In this weekly roundup from The Cyber Express, the global cybersecurity landscape continues to show rapid and uneven change, shaped by both regulatory shifts and escalating cyber threats. Governments are tightening oversight of new technologies such as artificial intelligence, while threat actors are simultaneously refining their techniques to exploit businesses, infrastructure, and end users across multiple platforms.  This edition of cybersecurity news brings together some of the most important developments of the week, ranging from significant amendments to the European Union’s AI Act to the expansion of malware campaigns into macOS environments and the discovery of a critical vulnerability in widely used enterprise firewall software.   It also covers major sentencing in a global ransomware case and a fresh warning from the FBI about the growing scale of cyber-enabled cargo theft targeting logistics and supply chain organizations. 

The Cyber Express Weekly Roundup 

EU Updates AI Act with Simpler Rules and New AI Content Bans 

In a significant regulatory update, the European Union has agreed to revise parts of the EU AI Act. The updated framework aims to simplify compliance requirements for businesses while simultaneously introducing stricter restrictions on harmful AI-generated content. Read more.. 

ClickFix Malware Campaign Expands to macOS 

Another key development is the expansion of the ClickFix malware campaign beyond Windows systems. Security researchers at Microsoft have confirmed that the operation is now targeting macOS users using deceptive troubleshooting content. Read more... 

Critical PAN-OS Vulnerability Enables Remote Code Execution 

A critical security flaw has been identified in Palo Alto Networks’ PAN-OS firewall software. Tracked as CVE-2026-0300, the vulnerability carries a CVSS score of 9.3, indicating severe risk. The issue originates from a buffer overflow vulnerability in the User-ID Authentication Portal. Read more... 

Latvian Cybercriminal Sentenced in Global Ransomware Case 

Latvian national Deniss Zolotarjovs has been sentenced to 102 months in prison for his role in a large-scale ransomware operation. According to the U.S. Department of Justice, the group operated under multiple ransomware brands, including Conti, Royal, Akira, and Karakurt. Between 2021 and 2023, the organization carried out attacks against more than 54 companies worldwide, using data theft and encryption-based extortion tactics to pressure victims into paying ransom demands. Read more... 

FBI Warns of Rising Cyber-Enabled Cargo Theft 

The FBI has issued an alert regarding a sharp rise in cyber-enabled cargo theft. Criminal actors are using impersonation techniques to pose as legitimate logistics providers, allowing them to intercept and redirect freight shipments. The agency noted that logistics, shipping, and insurance companies have been targeted since at least 2024. Read more... 

Weekly Takeaway 

This week’s The Cyber Express weekly roundup highlights the growing convergence of regulatory change, advanced malware threats, critical infrastructure vulnerabilities, ransomware enforcement actions, and supply chain fraud. As the global cybersecurity landscape continues to evolve, organizations across all sectors remain under increasing pressure to strengthen defenses and adapt to emerging risks. 

In this week’s edition of The Cyber Express weekly roundup, we explore the latest developments in the world of cybersecurity, focusing on high-profile data breaches, growing malware campaigns, and law enforcement actions against cybercriminals.   As the digital threat landscape continues to evolve, attackers are targeting sensitive personal and organizational data, from health records to financial credentials. Meanwhile, government regulators are ramping efforts to protect minors and combat harmful content on social platforms, while cybercriminals continue to exploit vulnerabilities in both public and private sectors.  This weekly roundup highlights how various industries, from healthcare and social media to finance and government, are grappling with rising threats, making it clear that the intersection of data security, regulation, and cybercrime is more critical than ever.  

The Cyber Express Weekly Roundup 

UK Biobank Data Breach Triggers Urgent Review of Data Security Measures 

A significant data breach at the UK Biobank has raised major concerns over the security of health-related data used in scientific research. In April 2026, de-identified participant information was discovered being sold on a Chinese consumer platform, sparking widespread alarm among the research community. Read more... 

Vercel CEO Reveals Expansion of Malware Campaign Affecting Multiple Targets 

Vercel's CEO, Guillermo Rauch, confirmed that the recent breach involving Context.ai was part of a much larger malware campaign affecting multiple targets. Following a review of network logs, Vercel’s security team uncovered evidence of malware distribution that compromised several customer accounts, including access to valuable Vercel account keys. Read more... 

Ofcom Investigates Telegram and Teen Platforms 

In the UK, Ofcom has launched an investigation into Telegram and several popular teen chat platforms, such as Teen Chat and Chat Avenue, after reports surfaced of online grooming and child sexual abuse material (CSAM) on these services. Under the Online Safety Act, platforms are required to take proactive steps to prevent harmful content and protect minors from exploitation. Read more... 

Personal Data Exposed in Breach of France’s ANTS Portal 

A recent breach of France’s ANTS (Agence Nationale des Titres Sécurisés) portal has compromised personal data, including names, email addresses, and birthdates, although no documents or sensitive attachments were affected. The breach, which occurred on April 15, 2026, raises significant concerns about identity theft and phishing risks, as the exposed data could be used to target individuals. Read more... 

Bluesky Faces Coordinated DDoS Attack 

Bluesky, the rapidly expanding social media platform, suffered a major disruption on April 15, 2026, when it was targeted by a sophisticated distributed denial-of-service (DDoS) attack. The attack caused widespread outages, impacting core platform functions such as user feeds, notifications, and search capabilities. Read more... 

Indian Authorities Arrest Key SIM Card Supplier in Cyber Fraud Crackdown 

India’s Central Bureau of Investigation (CBI) has arrested a key conspirator in a major cyber fraud operation as part of Operation Chakra-V. The suspect, arrested in Guwahati, is accused of supplying fraudulent SIM cards used in various cybercrime schemes, including extortion and fake loan scams. The SIM cards were acquired using fake identities and distributed to cybercriminal networks. Read more... 

Weekly Takeaway 

This week’s roundup highlights the diverse and evolving nature of cyber threats. From the exposure of sensitive health data and sophisticated malware campaigns to DDoS attacks and SIM card fraud schemes, the cybersecurity landscape remains fraught with challenges. Regulatory bodies and companies alike continue to grapple with emerging risks, particularly in sectors like public health data, social media platforms, and digital content safety. As these incidents unfold, it’s clear that both technical vulnerabilities and human factors, such as social engineering, continue to be central targets for attackers.  With regulatory frameworks like the Online Safety Act and increased investigative efforts in places like India and France, the pressure on platforms and authorities to act quickly and decisively is higher than ever. As the cyber threat landscape becomes more interconnected, the need for enhanced security protocols, improved monitoring, and greater accountability in digital spaces remains critical. 

In this week’s weekly roundup, The Cyber Express reviews major developments across the cybersecurity domain. highlighting incidents involving crypto ecosystem attacks, state-linked fraud operations, regulatory scrutiny, and underground cybercrime activity. The broader threat landscape continues to show attackers targeting infrastructure weaknesses, social engineering pathways, and third-party dependencies rather than isolated technical flaws.  Across multiple cases, state-aligned and financially motivated actors are focusing on routers, DNS layers, and decentralized systems to intercept data and manipulate transactions. At the same time, gaps in regulation and enforcement continue to complicate platform accountability, particularly in online safety and digital content governance.  

The Cyber Express Weekly Roundup 

$15M Grinex Hack Halts Trading After Wallet Breach 

Grinex suspended trading and withdrawals following a coordinated attack that compromised its wallet infrastructure, resulting in the theft of more than $15 million in USDT. The attackers rapidly moved assets across Ethereum and Tron networks, using chain-hopping and layering techniques to obscure transaction trails and avoid detection. Read more... 

Two U.S. Nationals Sentenced in $5M North Korea IT Worker Scheme 

Two U.S. nationals, Kejia Wang and Zhenxing Wang, received prison sentences of 108 and 92 months for their roles in a North Korea-linked remote employment scheme that generated over $5 million. The operation used stolen identities, domestic “laptop farms,” and shell companies to present overseas workers as U.S.-based employees across more than 100 companies. Read more... 

Australia Social Media Ban Faces Enforcement Questions 

Australia’s under-16 social media restriction is facing renewed scrutiny after a study of 1,050 children found that over 60% of previously active users aged 12–15 continue accessing platforms such as TikTok, YouTube, and Instagram. Many accounts remained active without intervention from providers, and in some cases, users created new profiles after restrictions were applied. Read more... 

TierOne Dark Web Contest Offers $10K for Exploit Writeups 

A dark web forum known as TierOne has launched a $10,000 contest encouraging detailed technical write-ups on vulnerability exploitation techniques. Running from April 13 to May 14, 2026, and reportedly sponsored by a ransomware group, the contest focuses on topics such as remote code execution, IDOR, SSTI, firmware attacks, and EDR bypass methods.  Read more... 

Rockstar Cyberattack Confirmed Amid Extortion Threat 

Rockstar Games confirmed a cyberattack involving unauthorized access through a third-party service, though it stated that core operations and player systems were unaffected. The threat actor group ShinyHunters claimed responsibility, alleging access to internal company data and demanding payment by April 14, 2026, under threat of public release. Read more... 

Weekly Takeaway 

The Cyber Express weekly roundup reflects a threat landscape that is fragmented yet interconnected. From multimillion-dollar crypto thefts and criminal employment schemes to underground exploit markets and extortion-driven breaches, attackers are consistently blending technical exploitation with deception and supply chain targeting.   Regulatory uncertainty and weak enforcement mechanisms further amplify these risks, allowing both state-linked and financially motivated actors to operate with greater flexibility across digital environments. 

See what you missed in Daily Tech Insider from April 6–10.

The post AI Expansion, Security Crises, and Workforce Upheaval Define This Week in Tech appeared first on TechRepublic.

In this week’s weekly roundup, The Cyber Express summarizes key cybersecurity news across state-sponsored attacks, crypto ecosystem breaches, regulatory gaps, and mobile data exposure risks.   State-linked groups are focusing on internet infrastructure like routers and DNS for interception and credential theft, while crypto-related actors are exploiting weaknesses in decentralized finance systems and governance layers. Regulatory uncertainty in areas such as online content detection further complicates response efforts.  The Cyber Express weekly roundup also notes that even secure messaging systems can leave residual data on devices through OS-level features like notification storage.  

The Cyber Express Weekly Roundup 

APT28 DNS Hijacking Campaign Disrupted 

APT28, a Russian-linked threat group, has been exploiting vulnerable routers to carry out DNS hijacking and adversary-in-the-middle (AITM) attacks. These operations were primarily aimed at intercepting traffic and stealing credentials, with a particular focus on email platforms such as Microsoft Outlook. Read more... 

EU CSAM Legal Gap Raises New Concerns 

The expiration of the EU’s temporary 2021 regulatory framework on April 3, 2026, has created uncertainty around how technology companies can detect and report Child Sexual Abuse Material (CSAM). The framework previously allowed platforms to voluntarily scan private communications using techniques such as hash-matching, a method widely considered essential by investigators for identifying illegal content and tracking offenders. Read more... 

$285M Drift Protocol Hack Shakes Cybersecurity Landscape 

In a major cryptocurrency-related incident, attackers successfully stole $285 million from Drift Protocol on April 1, 2026. Drift Protocol, the largest decentralized perpetual futures exchange on Solana, reportedly lost over half of its total value within just 12 minutes of the breach. Read more... 

FBI Finds Deleted Signal Data Can Persist in iPhone Systems 

A notable finding in this weekly roundup comes from an FBI investigation related to the Prairieland ICE Detention Facility case in Texas. Investigators discovered that deleted Signal messages may still be partially recoverable from iPhones. Importantly, this is not a failure of Signal’s encryption. Instead, the issue stems from how iOS handles notification previews. Read more... 

Treasury Launches Digital Asset Cybersecurity Initiative 

The U.S. Department of the Treasury has launched a Digital Asset Cybersecurity Initiative through its Office of Cybersecurity and Critical Infrastructure Protection (OCCIP). The initiative is designed to strengthen cybersecurity defenses across the cryptocurrency ecosystem. Read more... 

Weekly Takeaway 

This weekly roundup highlights a rapidly diversifying threat landscape, ranging from state-sponsored DNS hijacking campaigns and multimillion-dollar crypto thefts to regulatory uncertainty and mobile data persistence risks.  Across all incidents, a consistent pattern emerges; attackers are blending technical exploitation with social engineering, infrastructure compromise, and long-term strategic planning.  

See what you missed in Daily Tech Insider from March 30–April 3.

The post AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech appeared first on TechRepublic.

In this week’s weekly roundup, The Cyber Express delivers a concise overview of the latest cybersecurity news, highlighting major cyberattacks, new ransomware risks, and supply chain vulnerabilities. Organizations across industries continue to face a surge in modern cyber threats, ranging from targeted breaches to large-scale exploitation campaigns that disrupt operations and expose sensitive data.  The current threat landscape reflects a growing convergence of cybercrime, geopolitical motives, and technological dependencies. As highlighted in this weekly roundup, both private enterprises and public institutions are increasingly recognizing that resilience depends not only on advanced tools but also on coordinated strategies and proactive risk management. 

The Cyber Express Weekly Roundup 

Hasbro Cyberattack Disrupts Operations Amid Rising Ransomware Concerns 

Hasbro has reported a cyberattack after detecting unauthorized network access on March 28, 2026. The company responded swiftly by initiating containment measures, isolating affected systems, and engaging external experts to assess the breach. While core operations remain functional under contingency plans, some delays are expected. Read more...

Mercor Breach Exposes Supply Chain Risks in AI Ecosystems 

A significant development in this weekly roundup involves AI startup Mercor, which confirmed a breach linked to a supply chain compromise in the LiteLLM open-source project. The attack stemmed from a malicious package update, affecting thousands of organizations relying on the software. The group known as TeamPCP has been associated with the incident, while Lapsus$ has also claimed involvement. Read more...

Lazarus Group Tied to Axios Supply Chain Attack 

Another major highlight is a widespread attack targeting the Axios JavaScript library. The operation has been attributed to North Korea’s Lazarus Group, known for conducting advanced cyber campaigns. Attackers inserted a malicious dependency into the package, enabling backdoor access across multiple operating systems through automated installations. Read more...

Personal Email Breach of FBI Director Raises Security Questions 

Hackers linked to Iran compromised the personal email account of FBI Director Kash Patel. The breach resulted in the leak of emails and personal data as part of a coordinated “hack-and-leak” campaign. Attributed to the Handala Hack Team, the attack appears designed to inflict reputational damage and psychological pressure. Read more...

CareCloud Cyberattack Impacts Health Records System 

Healthcare provider CareCloud disclosed a cyberattack involving unauthorized access to its electronic health record system. Detected on March 16, the incident lasted approximately eight hours before being contained. While investigations are ongoing, the breach raises concerns about potential exposure to sensitive patient data. Read more...

"764" Cybercrime Case Highlights Dark Web Exploitation Networks 

In a separate case, a U.S. individual pleaded guilty to charges related to child exploitation and cyberstalking linked to the extremist “764” network. The case illustrates how cybercriminal ecosystems extend beyond financial motives, involving coordinated abuse, manipulation, and exploitation facilitated by online platforms. Read more...

Weekly Takeaway

This edition of The Cyber Express weekly roundup emphasizes the growing scale and complexity of global cybersecurity news, where ransomware, supply chain compromises, and targeted attacks intersect. From corporate breaches and nation-state operations to exploitation networks, the threat landscape continues to expand in both scope and impact.  To mitigate these risks, organizations must strengthen supply chain oversight, enforce robust access controls, and prioritize rapid incident response capabilities. As highlighted throughout this weekly roundup, maintaining resilience in today’s environment requires a multi-layered approach that integrates technology, governance, and continuous monitoring to stay ahead of modern-day cyber threats. 

In this week’s weekly roundup, The Cyber Express brings together the latest developments in global cybersecurity news, from high-profile ransomware attacks to emerging risks in AI adoption and geopolitical cyber activity.   Organizations worldwide are grappling with a combination of disruptive cyberattacks, espionage campaigns, and ongoing threats to critical infrastructure, reflecting the complex and interconnected nature of today’s threat landscape. Intelligence reports continue to highlight nation-state cyber operations, while companies and governments are recognizing that operational resilience, secure technology adoption, and coordinated defense strategies are essential to managing fast-evolving risks.

The Cyber Express Weekly Roundup 

Human Behavior Remains the Weakest Link 

Cybersecurity experts stress that the most significant vulnerabilities often stem from human behavior rather than technical shortcomings. In a recent discussion covered by The Cyber Express weekly roundup, Dr. Sheeba Armoogum emphasized that modern cyberattacks increasingly exploit trust, emotion, and predictable behavior through techniques like social engineering and AI-driven impersonation. Read more... 

Energy Sector Ransomware: Lessons from 2025 

The energy sector recorded 187 successful ransomware attacks in 2025, demonstrating the real-world consequences of cybercrime on critical infrastructure. Incidents such as Halliburton’s $35 million loss and significant outages in Ukraine revealed vulnerabilities in outdated systems, IT-OT convergence, and slow patching practices. Read more... 

EU Investigates Snapchat for Child Safety 

The European Commission has launched a formal investigation into Snapchat under the Digital Services Act (DSA), examining child protection, privacy, and content moderation practices. Concerns include insufficient age verification, exposure to harmful content, and the accessibility of reporting tools, with potential fines reaching 6% of Snapchat’s global turnover if non-compliance is confirmed. Read more... 

Hackmanac CEO Warns: Cybersecurity Still Fails at the Basics 

Sofia Scozzari, CEO of Hackmanac, emphasized that cybersecurity remains too focused on technology and often overlooks business risk, human behavior, and the operational impact of breaches. She explained that attackers collaborate and exploit known vulnerabilities, while organizations continue to treat cybersecurity as an IT issue rather than a strategic business challenge. Read more... 

Port of Vigo Disrupted by Ransomware 

The Port of Vigo experienced a ransomware attack early Tuesday, shutting down cargo management systems and digital services. Physical port operations remain functional, but manual processes are slowing workflows, particularly at the Border Inspection Post. Authorities confirmed servers linked to the port’s website remain offline as part of containment efforts. Read more... 

Russian Cybercrime Leader Sentenced 

In Detroit, Illya Angelov, head of the Russian cybercriminal group “Mario Kart,” was sentenced for running a botnet operation that infected thousands of computers daily and sold backdoor access to ransomware operators. Active from 2017 to 2021, the scheme targeted 72 U.S. companies across 31 states, sending 700,000 malware-laden emails daily and compromising roughly 3,000 systems each day. Read more... 

Crunchyroll Cyberattack Highlights Outsourced Risk 

Crunchyroll confirmed a cyber incident linked to a third-party vendor, likely affecting customer service ticket data. There is no evidence of ongoing access to internal systems, though early reports suggest a threat actor may have gained access through an infected vendor device. Read more... 

Weekly Takeaway 

This week’s weekly roundup highlights the growing complexity of the global cybersecurity landscape. From critical supply chain disruptions and challenges in AI governance to ransomware attacks, escalating geopolitical cyber threats, and vulnerabilities in third-party systems, organizations face an increasingly interconnected and high-stakes risk environment. To navigate these threats effectively, companies must prioritize human-centric security practices, enforce proactive governance frameworks, and implement continuous monitoring across all systems. Only through a strategic, multi-layered approach can organizations stay ahead in today’s hostile and fast-evolving digital ecosystem.

See what you missed in Daily Tech Insider from March 23–27.

The post AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech appeared first on TechRepublic.

See what you missed in Daily Tech Insider from March 16–20.

The post AI Factories, Security Flaws, and Workforce Shifts Define This Week in Tech appeared first on TechRepublic.

In this week’s cybersecurity roundup, The Cyber Express covers key global security developments, including a major supply chain disruption affecting a global manufacturer, rising concerns over security and legal risks linked to rapid AI adoption, and the continued escalation of cyber activity driven by geopolitical tensions.

Across industries, organizations are facing a mix of disruptive attacks and long-term espionage campaigns targeting both operational systems and critical infrastructure. Intelligence reports also continue to highlight sustained nation-state activity shaping the global threat landscape.

These developments reflect a cybersecurity environment where operational resilience, secure technology adoption, and coordinated defense strategies are increasingly essential to managing interconnected and fast-evolving risks.

The Cyber Express Weekly Roundup 

Stryker Cyberattack Disrupts Supply Chain, Recovery Timeline Unclear 

A cyberattack on Stryker Corporation has disrupted manufacturing, shipping, and order processing operations, with no clear recovery timeline announced. While internal systems were impacted, customer products have not been affected. The incident has been linked to the Handala group, and authorities, including the Cybersecurity and Infrastructure Security Agency (CISA), are currently investigating the attack. Read more… 

AI Legal Risks Rise as Businesses Rush Adoption, Expert Warns 

Cybersecurity expert Lisa Fitzgerald has warned that rapid adoption of AI tools without proper governance can expose organizations to data breaches, regulatory violations, and loss of control over sensitive information. In an interview with The Cyber Express, she emphasized the importance of structured risk assessments, employee training, and clear governance frameworks to manage AI-related risks effectively. Read more… 

Bonnie Butlin Highlights Role of Collaboration in Modern Security 

Bonnie Butlin has stressed the importance of global collaboration in addressing complex cyber, physical, and geopolitical threats. She highlighted the need to break down industry silos, strengthen cross-sector cooperation, and build more inclusive leadership models to improve resilience against evolving risks. Read more… 

US Intel Warns China Is Top Cyber Threat Ahead of Other Nation-States 

A new U.S. intelligence assessment identifies China as the most persistent cyber threat actor, with ongoing operations reportedly embedded within critical infrastructure systems. The report also highlights cyber activities from Russia, North Korea, and Iran, each employing different tactics ranging from espionage and sabotage to cybercrime and disinformation campaigns. Read more… 

Middle East Cyber Warfare Intensifies Amid Rising Geopolitical Conflict 

According to Cyble Research and Intelligence Labs, cyberattacks in the Middle East are increasing in parallel with ongoing geopolitical tensions. Critical sectors such as energy, finance, and communications have been identified as primary targets in this escalating cyber conflict landscape. Read more… 

Also Read: Top 50 Women Leaders in Cybersecurity to Watch in 2026

Weekly Takeaway 

This week’s The Cyber Express weekly roundup highlights the growing complexity of the global cybersecurity environment, from supply chain disruptions and AI governance risks to escalating nation-state cyber operations and regional cyber warfare.  Organizations, governments, and individuals must remain vigilant, prioritize strong governance frameworks, and adopt proactive security measures, including timely patching and continuous monitoring, to effectively respond to the evolving threat landscape. 

This week’s The Cyber Express weekly roundup highlights major cybersecurity developments affecting organizations, governments, and individuals worldwide. Key stories include destructive cyberattacks, such as system-wide wipes and targeted breaches, as well as state-backed cyber espionage targeting technology and research sectors.   The roundup also covers proactive defense measures, including bug bounty programs, critical software patches, and industry responses to emerging malware. Together, these incidents highlight the technical prowess of cyber threats, the direct impact on operations and data security, and the urgent need for timely mitigation strategies across both public and private sectors. 

The Cyber Express Weekly Roundup 

Iran-Linked Hackers Wipe 200,000 Devices in Stryker Cyberattack 

In one of the most significant cybersecurity incidents this week, an Iran-linked hacker group known as Handala carried out a large-scale attack on Stryker Corporation. The group remotely wiped over 200,000 devices across 79 countries, bringing portions of the company’s operations to a halt. Handala has claimed responsibility, stating the attack was retaliation for a recent U.S. military strike in Iran. Read more... 

India Launches Bug Bounty to Secure Aadhaar Ecosystem 

India’s Unique Identification Authority (UIDAI) has launched a structured bug bounty program aimed at strengthening the Aadhaar ecosystem. Twenty expert ethical hackers have been enlisted to rigorously test core platforms, including the myAadhaar portal, the official website, and the Secure QR Code app. Read more... 

Finland Issues Warning on Russian and Chinese Cyber Espionage 

Finland’s Security and Intelligence Service (SUPO) has issued a warning regarding ongoing cyber espionage campaigns from Russian and Chinese state-backed actors. These campaigns are targeting technology companies, research institutions, and government networks. Read more... 

Microsoft March 2026 Patch Tuesday Addresses Critical Vulnerabilities 

Microsoft’s March 2026 Patch Tuesday update addresses 79 vulnerabilities across its ecosystem, including SQL Server, .NET, Office, SharePoint, Azure, and Windows. Notably, the update resolves two zero-day vulnerabilities and multiple remote code execution flaws. Additional updates target SharePoint, Azure MCP Tools, and Windows privilege escalation vectors. Read more... 

Cyberattack Forces Polish Hospital to Revert to Paper Operations 

The Independent Public Regional Hospital in Szczecin, Poland, experienced a cyberattack on March 7–8, 2026, which encrypted parts of its IT system and blocked access to critical digital records. Hospital officials confirmed that patient care continued without interruption, but administrative processes slowed considerably. Read more... 

ClipXDaemon: Linux Malware Hijacks Cryptocurrency Transactions 

A new Linux-based malware, ClipXDaemon, has been discovered targeting cryptocurrency users. The malware silently replaces copied wallet addresses with attacker-controlled addresses, allowing the theft of Ethereum, Bitcoin, Monero, Dogecoin, and Litecoin. ClipXDaemon operates locally without network communication, disguises itself as a kernel process, and persists by modifying the user’s ~/.profile file. Read more... 

Weekly Takeaway 

This week’s The Cyber Express weekly roundup highlights the breadth of modern cybersecurity challenges, from geopolitically motivated attacks and malware targeting cryptocurrencies to proactive measures such as India’s bug bounty program and Microsoft’s critical patches. Organizations, governments, and individuals must remain vigilant, prioritize timely patching, and adopt proactive monitoring to navigate the complex threat landscape. 

In this week’s edition of The Cyber Express weekly roundup, some interesting news and cybersecurity stories share an interesting shift in the cyber domain. Critical developments span space cybersecurity, AI vulnerabilities, mobile malware, and global regulatory enforcement, highlighting how digital threats are becoming more sophisticated and interconnected.   From government-led initiatives to strengthen national defense, to high-profile breaches impacting multinational enterprises, and the rise of AI-augmented attacks, this cybersecurity news digest provides a detailed snapshot of the challenges facing organizations, agencies, and individual users worldwide.  This weekly roundup from The Cyber Express emphasizes the urgent need for stakeholders across all sectors to stay informed, adapt strategies in real time, and anticipate new cyber threats before they escalate. 

The Cyber Express Weekly Roundup 

India Strengthens Space Cybersecurity 

India has unveiled new space cybersecurity guidelines developed jointly by the Indian Computer Emergency Response Team (CERT-In) and SatCom Industry Association India (SIA-India). Announced at the DefSat Conference & Expo 2026 in New Delhi, the framework introduces risk-based, secure-by-design practices for satellites, ground systems, and supply chains. Read more... 

Apple Devices Certified for NATO Restricted Data 

Apple Inc. has become the first consumer device maker approved to handle NATO “restricted” classified information on standard iPhone and iPad devices running iOS 26 and iPadOS 26. Certification, granted following testing by Germany’s Federal Office for Information Security, allows personnel across NATO member states to use commercial devices without specialized security software. Read more... 

OpenClaw Vulnerability Threatens Local AI Agents 

Security researchers have discovered a critical flaw in the open-source AI agent OpenClaw, allowing any malicious website visited by a developer to hijack the locally running agent. The vulnerability, present in OpenClaw’s local WebSocket gateway, permitted password brute-forcing and administrative access without plugins or user interaction. Read more... 

Cisco SD-WAN Zero-Day Exploitation Spans Three Years 

Cisco Systems’ Catalyst SD-WAN controllers were compromised via a critical zero-day flaw (CVE-2026-20127) for at least three years, according to Cisco Talos. Threat actors exploited the authentication bypass to gain administrative access and insert rogue peers, chaining the exploit with an older vulnerability (CVE-2022-20775) to escalate privileges while avoiding detection. Read more... 

U.S. Sanctions Russian Zero-Day Broker 

The U.S. Department of State sanctioned Operation Zero, a Russia-linked cyber brokerage network, targeting Russian national Sergey Sergeyevich Zelenyuk and associated entities. Authorities allege Australian national Peter Williams stole eight classified exploits from a U.S. defense contractor between 2022 and 2025, selling them for $1.3 million in cryptocurrency. Read more... 

X Appeals €120M EU Fine 

Social media platform X has filed an appeal against a €120 million penalty under the EU Digital Services Act, challenging enforcement related to its paid verification system, advertising disclosures, and public data access for researchers. X claims procedural errors and misinterpretation of obligations, framing the case as a precedent-setting test for platform accountability, user trust, and regulatory compliance. Read more... 

Weekly Takeaway 

This week’s The Cyber Express weekly roundup highlights how cybersecurity risks are advancing across sectors, from national space programs to AI agents, mobile malware, and critical infrastructure. Organizations and regulators must adapt in real time, balancing innovation with governance, monitoring, and incident preparedness. As this cybersecurity news highlights, proactive measures remain essential in a complex digital environment.