Slack Scam Alert: Fake Linux Foundation Leader Tricks Devs into Handing Over Secrets

Attackers impersonated a Linux Foundation leader on Slack, tricking developers into clicking a phishing link and installing a fake root certificate to steal credentials and intercept encrypted traffic.

This was trending last week, in case you missed it.

@Cyber_Security_Channel

⚠️ Is Your SOC Chasing Metrics or Actually Stopping Attackers?

A clean dashboard often hides messy workflows and gaps you didn't know you had.

If you’re only looking at incident counts, you’re missing the blind spots where real risks stay hidden.

Expose what your metrics miss and speed up decisions with evidence-driven analysis.

👉 See how ANY.RUN fits your SOC

-----

#ad #paidpromotion #sponsored

@Cyber_Security_Channel

Unauthorized Users Breached Anthropic's Claude Mythos Security Model for Two Weeks

A small group of unauthorized users quietly accessed Anthropic's Claude Mythos model — a restricted AI tool limited to vetted partners and purpose-built to identify software vulnerabilities.

According to a Bloomberg report, the group has been regularly querying the model since roughly the same day Anthropic announced the program about two weeks ago, operating out of a private Discord channel dedicated to hunting unreleased models.

The attackers combined several techniques: leveraging employee access at a third-party Anthropic contractor, using open-source intelligence tools familiar to security researchers, and running automated bots to scrape GitHub and other unsecured sites for credentials and endpoints.

Anthropic confirmed it is investigating the report, stating the unauthorized access appears to have come through one of its third-party vendor environments.

The incident highlights the difficulty of gatekeeping access even to security-focused frontier models before general availability — and raises concerns about a model explicitly trained to find software flaws falling into unvetted hands.

@Cyber_Security_Channel

GPUBreach Exploit: How Hackers Can Hijack Your System Using Just a GPU

New research reveals the GPUBreach attack, which exploits GPU memory (Rowhammer) to escalate privileges and fully compromise systems — affecting major vendors like NVIDIA, AMD, and Qualcomm.

@Cyber_Security_Channel

Why U.S. Critical Infrastructure Is the Highest-Value Target in the Global Cyber War

This surge is directly tied to rising cybersecurity threats to the US critical infrastructure.

Attackers are no longer experimenting; they are executing repeatable, scalable campaigns designed to disrupt essential services.

Cyber_Security_Channel

Cloudflare Races to Beat Quantum Threats: Full Post-Quantum Security by 2029

Cloudflare accelerates its post-quantum security roadmap, aiming for full protection, including authentication, across all services by 2029 as quantum computing threats loom closer than expected.

@Cyber_Security_Channel

Zero-Day Alert: Adobe Reader Under Siege by Malicious PDFs Data Theft & RCE Risks Exposed!

Attackers have been exploiting an unpatched Adobe Reader zero-day via malicious PDFs since December 2025, enabling data theft and potential remote code execution even on updated systems. Users are urged to avoid untrusted files until a patch is released.

@Cyber_Security_Channel

Cisco Releases Open Source Tool for AI Model Provenance

The new Model Provenance Kit from Cisco, a Python-based toolkit and command-line interface (CLI), aims to address these issues by generating a ‘fingerprint’ for each model based on “metadata signals, tokenizer similarity, and weight-level identity signals such as embedding geometry, normalization layers, energy profiles, and direct weight comparisons”.

Cyber_Security_Channel

🚨 Lazarus APT is Running An Active Campaign

They are using fake meetings to gain full access to corporate systems, credentials, and sensitive data.

• Who is at risk: Fintech, crypto, and high-value environments where macOS is widely used by developers, executives, and decision-makers. 

• Why this is hard to detect: The attack relies on social engineering and native macOS binaries, reducing visibility for traditional EDR tools.
 
• How SOCs should respond: Identify credential exposure early by introducing @anyrun_app’s cross-platform analysis capabilities during triage that offers a 36% higher detection rate.

→ Read the breakdown and get key defense steps: available here.

-----

#ad #paidpromotion #sponsored

@Cyber_Security_Channel

EU’s Age Verification App Cracked in 2 Minutes: Security Expert Exposes Fatal Flaws

Security researcher Paul Moore bypassed the EU’s new age verification app in under two minutes by editing a config file, exposing critical design flaws and weak local data storage.

@Cyber_Security_Channel

Hackers Breach Canvas Learning Platform, Exposing Data on Millions of Students and Teachers

A cybersecurity attack on the nation's most widely used classroom software has potentially exposed the personal data of millions of students and educators across the country.

Instructure, the company that runs the Canvas learning management system used by more than 7,000 universities, K-12 districts and education ministries worldwide, disclosed the breach to affected institutions this week.

The company confirmed names, email addresses, student ID numbers and private messages between users had been accessed before the breach was contained.

ShinyHunters warned that a failure to pay could result in the release of "several billions of private messages among students and teachers."

A ransom message on the platform appears to give Infrastructure until May 12 to respond and "negotiate a settlement" before the hackers leak information.

@Cyber_Security_Channel