Information Security News

1. Autonomous, GenAI-Driven Attacker Platform Enters the Chat
   Dark Reading – Elizabeth Montalbano
2. EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher
   BleepingComputer – Bill Toulas
3. Voluntary ‘Pall Mall Process’ seeks to curb spyware abuses
   Cyberscoop – Tim Starks
4. That massive GitHub supply chain attack? It all started with a stolen SpotBugs token
   The Register – Jessica Lyons
5. EU wants to give encryption backdoors a try, despite pushback
   The Stack – Noah Bovenizer
6. Google addresses 2 actively exploited vulnerabilities in security update
   Cyberscoop – Matt Kapko
7. Scattered Spider’s ‘King Bob’ Pleads Guilty to Cyber Charges
   Dark Reading – Kristina Beek
8. Malicious VSCode extensions infect Windows with cryptominers
   BleepingComputer – Bill Toulas
9. NSW Electoral Commission asks for cyber security top-up
   itNews – Ry Crozier
10. Chrome to patch decades-old flaw that let sites peek at your history
    The Register – Thomas Claburn
11. UK’s attempt to keep details of Apple ‘backdoor’ case secret… denied
    The Register – Connor Jones
12. EDR-as-a-Service Makes the Headlines in the Cybercrime Landscape
    Security Affairs – Pierluigi Paganini
13. European Commission pushes for encryption ‘backdoors’
    Brussels Signal – Paddy Belton
14. EU set to fine Elon Musk’s X up to $1 billion for breaking disinformation law
    Irish Star – Jeremiah Hassel
15. E-ZPass toll payment texts return in massive phishing wave
    BleepingComputer – Bill Toulas
16. Expert Used ChatGPT-4O to Create a Replica of His Passport in Just 5 Minutes Bypassing KYC
    Security Affairs – Pierluigi Paganini
17. Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
    The Hacker News – Ravie Lakshmanan
18. WinRAR flaw bypasses Windows Mark of the Web security alerts
    BleepingComputer – Ionut Ilascu
19. Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
    The Hacker News – Ravie Lakshmanan
20. Senators re-up bill to expand Secret Service’s financial cybercrime authorities
    Cyberscoop – Matt Bracken
21. PoisonSeed phishing campaign behind emails with wallet seed phrases
    BleepingComputer – Bill Toulas
22. Call Records of Millions Exposed by Verizon App Vulnerability
    SecurityWeek – Eduard Kovacs
23. Trump fires Gen. Timothy Haugh from leadership of Cyber Command and NSA
    Cyberscoop – Mark Pomerleau
24. Europcar GitLab breach exposes data of up to 200,000 customers
    BleepingComputer – Ionut Ilascu
25. Rafts of Security Bugs Could Rain Out Solar Grids
    Dark Reading – Kristina Beek
26. SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
    The Hacker News – Ravie Lakshmanan
27. State Bar of Texas Says Personal Information Stolen in Ransomware Attack
    SecurityWeek – Ionut Arghire
28. OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers
    The Hacker News – Ravie Lakshmanan
29. Australian super funds compromised after data breach as hackers use stolen passwords
    The Guardian – Josh Taylor
30. “Nudify” deepfakes stored unprotected online
    Malware Bytes – Pieter Arntz

Analysis

1. PCI DSS 4.0.1: A Cybersecurity Blueprint by the Industry, for the Industry
   SecurityWeek – Kevin Townsend
2. Intergenerational Mentoring: Key to Cybersecurity’s AI Future
   Dark Reading – Han Cho
3. State-Sponsored AI Attacks: How Nations Are Using AI to Wage Digital War – The Weaponisation of AI in Cyber Warfare – Part 2
   PrivID (Substack)
4. Australia’s social media ban is attracting global praise – but we’re no closer to knowing how it would work
   The Guardian – Josh Taylor
5. Secure Communications Evolve Beyond End-to-End Encryption
   Dark Reading – Robert Lemos

CyAN Members: Op Eds, Articles, etc.

1. Protecting the Power of AI: Strategies Against Emerging Security Risks
   RSAC Conference – Shantanu Bhattacharya
2. Antivirus, Firewalls, and VPNs: What Do They Actually Do?
   Fel Gayanilo

🗓️ Upcoming CyAN (and CyAN Partner) Global Events:

📍 Lisbon, Portugal

Supply Chain Cyber Security Summit (SCCS)
April 9–11

Read more

📍 Marrakesh, Morocco

GITEX AFRICA
April 14–16

Read more

📍 Singapore

GITEX ASIA
April 23–25

Read more

📍 Dubai, UAE

GISEC
May 6–8

Read more

📍 London, UK

Cyber OSPAs
May 8

Read more

📍 Dubai, UAE

CSG Awards 2025
May 7

Read more

📍 Dubai, UAE

World AI Technology Expo
May 14–15

Read more

🎉 Celebration

CyAN 10th Anniversary
(Details TBA)

📍 Berlin, Germany

GITEX Europe Messe
May 21–23

Read more

📍 Rabat, Morocco

MaTeCC
June 7–9

Read more

🌐 Online

CyAN Q2 Call (APAC + Gulf)
June 11 – 12:00 GST / 16:00 SGT / 18:00 AEST

🌐 Online

CyAN Q2 Call (EMEA + Americas)
June 11 – 20:00 GST / 18:00 CET / 17:00 UTC / 12:00 EDT

📄 Download the PDF

🔗 Visit our LinkedIn post and share with your network