Austin Y

⚠️OpenAI Warns macOS Users to Update ChatGPT and Codex Immediately Source: cybersecuritynews.com/openai-macos-u… OpenAI has disclosed a security incident tied to the compromise of Axios, a widely used third-party JavaScript developer library, as part of a broader software supply chain attack detected on March 31, 2026. While the company confirmed no user data, API keys, or systems were compromised, it is taking aggressive precautionary measures to protect its macOS application certification infrastructure. On March 31, 2026 (UTC), threat actors believed to be linked to North Korea hijacked the npm account of an Axios library maintainer and pushed malicious updates, specifically versions v1.14.1 and v0.30.4. #cybersecuritynews

🛑 Adobe released emergency fixes for a 9.6 CVSS flaw (CVE-2026-34621) in Acrobat/Reader, confirmed under active exploitation. A prototype pollution bug lets malicious PDFs run arbitrary code via JavaScript. Evidence shows attacks may date back to Dec 2025. 🔗 Read → thehackernews.com/2026/04/adobe-…

🛡️ Single Line of Code Can Jailbreak 11 AI models, including ChatGPT, Claude, and Gemini Source: cybersecuritynews.com/single-line-of… A newly detailed jailbreak technique known as "sockpuppeting" allows attackers to bypass the safety guardrails of 11 major large language models (LLMs) using a single line of code. Unlike complex attacks, this method exploits APIs that support assistant prefill to inject fake acceptance messages, forcing models to answer prohibited requests. The attack exploits "assistant prefill," a legitimate API feature developers use to force specific response formats. Attackers abuse this by injecting a compliant prefix, such as "Sure, here is how to do it," directly into the assistant's role. #cybersecuritynews

We recently identified a security issue involving the third-party developer library Axios that was part of a broader industry incident. We found no evidence that OpenAI user data was accessed, that our systems were compromised, or that our software was altered. Out of an abundance of caution we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps. We are updating our security certifications, which will require all macOS users to update their OpenAI apps to the latest versions. This helps prevent any risk—however unlikely—of someone attempting to distribute a fake app that appears to be from OpenAI. You can update safely through an in-app update or at the official links below. 🧵

Claude Code with agent, autonomously hacked Subway Surfers, and printed millions of coins. A rooted Android phone... and it turned Subway Surfers into a money printer. From 4 coins to 2,000,000+ coins in two runs. autonomous loop, analyzed, and pwned a Unity game in one session, intercepts traffic, bypasses SSL pinning, and even reverse-engineers offline games. The full Setup: Rooted emulator via rootAVD + Magisk + AlwaysTrustUserCerts. Toolchain: UI Automator, mitmproxy traffic capture, Frida bypass scripts, APK static analysis. The agent loops by itself: - Dump screen & UI elements - Tap/swipe via ADB - Analyze traffic or binary - Decide next move without a human. It played the game, reverse-engineered the Unity IL2CPP binary, hooked Frida on SafeInt anti-cheat, and silently multiplied currency. Subway Surfers (com.kiloo.subwaysurf) Almost zero network traffic to agent pivots. Detects Unity IL2CPP parses global-metadata.dat Finds WalletModel, RunSessionData, AddCoins, and SetCurrencySilently. Then hooks with Frida and multiplies rewards ×100+. Result: 4 coins to over 2 million. SafeInt anti-cheat? Bypassed Stealth mode This is the future of mobile pentesting? credit via: @skshadan_ - workers.io/blog/autonomou…

🚨 WhatsApp’s “end-to-end encrypted” privacy is a total lie. New class-action lawsuit just dropped: Meta secretly let employees, contractors like Accenture, and third parties read, intercept, and store your private messages WITHOUT consent. All while marketing it as “only you and the recipient can read it.” Zuck lied to billions. Your chats were never safe.

🚨Cyber Alert ‼️ 🇳🇬Nigeria - 𝗡𝗡𝗣𝗖 𝗛𝗲𝗮𝗹𝘁𝗵 𝗠𝗮𝗶𝗻𝘁𝗲𝗻𝗮𝗻𝗰𝗲 𝗢𝗿𝗴𝗮𝗻𝗶𝘀𝗮𝘁𝗶𝗼𝗻 XP95 hacking group claims to have breached NNPC Health Maintenance Organisation. Threat actor: XP95 Sector: Financial / Insurance Data exposure (claimed): 200,000 user records Data type: Personal data Observed: Apr 08, 2026 Status: Pending verification ESIX©: 5.73 Full details and impact assessment on HackRisk.io

‼️ M6Plus Proof of Concept (POC) CVE-2026-4583 (Missing Replay Protection) The M6PLUS Bluetooth protocol lacks cryptographic authentication mechanisms. The only integrity check is a trivial single-byte XOR checksum, which can be easily recalculated by an attacker. This allows any Bluetooth device to inject arbitrary transaction commands without the terminal being able to verify the command's origin or authenticity.

Introducing Claude Managed Agents: everything you need to build and deploy agents at scale. It pairs an agent harness tuned for performance with production infrastructure, so you can go from prototype to launch in days. Now in public beta on the Claude Platform.

Introducing Project Glasswing: an urgent initiative to help secure the world’s most critical software. It’s powered by our newest frontier model, Claude Mythos Preview, which can find software vulnerabilities better than all but the most skilled humans. anthropic.com/glasswing

One of the most technical insider fraud cases in Nigerian banking involved Olajide Ogunmoroti, a former Access Bank ICT staff member accused of helping orchestrate a ₦5.7 billion banking fraud. According to testimony presented in court by Access Bank employee Abdulmajeed Agboola, Ogunmoroti allegedly connected a private laptop directly into the bank’s internal server infrastructure — bypassing normal security controls. That access reportedly allowed the suspects to manipulate overdraft limits on customer accounts. Normally, overdrafts are tightly controlled by the bank’s core banking system. But investigators said the manipulation allowed certain accounts to withdraw and transfer funds even when there was no money in the account. From there, the money was moved across multiple accounts and banks, allowing the fraud network to withdraw and transfer large sums before the transactions were detected. The total exposure investigators traced from the scheme was over ₦5.7 billion. Even more suspicious: when investigators attempted to review the bank’s CCTV logs connected to the activity, the footage tied to the suspicious system access had reportedly been wiped. The suspects were eventually charged with unauthorized access to computer systems, stealing, money laundering, and retention of proceeds of crime. Cases like this reveal a difficult reality for banks: the most dangerous attacks are often not external hackers breaking through firewalls. They are insiders who already understand the architecture of the banking systems they are exploiting.

🇨🇦 🚨 Financial Data Leak Alert 🚨 A threat actor is advertising a “Canada credit card shop”, claiming access to sensitive financial data linked to Canadian users. Allegedly exposed data may include: • Credit card numbers • Expiration dates • CVV codes • Cardholder names • Billing addresses The listing suggests aggregated data likely sourced from phishing campaigns, infostealers, or prior breaches. ⚠️ High risk of fraud, unauthorized transactions, and identity theft. — DDW #DDW #CyberSecurity #DataBreach #Fraud #DarkWeb #Infosec

🚨‼️ BREAKING: Israeli company Anodot has been compromised — multiple customers are confirmed being extorted due to integrations with AWS, Google, Azure, Cisco, Oracle, Salesforce and more. It's a major incident. The company isn't responding, they haven't disclosed anything and their status page is serving a static JPEG.

‼️ Update: During the recent Adobe breach, a supervisor was compromised through a live chat with her colleague. [9:59 PM] "I clicked on the link.", she wrote. She was presented with a fake Adobe site with fake security updates, where Mr. Raccoon performed a ClickFix attack.

A First Bank employee named Tijani Muiz Adeyinka worked on the electronic products team. His job gave him legitimate access to process reversals for customers. He used that access to credit merchant accounts with money that was not theirs. The fraudulent postings went to his wife's Zenith Bank account first. From there to 34 other accounts. Which then spread to 1,190 secondary accounts across multiple banks. By the time First Bank noticed and reported it to the Nigeria Police Force on March 25, 2024...the figure had grown from ₦12 billion to ₦40 billion. He was already on the run. Three court orders across Lagos and Jalingo were obtained to freeze accounts. Some of the money had already been converted to USDT through crypto traders. This is what insider fraud actually looks like in Nigerian banking. Not a dramatic hack. A staff member. A privileged function. No second authorization required. If your system allows any single person to trigger financial transactions without a second approval layer that is your vulnerability. Segregation of duties is not bureaucracy. It is what stands between your system and ₦40 billion walking out the door.

⚠️ Critical Claude Code Flaw Silently Bypasses Developer-Configured Security Rules Source: cybersecuritynews.com/claude-code-vu… A high-severity security bypass vulnerability in Anthropic's Claude Code AI coding agent allows malicious actors to silently evade user-configured deny rules through a simple command-padding technique, exposing hundreds of thousands of developers to credential theft and supply chain compromise. The flaw was traced to bashPermissions.ts (lines 2162–2178), stems from a performance optimization that caps per-subcommand security analysis at 50 entries. Any shell command containing more than 50 subcommands — joined by &&, ||, or ; — causes Claude Code to skip all deny-rule enforcement and fall back to a generic permission prompt. #cybersecuritynews

#CRTC security certificate expired through the weekend. Still down for 3rd day. This is the agency that Canada expects to be regulating the digital economy. How can it credibly make performance demands on service providers that it fails to uphold itself? Not even close.

‼️ I have posted about this tool before, but this is a new forum post. A threat actor advertising NFC RIPPER, an Android toolkit for conducting NFC relay attacks against payment terminals and ATMs. The tool enables PIN bypass through multiple methods and allows remote card emulation for fraudulent transactions.

‼️🇺🇸🇨🇦 United States and Canada Police Tipline Databases, dubbed "BlueLeaks 2.0," are allegedly up for sale on a popular cybercrime forum. Threat Actor: iym Category: Breach Victim: P3Global / CrimeStoppers Industry: Law Enforcement Records: 8.3 million The database allegedly originates from P3Global/CrimeStoppers and contains 93GB of confidential police data. Records include anonymous crime tips, suspect and tipster full names, addresses, social security numbers, phone numbers, email addresses, and more. Sample data reveals detailed tip narratives including offense types, suspect descriptions, vehicle information, update notes from callers, and delivered/sent statuses dating back to 2018. Price: $10,000.

🚨 New Fortinet vulnerability being exploited as an 0-day CVE-2026-35616 - FortiClient EMS pre-authentication API access bypass - CVSS 9.1 Critical After observing in-the-wild exploitation of this vulnerability earlier this week, Defused reported it to Fortinet under responsible disclosure. Fortinet has released an emergency hotfix - plus a scheduled patch - for FortiClient EMS 7.4.5 and 7.4.6. The vulnerability allows an unauthenticated attacker to bypass API authentication and authorization entirely, unauthorized code or commands via crafted requests. This discovery was made through our upcoming Radar feature launching next week 😇 Advisory: fortiguard.com/psirt/FG-IR-26… Track exploitation of this and other Fortinet vulns in real time and get updates on the new Defused Radar 👉 console.defusedcyber.com/signup Credit also to @heckintosh_ for independently discovering this vulnerability 💪