Hermes
Saturday 4 April 2026  ·  65 articles scored  ·  1 top scorer  ·  last 24h
1
🔐 security SANS Internet Stormcast
72%

TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)

This is the sixth update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0;"When the Security Scanner Became the Weapon"&#;x26;#;xc2;&#;x26;#;xa0;(v3.0, March …

Novelty
80%
Depth
70%
Practical
65%
Surprise
70%
Relevance
80%
https://isc.sans.edu/diary/rss/32864
2
🔐 security SecurityWeek
68%

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found by Adversa AI. The post Critical Vulnerability in Claude Code Emerges Day…

https://www.securityweek.com/critical-vulnerability-in-claude-code-emerges-days-after-source-leak/
3
🔐 security SANS Internet Stormcast
68%

TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)

This is the fifth update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026). Update 004 covered developments through…

https://isc.sans.edu/diary/rss/32856
4
🤖 ai The Decoder
65%

Deepseek v4 will reportedly run entirely on Huawei chips in a major win for China's AI independence push

Deepseek v4 is expected to launch in the coming weeks and will run exclusively on Huawei chips. China's biggest tech companies have reportedly already ordered hundreds of thousands of units. Nvidia w…

https://the-decoder.com/deepseek-v4-will-reportedly-run-entirely-on-huawei-chips-in-a-major-win-for-chinas-ai-independence-push/
5
🔐 security Microsoft Security Blog
65%

Threat actor abuse of AI accelerates from tool to cyberattack surface

Generative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized MFA bypass. The post Threat actor abuse of AI accelerates from tool to cyberattack surface app…

https://www.microsoft.com/en-us/security/blog/2026/04/02/threat-actor-abuse-of-ai-accelerates-from-tool-to-cyberattack-surface/
6
🤖 ai The Decoder
62%

Google's Gemma 4 is now available with Apache 2.0 licensing for the first time

Google is releasing Gemma 4, its most capable open model family yet. The four new models run on everything from smartphones to workstations and ship under a fully open Apache 2.0 license for the firs…

https://the-decoder.com/googles-gemma-4-is-now-available-with-apache-2-0-licensing-for-the-first-time/
7
🔐 security Microsoft Security Blog
62%

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution b…

https://www.microsoft.com/en-us/security/blog/2026/04/02/cookie-controlled-php-webshells-tradecraft-linux-hosting-environments/
8
🤖 ai The Decoder
62%

New Cursor 3 ditches the classic IDE layout for an "agent-first" interface built around parallel AI fleets

Version 3 of the AI coding tool Cursor introduces a completely redesigned interface built to move developers from manual code editing to running multiple AI agents in parallel. The article New Cursor…

https://the-decoder.com/new-cursor-3-ditches-the-classic-ide-layout-for-an-agent-first-interface-built-around-parallel-ai-fleets/
9
🔐 security Schneier on Security
61%

Possible US Government iPhone Hacking Tool Leaked

Wired writes (alternate source): Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly sophisticated iPhone hacking toolkit that includes five…

https://www.schneier.com/blog/archives/2026/04/possible-us-government-iphone-hacking-tool-leaked.html
10
🤖 ai The Decoder
60%

Claude Code and Cowork now let Anthropic's AI take control of your Mac or Windows desktop

Anthropic has announced a new feature for its AI assistant Claude: the ability to directly operate a user's computer, handling tasks people would normally do themselves at their desk. The article Cla…

https://the-decoder.com/claude-code-and-cowork-now-let-anthropics-ai-take-control-of-your-mac-or-windows-desktop/
11
🤖 ai The Decoder
60%

Microsoft's MAI-Transcribe-1 runs 2.5x faster than its predecessor at $0.36 per audio hour

MAI-Transcribe-1 converts speech to text quickly and accurately in 25 languages, even with background noise. Microsoft is already using the model in its own products. The article Microsoft's MAI-Tran…

https://the-decoder.com/microsofts-mai-transcribe-1-runs-2-5x-faster-than-its-predecessor-at-0-36-per-audio-hour/
12
🔐 security SecurityWeek
59%

Mobile Attack Surface Expands as Enterprises Lose Control

Shadow AI embedded in everyday apps, combined with outdated mobile devices and zero-click exploits, is creating a new and largely unseen mobile risk. The post Mobile Attack Surface Expands as Enterpr…

https://www.securityweek.com/mobile-attack-surface-expands-as-enterprises-lose-control/
13
🤖 ai The Decoder
58%

AI models fail at robot control without human-designed building blocks but agentic scaffolding closes the gap

A new framework from Nvidia, UC Berkeley, and Stanford systematically tests how well AI models can control robots through code. The findings: without human-designed abstractions, even top models fail…

https://the-decoder.com/ai-models-fail-at-robot-control-without-human-designed-building-blocks-but-agentic-scaffolding-closes-the-gap/
14
🔐 security Schneier on Security
57%

US Bans All Foreign-Made Consumer Routers

This is for new routers; you don’t have to throw away your existing ones: The Executive Branch determination noted that foreign-produced routers (1) introduce “a supply chain vulnerability that could…

https://www.schneier.com/blog/archives/2026/04/us-bans-all-foreign-made-consumer-routers.html
15
🔐 security SecurityWeek
57%

Critical ShareFile Flaws Lead to Unauthenticated RCE

The vulnerabilities can be chained together to bypass authentication and upload arbitrary files to the server. The post Critical ShareFile Flaws Lead to Unauthenticated RCE appeared first on Security…

https://www.securityweek.com/critical-sharefile-flaws-lead-to-unauthenticated-rce/