SecurityTicks - Security Ticks

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks 2026-04-16 at 15:03 By A “novel” social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed […]

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks Read More »

Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug

cybercrime, cybersecurity, Data exfiltration, Don't miss, fraud, Malware, News, PowerShell, Proofpoint, Pulseway, SimpleHelp, social engineering / SecurityTicks

Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug 2026-04-16 at 13:34 By Mirko Zorz Proofpoint researchers executed a malicious payload from a threat actor known to target trucking and logistics companies in late February 2026, doing so inside a decoy environment. The environment stayed compromised for more

Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug Read More »

Tails 7.6.2 patches vulnerability that could expose saved files

anonymity, Hot stuff, News, Privacy, security update, Tails, vulnerability / SecurityTicks

Tails 7.6.2 patches vulnerability that could expose saved files 2026-04-16 at 13:34 By Anamarija Pogorelec The Tails Project released Tails v7.6.2, an emergency release of the popular open source secure portable operating system. What is Tails? Tails, which is based on Debian GNU/Linux, is aimed at users who want to preserve their online privacy and

Tails 7.6.2 patches vulnerability that could expose saved files Read More »

The Agentic AI Tsunami is Here: Is Your Legacy IAM Sinking or Swimming?

Uncategorized / SecurityTicks

The Agentic AI Tsunami is Here: Is Your Legacy IAM Sinking or Swimming? 2026-04-16 at 13:07 By Paul Toal AI agents are becoming a new class of enterprise identity—and most platforms weren’t built for them This article is an excerpt from SECURITY.COM View Original Source

The Agentic AI Tsunami is Here: Is Your Legacy IAM Sinking or Swimming? Read More »

Microsoft announces product it doesn’t want you to buy: Extended security updates for old Exchange, and Skype for Biz

Uncategorized / SecurityTicks

Microsoft announces product it doesn’t want you to buy: Extended security updates for old Exchange, and Skype for Biz 2026-04-16 at 13:07 By Richard Speed Just migrate already, would you? But if you can’t, Redmond will take your cash Microsoft will keep delivering security updates for old versions of Exchange Server and Skype for Business

Microsoft announces product it doesn’t want you to buy: Extended security updates for old Exchange, and Skype for Biz Read More »

Two US nationals jailed over scheme that generated $5 million for the North Korean regime

law enforcement, News, North Korea, remote working, USA / SecurityTicks

Two US nationals jailed over scheme that generated $5 million for the North Korean regime 2026-04-16 at 13:07 By Sinisa Markovic Two US nationals have been sentenced for their role in a scheme that placed North Korean IT workers inside American companies under false identities. Over several years, the operation used stolen identities from at

Two US nationals jailed over scheme that generated $5 million for the North Korean regime Read More »

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco, patches, Vulnerabilities, vulnerability / SecurityTicks

Cisco Patches Critical Vulnerabilities in Webex, ISE 2026-04-16 at 13:07 By Ionut Arghire The flaws can be exploited remotely to impersonate users or execute arbitrary commands on the underlying OS. The post Cisco Patches Critical Vulnerabilities in Webex, ISE appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches Critical Vulnerabilities in Webex, ISE Read More »

Ransomware Hits Automotive Data Expert Autovista

Autovista, Ransomware / SecurityTicks

Ransomware Hits Automotive Data Expert Autovista 2026-04-16 at 12:52 By Ionut Arghire The automotive analysis and data company is working with external experts to investigate the attack. The post Ransomware Hits Automotive Data Expert Autovista appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ransomware Hits Automotive Data Expert Autovista Read More »

Obsolete Google nag drowns out vital bar information at Swedish concert hall

Uncategorized / SecurityTicks

Obsolete Google nag drowns out vital bar information at Swedish concert hall 2026-04-16 at 12:21 By Richard Speed Backup and Sync may be dead, but it still knows how to kill the buzz before the ukuleles start Bork!Bork!Bork! Sweden is arguably the home of bork – think the Swedish Chef from The Muppets – so

Obsolete Google nag drowns out vital bar information at Swedish concert hall Read More »

South Korea to pilot tokenized deposits for government spending

Latest News / SecurityTicks

South Korea to pilot tokenized deposits for government spending 2026-04-16 at 12:11 By Cointelegraph by Ezra Reguerra The sandbox will test preset spending limits, timing controls and category restrictions for public sector expense payments. This article is an excerpt from Cointelegraph.com News View Original Source

South Korea to pilot tokenized deposits for government spending Read More »

Cops hand Motorola £25M no-bid deal to keep 2000-era radios alive

Uncategorized / SecurityTicks

Cops hand Motorola £25M no-bid deal to keep 2000-era radios alive 2026-04-16 at 12:11 By Lindsay Clark Biz as usual for Brit public sector: ESN replacement is 12 years late and £3B over budget UK police tech buyers have awarded a £25 million no-competition contract for communications technology first commissioned in 2000, with the replacement

Cops hand Motorola £25M no-bid deal to keep 2000-era radios alive Read More »

OpenAI updates Agents SDK, adds sandbox for safer code execution

Artificial Intelligence, cybersecurity, News, OpenAI / SecurityTicks

OpenAI updates Agents SDK, adds sandbox for safer code execution 2026-04-16 at 12:11 By Anamarija Pogorelec OpenAI’s updated Agents SDK helps developers build agents that inspect files, run commands, edit code, and handle tasks within controlled sandbox environments. The update provides standardized infrastructure for OpenAI models, a model-native harness that lets agents work with files

OpenAI updates Agents SDK, adds sandbox for safer code execution Read More »

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

AI, AI hack, Artificial Intelligence, Claude Code, GitHub Copilot, prompt injection / SecurityTicks

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments 2026-04-16 at 12:11 By Eduard Kovacs A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’. The post Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments appeared first on SecurityWeek.

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments Read More »

Anthropic tests user trust with ID and selfie checks for Claude

Anthropic, Claude Code, identity verification, News, Privacy / SecurityTicks

Anthropic tests user trust with ID and selfie checks for Claude 2026-04-16 at 11:16 By Sinisa Markovic Anthropic announced identity verification for Claude using government ID and selfie checks, becoming the first major AI chatbot to do so, a move that may prove unpopular with users. Having built its reputation around privacy in the AI

Anthropic tests user trust with ID and selfie checks for Claude Read More »

Server-room lock was nothing but a crock

Uncategorized / SecurityTicks

Server-room lock was nothing but a crock 2026-04-16 at 11:03 By Avram Piltch Your cybersecurity is only as good as the physical security of the servers PWNED Welcome back to Pwned, the column where we immortalize the worst vulns that organizations opened up for themselves. If you’re the kind of person who leaves your car

Server-room lock was nothing but a crock Read More »

QUIC will soon be as important as TCP – but it’s vastly different

Uncategorized / SecurityTicks

QUIC will soon be as important as TCP – but it’s vastly different 2026-04-16 at 11:03 By Bruce Davie Deciphering the third transport protocol’s four RFCs is a task to rival the proverbial blind man trying to understand an elephant While Larry was producing most of the content for the “Request/Reponse” chapter for the next

QUIC will soon be as important as TCP – but it’s vastly different Read More »

GitHub lays out copyright liability changes and upcoming DMCA review for developers

GitHub, Government, News / SecurityTicks

GitHub lays out copyright liability changes and upcoming DMCA review for developers 2026-04-16 at 10:31 By Mirko Zorz A U.S. Supreme Court ruling issued in March has settled a question that has circulated among platform operators and developers for years: whether a service provider can be held liable for copyright infringement committed by its users

GitHub lays out copyright liability changes and upcoming DMCA review for developers Read More »

Morgan Stanley’s Bitcoin fund overtakes WisdomTree after 6 trading days

Latest News / SecurityTicks

Morgan Stanley’s Bitcoin fund overtakes WisdomTree after 6 trading days 2026-04-16 at 10:16 By Cointelegraph by Brayden Lindrea The Morgan Stanley Bitcoin Trust is also within striking distance of overtaking three other US spot Bitcoin ETFs that launched in January 2024. This article is an excerpt from Cointelegraph.com News View Original Source

Morgan Stanley’s Bitcoin fund overtakes WisdomTree after 6 trading days Read More »

Trump’s World Liberty under fire for ‘absurd’ token unlock plan

Latest News / SecurityTicks

Trump’s World Liberty under fire for ‘absurd’ token unlock plan 2026-04-16 at 10:16 By Cointelegraph by Jesse Coghlan Major World Liberty Financial investor Justin Sun called a plan to lock tokens for up to four years “the most absurd governance scams I have ever seen.” This article is an excerpt from Cointelegraph.com News View Original

Trump’s World Liberty under fire for ‘absurd’ token unlock plan Read More »

US should scrap crypto capital gains tax to fuel competition: Cato

Latest News / SecurityTicks

US should scrap crypto capital gains tax to fuel competition: Cato 2026-04-16 at 10:16 By Cointelegraph by Stephen Katte Crypto users in the US are required to pay capital gains taxes on cryptocurrencies, stifling their usefulness as a currency, argued a Washingon DC-based think tank. This article is an excerpt from Cointelegraph.com News View Original

US should scrap crypto capital gains tax to fuel competition: Cato Read More »