street Banks Test Anthropic Mythos for Cyber Defense
Goldman Sachs, Citigroup, Bank of America, Morgan Stanley, and JPMorgan test Mythos to detect AI-powered financial threats preemptively. Urged by Trump admin and regulators like Treasury and Fed amid systemic risks. Mythos chains vulnerabilities autonomously, marking a cybersecurity turning point.
Zephr Energy Loses $1M in Cyber Payment Rerouting Attack
Zephr Energy suffered a cyber hit rerouting contractor payments, resulting in nearly $1 million US loss. Reported in Cybercrime Wire update for April 11-12. Highlights risks to energy sector financial operations.
Eurail Data Breach Leaks 300,000+ Passport Numbers
Passport numbers for over 300,000 individuals exposed in Eurail data breach. Covered in latest Cybercrime Wire weekend roundup. Raises privacy concerns for travelers across Europe.
Hacker Breaches Chinese Supercomputer, Sells Stolen Data
A hacker allegedly breached one of China's supercomputers and is attempting to sell the trove of stolen data. CNN reports this in Cybercrime Wire for April 11-12. Potential national security implications for sensitive research data.
Massachusetts Hospital Cyber Attack Cancels Services
A hospital in southeastern Massachusetts hit by cyber attack, leading to service cancellations and ambulance diversions. News7 Boston coverage in Cybercrime Wire update. Underscores healthcare vulnerabilities to ransomware-like disruptions.
Hims & Hers Telehealth Giant Announces Data Breach
Telehealth provider Hims and Hers disclosed a data breach, as reported by HIPAA Journal. Featured in Cybercrime Wire for April 11-12. Impacts patient privacy in growing digital health sector.
April 2026 Cybersecurity Rewind: AI Malware and Zero-Days
Comprehensive recap of April 1-12 events includes AI-powered malware, supply-chain exploits, and critical zero-days in GitHub Copilot. Covers global threats from Week 1 and 2.