IT threat evolution in Q1 2026. Mobile statistics
This report contains mobile threat statistics for Q1 2026, along with noteworthy discoveries and quarterly trends: new versions of SparkCat and Triada.
General
20 articles
IBM executive floated for CISA director as concerns persist for agency
Cybersecurity leaders warn weakened CISA could hurt AI-era defense and threat response.
Microsoft testing adjustable taskbar, Start menu in Windows 11
Microsoft has finally brought back the resizable taskbar and Start menu to Windows 11 in the latest preview version rolling out to Insiders in the Experiment...
NCSC Publishes Guidance on Securing Agentic AI Use
The UK’s National Cyber Security Centre is helping organizations to understand agentic AI security risks
Security Researchers Find 47 Zero-Days at Pwn2Own Berlin
The research community was awarded $1.
Microsoft Acknowledges Windows 11 Update Failure Linked to Error 0x800f0922
Microsoft has acknowledged a growing issue affecting Windows 11 users: the May 2026 cumulative update (KB5089549) fails to install, resulting in error code 0...
Bank of England, FCA and Treasury Raise Alarm Over Frontier AI
The UK’s financial authorities have set expectations for the sector on cybersecurity and operational resilience
Why the best security investment a board can make in 2026 isn’t another tool
There is a conversation that happens in boardrooms every quarter that security leaders will recognize. The CISO presents the threat landscape.
AI coding is fueling a secrets-sprawl crisis few CISOs are containing
When Matt Schlicht built Moltbook, the social network where AI agents talk to one another, he didn’t write the code himself. He “just had a vision,” and vibe...
AI Has a data problem, cascading breaches, and the weekly news - Dimitri Sirota - ESW #459
Linux Torvalds Warns AI Bug Report Spam Is Disrupting Linux Security Discussions
Linux kernel creator Linus Torvald has warned that a flood of low‑value, AI‑generated bug reports is overwhelming the private Linux security mailing list and...
1 Million WordPress Websites Exposed by Avada Builder Security Vulnerabilities
A widely used WordPress plugin powering over one million websites has been found vulnerable to two serious security flaws that could expose sensitive data an...
Project Glasswing: what Mythos showed us
In recent weeks, we pointed Mythos and other security-focused LLMs at live code across critical parts of our infrastructure. We share what we observed, the m...
Crafted JPEGs Could Trigger PHP Memory Bugs for Exploitation
PHP, one of the most widely used web programming languages, is rarely viewed as a direct attack surface at its core level. Security focus typically shifts to...
Lyrie: Open-source autonomous pentesting agent
Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous securi...
Hackers Earn $1.3 Million at Pwn2Own Berlin 2026
Participants demonstrated exploits for Windows, Linux, VMware, Nvidia, and AI products. The post Hackers Earn $1.
Former CISA nominee Sean Plankey named US CEO of defense startup
UFORCE, a London-based company founded by Ukrainians, is looking to make drones in America. The post Former CISA nominee Sean Plankey named US CEO of defense...
Closing the Gap: The Regulatory and Structural Maturation of Digital Assets
Digital assets are reshaping global finance as institutions adopt regulated crypto infrastructure, stablecoins, and tokenized assets.
Debian 13.5 point release lands with security fixes, bug patches
Debian 13.5 is the fifth point release for the stable distribution “trixie.
Grafana Says It Rejected Ransom Demand After Source Code Theft
Grafana says hackers stole its source code after accessing a GitHub token, but no customer data or systems were affected.