Cybersecurity

A critical unpatched vulnerability, CVE-2026-25874 (CVSS 9.3), has been disclosed in Hugging Face's widely-used LeRobot open-source robotics platform, potentially exposing AI inference systems to remote code execution. This severe flaw stems from unsafe deserialization via the pickle format over unauthenticated gRPC channels, allowing attackers to compromise both server and client components. Despite its critical nature, a fix is not expected until version 0.6.0, leaving current deployments significantly exposed.

A new report reveals a critical oversight in defense cybersecurity, with 84% of government IT leaders acknowledging the high risk of sharing sensitive data, yet a shocking 53% still relying on manual processes for data movement. This 'Zero Trust gap' — not identity or endpoints, but the very movement of data itself — is identified as the hidden bottleneck stalling critical security programs, even as national security organizations endure 137 cyberattacks weekly.

Threat hunters are issuing urgent warnings about VECT 2.0, a cybercriminal operation that, despite being marketed as ransomware, functions as an irreversible data wiper. A critical flaw in its encryption implementation across Windows, Linux, and ESXi variants means files over 131KB are permanently destroyed, rendering any payment for decryption entirely futile. This effectively transforms what appears to be a ransom demand into a guaranteed data destruction event, with no possibility of recovery.

A critical IndexedDB vulnerability, tracked as CVE-2026-6770, has been discovered that allowed persistent user fingerprinting across sessions, even bypassing Tor Browser's 'New Identity' feature. This flaw uniquely leveraged the order of IndexedDB database names to link user activity across domains without cookies or shared storage, severely compromising privacy mechanisms in both standard and privacy-focused browsing. Mozilla has since patched the issue in Firefox 150, with Tor Project adopting the fix in Tor Browser 15.0.10, but the implications highlight a persistent challenge in browser security.

The U.S. Treasury Department has sanctioned prominent Cambodian Senator Kok An, labeling him a "scam center kingpin," along with 28 individuals and entities, as part of a "sweeping crackdown" on illicit cyberscam networks across Southeast Asia. This aggressive initiative, characterized by U.S. Attorney Jeanine Pirro as a "new theater of war" launched by the Trump administration against Chinese transnational organized crime, targets operations in Cambodia and Myanmar that have defrauded global victims of billions. The comprehensive effort includes asset freezes, criminal charges, and a warrant to shut down a major online recruitment channel on Telegram, aimed at dismantling operations linked to human trafficking and forced labor.

A newly disclosed critical vulnerability, dubbed Pack2TheRoot (CVE-2026-41651, CVSS 8.1), allows unprivileged users to effortlessly achieve root access on a wide range of Linux systems. This easily exploitable time-of-check time-of-use (TOCTOU) race condition in PackageKit's cross-distro package management layer impacts major distributions like Ubuntu, Debian, Fedora, RockyLinux, and RHEL (via Cockpit), potentially for the past 14 years. Attackers can leverage this flaw to install arbitrary RPM packages and scripts as root without authentication.

A recently discovered threat actor, tracked as UNC6692, is leveraging a sophisticated combination of email bombing and social engineering to deploy modular 'Snow' malware in targeted attacks. This campaign, observed in December 2025, involves impersonating IT support to trick victims into executing a fake mailbox repair utility, as reported by Google Threat Intelligence Group (GTIG). The sophisticated phishing leads to credential exfiltration, lateral movement, and the harvesting of sensitive data.

Microsoft has confirmed active exploitation of CVE-2026-32202, a zero-click Windows Shell spoofing flaw, for credential theft in the wild. This critical vulnerability, addressed in the latest Patch Tuesday, allows attackers to steal Net-NTLMv2 hashes via malicious LNK files, significantly increasing the risk of NTLM relay attacks. The flaw notably stems from an incomplete patch for a previously APT28-weaponized vulnerability, highlighting persistent threats from sophisticated adversaries.

A critical vulnerability within Microsoft Entra ID's 'Agent ID Administrator' role, designed for managing AI agent identities, enabled significant privilege escalation and the takeover of arbitrary service principals. Discovered by identity security platform Silverfort, the flaw allowed users assigned this role to become owners of any service principal and subsequently authenticate as that identity, granting expansive access far beyond AI-related operations. Microsoft swiftly addressed this serious issue, releasing a patch on April 9, 2026.

Malicious indirect AI prompt injection attempts surged by 32% between November 2025 and February 2026, according to new research from Google, signaling an escalating threat landscape for generative AI systems. While current attacks are largely low-sophistication and focus on data exfiltration, the increase highlights a growing trend of adversaries leveraging external data to subvert AI defenses and steal sensitive information like IP addresses and credentials.

A new and urgent wave of the GlassWorm malware campaign is actively exploiting 73 extensions within the OpenVSX ecosystem, with six already activated and delivering malicious payloads. These initially benign "sleeper" extensions are designed to turn malicious post-update, bypassing initial security checks and highlighting a sophisticated supply chain attack strategy. This latest expansion follows GlassWorm's established pattern of targeting developer tools and repositories to steal sensitive data.

Online trading platform Robinhood recently became the target of a sophisticated phishing campaign that leveraged an HTML injection flaw within its own account creation process. This critical vulnerability allowed threat actors to embed malicious phishing messages directly into legitimate, SPF/DKIM-validated Robinhood emails, making it nearly impossible for users to discern the fraud. The campaign tricked users into believing their accounts had suspicious activity, prompting them to click on phishing links.