Latest Internet & Cybersecurity News
CrowdStrike warns of AI-driven attacks and massive digital asset theft tied to North Korea
CrowdStrike says DPRK-linked actors stole a reported $2.02 billion in digital assets in 2025, driving a 51% year-over-year rise in crypto theft. The report also says financial-sector intrusions rose 43% globally over two years, with attackers using AI-generated identities and recruiter scams to infiltrate firms.
Cisco Catalyst SD-WAN Controller flaw is being actively exploited
Researchers say a critical authentication bypass in Cisco Catalyst SD-WAN Controller, tracked as CVE-2026-20182, is already under active exploitation. Cisco released fixes and CISA added the flaw to its Known Exploited Vulnerabilities catalog, warning federal agencies to patch immediately.
CISA orders federal agencies to patch exploited Cisco SD-WAN bug
CISA has directed U.S. federal agencies to patch a newly exploited critical Cisco SD-WAN vulnerability by Sunday. The urgency follows incident responder findings that the bug is being used in real-world attacks against exposed systems.
OpenClaw flaws can enable data theft, privilege escalation, and persistence
Security researchers disclosed four OpenClaw vulnerabilities that can be chained to bypass sandbox protections, elevate privileges, and maintain persistence. The vendor says the issues were fixed in version 2026.4.22, and users are being urged to update.
Canada ranks second globally in ransomware attacks, Fortinet says
Fortinet’s latest report says Canada suffered 17 billion cyberattack attempts in 2025, up from 13.7 billion in 2024, with 374 organizations extorted. The report also highlights rising use of agentic AI in attacks and a significant cybersecurity skills shortage among Canadian organizations.
India’s IRDAI orders insurers to review defenses against AI-enabled cyber threats
India’s insurance regulator has told regulated entities to urgently reassess cybersecurity readiness against frontier AI-driven threats and submit an action-taken report by May 22. The directive reflects growing concern over AI-enabled attacks in the financial sector and follows broader warnings from CERT-In about enterprise vulnerabilities.
China-linked espionage groups expand financial-sector operations across multiple regions
CrowdStrike says China-linked actors increased activity against financial institutions in the Philippines, Indonesia, and Brazil, while one network spanned more than 150 endpoints across 36 countries. The report suggests global financial firms are facing broader espionage and infrastructure abuse campaigns.
North Korean hackers increasingly use fake AI personas to scale operations
CrowdStrike reports that groups such as FAMOUS CHOLLIMA doubled their operations by using AI-generated personas, while STARDUST CHOLLIMA tripled its pace targeting fintech firms. The trend shows adversaries are using AI not just for automation, but for social engineering and infiltration at scale.
Financial institutions see a sharp rise in hands-on-keyboard intrusions
CrowdStrike says hands-on-keyboard intrusions against financial institutions have increased 43% globally over two years. These intrusions are especially concerning because they indicate real operators interacting directly with compromised systems rather than relying on fully automated tooling.
Supply-chain compromise used in record cryptocurrency theft
CrowdStrike says one DPRK-linked group, PRESSURE CHOLLIMA, allegedly stole $1.46 billion in cryptocurrency through trojanized software distributed via a supply-chain compromise. The case underscores how software trust chains remain a high-value target for financially motivated threat actors.
AI-powered recruiter scams are becoming a major infiltration vector
CrowdStrike warns cybercriminals are increasingly using AI-generated identities and recruiter-style lures to trick employees into engagement and compromise. These tactics can help attackers bypass traditional email and social engineering defenses by appearing more credible and tailored.
Security reporting points to broadening global financial-sector exposure
Across the reported incidents, financial firms in North America, Europe, Asia, and Southeast Asia are being targeted by both espionage and financially motivated threat groups. The combined picture suggests the sector is facing simultaneous pressure from nation-state actors, ransomware crews, and AI-enabled fraud operations.