Latest Internet & Cybersecurity News
China-Linked Hackers Target Asian Governments and NATO Member
Cybersecurity researchers disclosed a China-aligned espionage campaign by SHADOW-EARTH-053 targeting government and defense sectors in South, East, Southeast Asia, and Poland. The group exploits N-day vulnerabilities in Microsoft Exchange and IIS servers, deploying web shells and ShadowPad implants.
Targets include Pakistan, Thailand, Malaysia, India, Myanmar, Sri Lanka, and Taiwan.
US Lawmakers Launch Inquiry into PRC-Origin AI Cybersecurity Risks
The US House Committee on Homeland Security and Select Committee on China investigate risks from Chinese AI models like DeepSeek, Alibaba, and Moonshot AI in critical infrastructure. Concerns include unauthorized distillation of US AI capabilities and lack of safety controls.
They requested records from Anysphere on ties to Chinese firms, due May 13, 2026.
US Officials Consider Shorter Deadlines for Fixing Critical Digital Flaws
US cybersecurity officials, including CISA's acting chief and national cyber director, discuss cutting deadlines for patching government IT flaws due to AI-powered hacking tools like Anthropic’s Mythos. Proposals aim to counter faster exploitation by hackers using AI.
No final decision has been confirmed.
Sharp Rise in Credential-Based Attacks on Entertainment Industry in 2026
The Motion Picture Association’s TPN issued more security alerts in Q1 2026 than all of 2025, citing credential-based attacks, misconfigurations, and unpatched vulnerabilities. Common issues include compromised credentials, inconsistent MFA, and patching delays.
MPA recently urged OpenAI to protect IP amid Sora 2 release.
Global Cyber Threat Brief Highlights Identity Breaches and Supply Chain Attacks
Latest incidents show attackers shifting to logging in via stolen credentials rather than breaking in, blending into networks. Focus on identity breaches, supply chain compromises, and organized cybercrime rise.
This reinforces evolving tactics in global cyber threats.
SHADOW-EARTH-053 Overlaps with Related Groups in Asian Targets
Nearly half of SHADOW-EARTH-053 targets in Malaysia, Sri Lanka, and Myanmar were also hit by SHADOW-EARTH-054, though no direct coordination. Group active since December 2024, linked to CL-STA-0049, Earth Alux, and REF7707.
Exploits include React2Shell (CVE-2025-55182) for Noodle RAT distribution.
White House Warns of China’s Industrial-Scale AI Distillation Campaigns
A April 2026 White House memo highlighted China-based entities distilling US frontier AI via proxies. This fuels concerns over PRC AI in US critical infrastructure, enabling surveillance and data exposure.
Hearings in March addressed PRC-linked AI risks.
Trend Micro Recommends Patching and Virtual Patching for IIS Vulnerabilities
Primary entry for SHADOW-EARTH-053 is IIS app vulnerabilities; organizations urged to apply Exchange/IIS patches immediately. Use IPS or WAF for virtual patching if patching delayed.
Google linked related chain to UNC6595.
New Federal Cybersecurity Reporting Rules Loom for Critical Infrastructure
Covered entities in 16 sectors must prepare for potential new federal cybersecurity incident reporting rules. Upcoming state laws include Alabama privacy effective 2027 and California pay data due May 13, 2026.
Colorado AI law temporarily blocked.
Pentagon Signs AI Deals with Seven Tech Firms
The Pentagon has inked AI contracts with seven technology companies to bolster capabilities. Full list details emerging as part of broader military AI integration efforts.
This advances US defense AI posture amid global tensions.
Palo Alto Networks Schedules Q3 2026 Fiscal Results Announcement
Palo Alto Networks will release fiscal third quarter 2026 results and host a webcast on May 2026 date. Discussion to cover financials and cybersecurity platform updates.
Investors anticipate insights on threat landscape trends.