𝗟𝗲𝘀 𝗰𝗼𝗻𝗳é𝗿𝗲𝗻𝗰𝗲𝘀 𝗽𝗿𝗶𝗻𝗰𝗶𝗽𝗮𝗹𝗲𝘀 𝗱𝗲 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟲 𝘀𝗼𝗻𝘁 𝗮𝗻𝗻𝗼𝗻𝗰é𝗲𝘀 • 𝗞𝗲𝘆𝗻𝗼𝘁𝗲𝘀 𝗮𝗻𝗻𝗼𝘂𝗻𝗰𝗲𝗱!Kerberoasting legend + Bloomberg security leaders = keynotes you can't miss!️ Thursday Keynote by Tim Medin : Hacking DumberlyTim Medin, founder of Red Siege, globally recognized offensive security expert and creator of Kerberoasting, will open NorthSec 2026 with Hacking Dumberly: We all hear about APT, but most breaches aren't really by A (advanced) or P (persistent) threat actors. In this talk, Tim will discuss simple ways for attack and defense, and to show you that often times the "dumb" stuff can be super effective. And as an experienced infosec professional, we can learn a lot of new folks. "Newbs" have valuable insight that isn't poisoned by "that's how we've always done it" or "this is how X works". Experienced folks can learn a lot from less experienced folks, and they can go a long way in their development… or than can crush them. Let's help each other be better.️ Friday Keynote by Varsha Dwarakanathan & Salini Mishra (Bloomberg): Lost in the AI Woods: Why the Future Still Needs YouVarsha Dwarakanathan (Senior Product Security Engineer, Bloomberg) & Salini Mishra (Senior Product Security Engineer, Bloomberg CISO Office) will present a reflection on AI and cybersecurity: how to stay relevant and human in a constantly evolving technological world. An invitation to use AI as leverage while managing pace, priorities, and energy over the long term.️ But there's more! 24 cutting-edge talks, 7 hands-on workshops and legendary CTF challenges! Full lineup at https://nsec.io/speakersGet your tickets now: https://nsec.io#NorthSec #Cybersecurity #Infosec #Keynote

Authorities can extract your phone's deleted messages from notification database.https://www.404media.co/fbi-extracts-suspects-deleted-signal-messages-saved-in-iphone-notification-database-2/#tech #cybersecurity

QR Codes: What You Need to Knowhttps://hackingpassion.com/qr-codes-what-you-need-to-know/Read on HackerWorkspace: https://hackerworkspace.com/article/qr-codes-what-you-need-to-know#malware #cybersecurity #vulnerability

Critical Remote Code Execution Vulnerability Discovered in Protobuf.js LibraryProtobuf.js patched a critical remote code execution vulnerability (CVE-2026-41242) caused by unsafe dynamic code generation when processing malicious protobuf schemas. The flaw allows attackers to execute arbitrary JavaScript code on servers or developer machines, potentially exposing sensitive credentials and enabling lateral movement.**If your applications use protobuf.js (or libraries like gRPC, Firebase, or Google Cloud SDKs), update protobuf.js to version 8.0.1 or 7.5.5 ASAP. Run npm audit to catch hidden dependencies. Going forward, only load schemas you control and prefer precompiled static schemas in production to avoid this class of attack entirely.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/critical-remote-code-execution-vulnerability-discovered-in-protobuf-js-library-o-k-k-y-h/gD2P6Ple2L

🤫 Anthropic, Google, Microsoft paid AI bug bounties – quietly｢ The researchers targeted Anthropic's Claude Code Security Review, Google's Gemini CLI Action, and Microsoft's GitHub Copilot, then disclosed the flaws and received bug bounties from all three. But none of the vendors assigned CVEs or published public advisories, and this, according to researcher Aonan Guan, "is a problem." ｣https://www.theregister.com/2026/04/15/claude_gemini_copilot_agents_hijacked/#ai #bounty #cybersecurity

24 hours of MIRE/C³; the latest stats (Runmode: Neutral 404, delay-only) 5,847 requests from 891 unique IPs Attacker bandwidth cost: 112.1MB Attacker total delay: 12h 57m server time Slowest response: 13.1s #MIREC3 #CyberSecurity #FightingBack

NeuraCyb - Cybersecurity Intelligence & Investigationhttps://www.neuracybintel.com/articles/google-blocked-602-million-scam-ads-with-gemini-as-ai-turns-ad-safety-into-a-real-time-cyber-fightRead on HackerWorkspace: https://hackerworkspace.com/article/neuracyb-cybersecurity-intelligence-investigation-4#malware #cybersecurity #incidentresponse

For those in the Microsoft Defender ecosystem https://learn.microsoft.com/en-us/defender-xdr/whats-new #cybersecurity

Wait wait wait. I thought the White House hated Anthropic.https://www.securityweek.com/white-house-chief-of-staff-to-meet-ith-anthropic-ceo-over-its-new-ai-technology/#cybersecurity #usgov

New DTI Research: The evolution of the MOIS-linked cyber ecosystem (Handala/Homeland Justice)from the 2022 Albania attacks to the 2026 Stryker incident️Full research and analysis:https://dti.domaintools.com/research/mois-linked-moist-grasshopper-homeland-justice-karmabelow80-handala-hackers-campaigns-and-evolution#ThreatIntel #Handala #Cybersecurity #Iran

#chrome extension Online Voice Recorder seems malicious. Its #cybersecurity badness score is 96/100!```json{"id": "apejngmlbbanbmfaemoekpbobghbgmem", "score": 96, "platform": "chrome", "name": "Online Voice Recorder"}```

New ransom group blog post!Group name: krybitPost title: rhode-hv.deInfo: https://cti.fyi/groups/krybit.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog posts!Group name: incransomPost title: Mag. Fünder Hausverwaltungs GmbHInfo: https://cti.fyi/groups/incransom.htmlGroup name: genesisPost title: ***Info: https://cti.fyi/groups/genesis.htmlGroup name: ransomexxPost title: SOGO AuctionInfo: https://cti.fyi/groups/ransomexx.htmlGroup name: ransomhousePost title: Winnitex (Americas) LimitedInfo: https://cti.fyi/groups/ransomhouse.html#ransomware #cti #threatintelligence #cybersecurity #infosec

How Linux Time Namespaces can be used in Malware Developmenthttps://www.youtube.com/watch?v=Y2TCxbtVQp4#malware #cybersecurity #vulnerability

#TutaDrive launches in closed beta! A milestone in the development of #Tuta’s post-quantum secure cloud.https://tuta.com/blog/tuta-drive-in-beta-launch#cloud #privacy #cybersecurity #PQE #FOSS #CloudStorage

Critical #Nginx UI auth bypass flaw now actively exploited in the wildhttps://www.bleepingcomputer.com/news/security/critical-nginx-ui-auth-bypass-flaw-now-actively-exploited-in-the-wild/#cybersecurity

Cal(dot)com is going closed source. Here's why.https://cal.com/blog/cal-com-goes-closed-source-why#cybersecurity #FOSS #calendar

️ El Curso de Hacking con Kali Linux está permanente disponible en el aula virtual para acceso inmediato. WhatsApp: https://wa.me/51949304030 https://www.reydes.com/e/Curso_de_Hacking_con_Kali_Linux #kalilinux #cybersecurity #infosec #zerotrust #cyberthreats #cyberattack #threatintelligence

Nothing like a Friday afternoon malware hunt to remind you why you don't trust random GitHub repos.Even the "cybersecurity" ones. Especially those.

White House moves to give federal agencies access to Anthropic’s Claude Mythos https://www.csoonline.com/article/4160303/white-house-moves-to-give-federal-agencies-access-to-anthropics-claude-mythos.html#cybersecurity #mythos #anthropic #claude