The post Deceptive “DeepSeek-Claw” Skill Hijacks OpenClaw Agents to Steal Credentials appeared first on Daily CyberSecurity.

The post The $1.5 Million Truce: Elon Musk Settles SEC Lawsuit Over “Hidden” Twitter Stake and Acquisition Gamesmanship appeared first on Daily CyberSecurity.

SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks.

Explore how geofence warrants and AI-assisted searches challenge the Fourth Amendment. Can 18th-century privacy laws survive 21st-century digital surveillance?

The post Geofence Warrants and Artificial Intelligence – What Happens When Robots Enforce the 4th Amendment? appeared first on Security Boulevard.

The legal system persists in framing "computer crime" through the archaic lens of tangible property—theft and conversion—despite the fact that information is non-rivalrous and easily duplicated without depriving the original owner of possession. Recent federal indictments, such as the Van Dyke and SPLC matters, reveal a "doctrinally aggressive" expansion where the government claims universal ownership of information to prosecute misuse rather than disclosure. As the Supreme Court moves to narrow the Computer Fraud and Abuse Act (CFAA) and reject "right to control" theories, a widening gap emerges between prosecutorial tactics and judicial constraints, highlighting a desperate need to shift the legal focus from "ownership" to duties of confidentiality and authorized use.

The post It’s Not the Computer, Stupid. It’s the Information in It. Two Recent Indictments Stretch the Limits of “Theft” of Information. appeared first on Security Boulevard.

The post NVIDIA Patches High-Severity “Prompt Injection” Flaw in NemoClaw appeared first on Daily CyberSecurity.

The post Broken by Design: How VECT 2.0 Ransomware Becomes a Permanent Data Wiper appeared first on Daily CyberSecurity.

For decades, the "gray area" of undercover research was governed by internal policies. The SPLC indictment suggests that internal oversight is no longer a shield.

The post When Research Becomes a Crime: The New Risk Landscape for OSINT and Dark Web Intelligence appeared first on Security Boulevard.

The post AI in the Driver’s Seat: How the ‘Bissa’ Scanner Hijacked 900+ Firms in Weeks appeared first on Daily CyberSecurity.

The intersection of constitutional law and cybersecurity enforcement, specifically the Seventh Amendment right to a jury trial in regulatory data privacy cases.
Central Conflict: Whether federal agencies (like the FCC, SEC, or FTC) can administratively impose monetary penalties for data misuse without a jury, or if such actions are "Suits at common law" requiring Article III court proceedings.

The post Telco Privacy Violation? Fine! No, Telco Privacy Violation, Fine. Supreme Court to Determine if FCC Can Charge Telcos for Data Breaches appeared first on Security Boulevard.

Cisco has released security updates to fix multiple vulnerabilities in its Identity Services Engine and Webex Services, warning that successful exploitation could lead to remote code execution, root-level access, and user impersonation. The Cisco ISE vulnerabilities affect widely used enterprise authentication and collaboration systems, making patching a priority for organizations. The Cisco ISE vulnerabilities and the Webex Services flaw have not been observed in active exploitation so far. However, the company has urged customers to update affected systems immediately to reduce risk exposure.

Critical Cisco ISE Vulnerabilities Enable Remote Code Execution

The most severe issues impact Cisco Identity Services Engine (ISE) and its Passive Identity Connector (ISE-PIC). These Cisco ISE vulnerabilities stem from insufficient validation of user-supplied input, a flaw that allows attackers to send specially crafted HTTP requests to targeted systems. Among them, CVE-2026-20147 carries a CVSS score of 9.9 and allows an authenticated attacker with administrative credentials to execute arbitrary commands on the underlying operating system. According to Cisco, this could enable attackers to gain user-level access and then escalate privileges to root. Two additional vulnerabilities, CVE-2026-20180 and CVE-2026-20186, also rated 9.9, allow attackers with read-only administrative access to execute arbitrary commands. These Cisco ISE vulnerabilities highlight how even limited privileges can be leveraged for deeper system compromise. Cisco noted that exploitation in single-node deployments could disrupt services entirely, potentially leading to a denial-of-service condition where new endpoints cannot authenticate to the network.

Webex Services Flaw Risks User Impersonation

Alongside the Cisco ISE vulnerabilities, a critical issue has been identified in Cisco Webex Services. Tracked as CVE-2026-20184 with a CVSS score of 9.8, the flaw affects single sign-on integration with Control Hub. This vulnerability is caused by improper certificate validation and could allow an unauthenticated remote attacker to impersonate any user within the service. Successful exploitation could result in unauthorized access to legitimate Webex accounts, raising concerns for enterprises relying on the platform for communication and collaboration.

Affected Versions and Exposure

The Cisco ISE vulnerabilities impact multiple versions of the platform. All Cisco ISE versions 3.5 and earlier are affected by CVE-2026-20147, while versions 3.4 and earlier are vulnerable to CVE-2026-20180 and CVE-2026-20186. Cisco ISE-PIC systems are also impacted regardless of configuration. For Webex Services, the vulnerability affects deployments using SSO integration with Control Hub. Cisco emphasized that the vulnerabilities are independent of each other, meaning exploitation of one does not require another. Some versions may be affected by specific flaws while not impacted by others.

No Workarounds Available, Patching is Essential

Cisco has confirmed that there are no workarounds to mitigate these vulnerabilities. Organizations must apply the available software updates to fully address the risks. Fixed releases have been issued across supported versions. For example, patches include ISE 3.1 Patch 11, 3.2 Patch 10, 3.3 Patch 11, 3.4 Patch 6, and 3.5 Patch 3. Systems running versions earlier than 3.1 are advised to migrate to a supported release. Security teams are also advised to review system configurations and ensure that upgrade prerequisites such as hardware compatibility and memory requirements are met before deployment.

No Active Exploitation Reported But Risk Remains High

The Cisco Product Security Incident Response Team has stated that it is not aware of any public exploitation or malicious use of these vulnerabilities at the time of disclosure. The issues were reported by Jonathan Lein of TrendAI Research. Despite the lack of active attacks, the severity of the Cisco ISE vulnerabilities and the Webex flaw places them in a high-risk category. Vulnerabilities that allow remote code execution or user impersonation are often targeted quickly once technical details become public.

Security Implications for Enterprises

The Cisco ISE vulnerabilities are particularly significant because ISE plays a central role in network access control, authentication, and policy enforcement. A compromise could provide attackers with deep visibility and control over enterprise networks. Similarly, the Webex vulnerability introduces risks to identity and access management, especially in environments that rely on SSO for centralized authentication. Organizations using affected products are advised to prioritize patching, restrict administrative access where possible, and monitor systems for suspicious activity. Cisco has made detailed advisories and upgrade guidance available through its security portal, and customers are encouraged to follow official recommendations to secure their environments.

There is a certain irony in watching a statute designed to prevent clandestine eavesdropping on telephone calls become one of the most aggressively deployed tools against ordinary website functionality. The federal Wiretap Act—codified as part of the Electronic Communications Privacy Act (“ECPA”), 18 U.S.C. §§ 2510–2522—was never intended to regulate marketing pixels, session replay scripts,..

The post From Analytics to “Interception”: How Website Tracking Became a Wiretap Problem—and What Companies Should Do About It appeared first on Security Boulevard.

This article was originally published in EdTech Digest on 03/24/26 by Charlie Sander. To fight “digital ghosting,” schools need a smarter approach to device use, student safety, and digital wellbeing While physical attendance has long been the primary metric for school safety and success, a more insidious trend is emerging that data alone often misses. I ...

The post EdTech Digest | How to Fix the Digital Ghosting Epidemic appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post EdTech Digest | How to Fix the Digital Ghosting Epidemic appeared first on Security Boulevard.

The dark web is often misunderstood, but it plays an important role in both privacy technology and cybercrime activity. In this episode, Tom Eston speaks with cybersecurity researcher and educator John Hammond about what the dark web actually is and how it has evolved in recent years. The discussion covers underground marketplaces, ransomware leak sites, […]

The post The Dark Web Explained with John Hammond appeared first on Shared Security Podcast.

The post The Dark Web Explained with John Hammond appeared first on Security Boulevard.

💾

Adobe has issued emergency security updates addressing a severe Acrobat Reader flaw tracked as CVE-2026-34621, a high-impact Adobe vulnerability that has already been observed being exploited in real-world attacks.   The issue, rated with a CVSS score of 8.6 out of 10.0, affects multiple Acrobat and Reader products across Windows and macOS platforms. According to Adobe, the vulnerability could enable attackers to execute arbitrary code on targeted systems if successfully exploited. 

Acrobat Reader Flaw and CVSS Severity Assessment 

The Acrobat Reader flaw CVE-2026-34621 has been classified as a critical security defect with a CVSS base score of 8.6. The scoring notes impact potential, including confidentiality, integrity, and availability compromise. The CVSS vector associated with the flaw is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H, indicating that local access and user interaction are required for exploitation, while the scope change increases the severity.  Initially, the Adobe vulnerability was assessed with a higher score, but later revisions adjusted the attack vector from network-based (AV:N) to local (AV:L). This change reduced the overall CVSS rating from 9.6 to 8.6, as noted in Adobe’s revision history dated April 12, 2026. 

Adobe Vulnerability Impact and Affected Acrobat Products 

The Adobe vulnerability affects several widely deployed versions of Acrobat and Acrobat Reader. The impacted software includes: 

• Acrobat DC versions 26.001.21367 and earlier (fixed in 26.001.21411)  
• Acrobat Reader DC versions 26.001.21367 and earlier (fixed in 26.001.21411)  
• Acrobat 2024 versions 24.001.30356 and earlier (fixed in 24.001.30362 for Windows and 24.001.30360 for macOS)  

These versions are used across both Windows and macOS environments, increasing the exposure range of the Acrobat Reader flaw CVE-2026-34621 in enterprise and consumer settings.  Adobe classified the update under bulletin APSB26-43, published on April 11, 2026, with a priority rating of 1, indicating the highest urgency level for patch deployment. The bulletin confirms that the Adobe vulnerability can result in arbitrary code execution if exploited successfully. 

Exploitation of Acrobat Reader flaw CVE-2026-34621 in the Wild 

Adobe has confirmed that it is “aware of CVE-2026-34621 being exploited in the wild.” This statement indicates active exploitation attempts against unpatched systems, elevating the urgency of the Acrobat Reader flaw CVE-2026-34621 beyond theoretical risk.  The exploitation activity suggests that threat actors may already be leveraging the Adobe vulnerability in targeted attacks. While specific campaigns have not been fully detailed publicly, the confirmed exploitation status places the flaw in a high-risk category, particularly for organizations that have not yet applied for the latest updates. 

Prototype Pollution Behind the Adobe Vulnerability 

The root cause of the Acrobat Reader flaw CVE-2026-34621 is identified as a prototype pollution issue. Prototype pollution is a JavaScript-based vulnerability class that allows attackers to manipulate object prototypes within an application.  In this case, the Adobe vulnerability is categorized under CWE-1321 (Improperly Controlled Modification of Object Prototype Attributes). Successful exploitation could allow an attacker to manipulate internal object structures, potentially leading to arbitrary code execution within Acrobat environments.  Because prototype pollution affects how objects inherit properties, attackers may be able to inject malicious attributes into running applications, escalating the severity of the Acrobat Reader flaw CVE-2026-34621 when combined with user interaction. 

CVSS-rated fix and APSB26-43 remediation guidance 

Adobe addressed the Adobe vulnerability through security updates released under bulletin APSB26-43. Fixed versions include: 

• Acrobat DC and Acrobat Reader DC: 26.001.21411  
• Acrobat 2024: 24.001.30362 (Windows), 24.001.30360 (macOS)  

Adobe recommends immediate updating via built-in update mechanisms (Help > Check for Updates) or through managed deployment systems in enterprise environments such as AIP-GPO, SCUP/SCCM, Apple Remote Desktop, or SSH-based workflows on macOS. Full installers are also available through Adobe’s official download channels.  The CVSS scoring for the Adobe vulnerability CVE-2026-34621 was revised on April 12, 2026. The adjustment reduced the attack vector classification from network (AV:N) to local (AV:L), resulting in a revised CVSS score of 8.6.  Adobe credited researcher Haifei Li of EXPMON for reporting the issue and coordinating disclosure efforts. 

A growing surge in CSAM (Child Sexual Abuse Material) circulating online has become an urgent concern for authorities and child protection organizations across the EU. As digital platforms continue to play a central role in communication, the challenge of tackling child sexual exploitation has intensified. The main issue lies in the expiration of a temporary EU legal framework that allowed online service providers to scan private communications for CSAM voluntarily. This legislation, originally introduced as a derogation under ePrivacy rules in 2021, officially lapsed on April 3, 2026. With lawmakers failing to agree on an extension, technology companies now face an uncertain legal environment that could undermine years of progress in combating child sexual exploitation online.

Expiry of EU Law Leaves CSAM Detection in Limbo 

The now-expired framework had enabled major technology firms to proactively identify and report Child Sexual Abuse Material using tools such as hash-matching technology. This method relies on digital fingerprints to detect known abusive content with high accuracy, while still maintaining user privacy.  Law enforcement agencies have consistently described such detection systems as “vital” in identifying perpetrators and rescuing victims. Without a clear legal basis, however, companies risk operating in a grey area where continuing these practices may expose them to legal challenges.  Despite this uncertainty, several major firms, including Google, Meta, Microsoft, and Snap, have stated they will continue voluntary efforts to detect CSAM. In a joint statement, they emphasized the urgency for EU institutions to establish a stable regulatory framework, noting that child safety cannot be compromised due to political delays. 

Sharp Decline in CSAM Reports Expected 

Authorities warn that the absence of legal clarity could lead to a dramatic drop in reports related to child sexual exploitation. Data from previous years highlights the scale of the issue. In 2025 alone, Europol processed approximately 1.1 million CyberTips received from the U.S.-based National Center for Missing & Exploited Children (NCMEC). These reports included files, videos, and images linked to Child Sexual Abuse Material, and were relevant to investigations across 24 European countries.  Officials have warned that this scenario is not hypothetical. A similar lapse in legal provisions in 2021 led to a noticeable decline in reporting, demonstrating how dependent investigations are on cooperation from digital platforms. 

Widespread Criticism of EU Inaction 

The failure of EU lawmakers to renew the legislation has sparked strong reactions from policymakers, advocacy groups, and industry leaders alike. European Home Affairs Commissioner Magnus Brunner described the situation as “hard to understand,” while child protection organizations labeled it an “abject political failure.”  A coalition of 247 organizations dedicated to children’s rights issued a joint statement condemning the lapse. They argued that the inability to maintain detection mechanisms creates a “deeply alarming and irresponsible gap” in efforts to combat Child Sexual Abuse Material. According to the coalition, detection at scale is foundational in addressing child sexual exploitation. It enables companies to remove harmful content, report cases to authorities, and prevent the redistribution of abusive material. Without it, millions of illegal files could continue circulating unchecked, prolonging the suffering of victims.

Real-World Consequences for Victims 

Behind every instance of CSAM is a real child subjected to abuse. The continued circulation of such material forces victims to relive their trauma repeatedly. Advocacy groups stress that failing to detect and remove this content effectively denies children their fundamental rights, including privacy and protection.  The absence of robust detection tools also means that many victims may remain unidentified and trapped in abusive environments. Law enforcement agencies rely heavily on digital evidence to locate and rescue affected individuals. Any disruption in this process directly impacts their ability to intervene. 

Commitment Amid Uncertainty 

Despite the legal ambiguity, technology companies have reaffirmed their commitment to tackling Child Sexual Abuse Material. They argue that voluntary detection practices have been in place for nearly two decades and remain a cornerstone of online safety.  These companies maintain that tools like hash-matching are essential for identifying known CSAM and preventing its spread. They also emphasize that such systems are designed to balance safety with privacy, countering concerns about overreach.  However, industry leaders have made it clear that a long-term solution must come from policymakers. Without a consistent legal framework in the EU, even well-intentioned efforts at risk are becoming unsustainable. 

California’s privacy regime has evolved. As of January 1, 2026, the CCPA/CPRA now mandates risk assessments, automated decision-making (AI) oversight, and independent cybersecurity audits.

The post California Gets Serious About Regulation (Again) appeared first on Security Boulevard.

The EU's Cyber Resilience Act (Regulation 2024/2847) shifts cybersecurity responsibility upstream. Explore the March 2026 guidance on secure-by-design requirements, software bills of materials (SBOM), and the impact on U.S. manufacturers.

The post The EU CRA – Treating Cybersecurity as Product Liability appeared first on Security Boulevard.

OX Security reveals a new phishing campaign targeting GitHub developers. Scammers use fake OpenClaw token giveaways to trick users into connecting and draining their crypto wallets

In 2026, AI agents are being widely used. OpenClaw has become a high-frequency efficiency improvement tool for enterprises and developers with its autonomous decision-making and local execution capabilities. However, several authoritative security agencies have recently issued warnings: OpenClaw is facing multi-dimensional security threats from supply chain poisoning to remote control. When internal employees privately deploy […]

The post NSFOCUS Threat Intelligence: Building an OpenClaw Defense System with Multiple-Layer Protection appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Threat Intelligence: Building an OpenClaw Defense System with Multiple-Layer Protection appeared first on Security Boulevard.