Ravie LakshmananApr 14, 2026Vulnerability / DevSecOps Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities have been described as command injection flaws affecting the Perforce VCS (version control… Read More "New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released"
As a result, the EU’s influence over the model is limited, not least because it is not yet widely available. Several experts interviewed by Politico believe that this development is problematic, as private companies in practice decide how and when… Read More "EU regulators largely denied access to Anthropic Mythos"
A cybercrime network responsible for more than $200m in reported losses has expanded its operations and refined its tactics following US Treasury sanctions in 2025. Known as Triad Nexus, the group reportedly continues to run large-scale investment scams and brand… Read More "Triad Nexus Expands Global Fraud Operations Despite US Sanctions"
Adobe’s latest Patch Tuesday updates fix 55 vulnerabilities across 11 of the company’s products. Nearly all of the 11 new advisories have a priority rating of 3, which indicates that the software giant does not expect them to be exploited… Read More "Adobe Patches 55 Vulnerabilities Across 11 Products"
Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google’s Discover feed and trick users into enabling persistent browser notifications… Read More "AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud"
CISOs must be “aggressive” and “innovative” in how they retain talent against the backdrop of an increasingly volatile jobs market, a new report from IANS and Artico Search has revealed. The duo’s 2026 Cybersecurity Talent Report is based on interviews… Read More "CISOs Urged to Innovate in Talent Retention as Job Satisfaction Declin"
A small conservative legal group used direct access to the Federal Communications Commission chairman’s office last September to accelerate a complaint targeting Jimmy Kimmel and his employer, ABC, according to internal emails obtained by WIRED. The emails show the group… Read More "The FCC Has a Fast Lane for Complaints About Trump’s Media Critics"
Triad Nexus, an illicit network acting as the backbone of scams, money laundering, and illicit gambling operations, is using various techniques and front companies to avoid sanctions, Silent Push reports. Operating since at least 2020, the cybercrime operation has been… Read More "Triad Nexus Evades Sanctions to Fuel Cybercrime"
Ravie LakshmananApr 14, 2026Mobile Security / Network Security Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and… Read More "Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security"
A wide-ranging identity theft and fraud scheme that allegedly targeted major online gambling platforms has led to federal charges against two Connecticut men accused of stealing millions of dollars through fake betting accounts. A 45-count federal indictment charges Amitoj Kapoor… Read More "Two Connecticut Men Charged In Alleged $3m Gambling Fraud Scheme"
