Tropic Trooper, a Chinese-speaking threat actor, is using a trojanized SumatraPDF reader and GitHub to deploy the AdaptixC2 Beacon, a post-exploitation agent. Discovered by Zscaler ThreatLabz in March 2026, the campaign aims to exploit Microsoft Visual Studio Code tunnels for remote access, highlighting ongoing security risks in software supply chains.
North Korea's Lazarus group is targeting macOS users through the ClickFix malware, aiming to gain initial access and steal data from high-value organizations and leaders. The campaign highlights Lazarus's ongoing focus on Mac systems, emphasizing the threat to Mac-centric entities. The attack underscores the evolving tactics of state-sponsored cyber threats in the security landscape.
The article highlights the AI Agent Authority Gap, emphasizing that AI agents are delegated actors lacking independent authority, which poses security risks. It discusses the need for continuous observability as a decision engine to bridge this gap. The focus is on enterprise security, with the issue being how AI agents are triggered, invoked, and provisioned, rather than their novelty alone.
Cybersecurity researchers found 26 fake wallet apps on the Apple App Store since fall 2025, targeting crypto seed phrases and private keys. These malicious apps impersonate legitimate wallets and redirect users to fake browser pages, aiming to steal sensitive information. Kaspersky warns that the apps distribute trojanized versions of genuine wallets, posing a significant security threat to crypto users.
A Cardano developer warned the community after an AI deepfake call resulted in a laptop breach, highlighting rising AI-driven scams in crypto security. The incident underscores the increasing threat of sophisticated AI scams, prompting calls for heightened vigilance and stronger security measures within the crypto industry. No specific amounts or dates were provided in the report.
Microsoft has announced that IT administrators can now uninstall its AI-powered Copilot digital assistant from enterprise devices, following the broad release of the new policy setting after the April 2026 Patch Tuesday. This update provides organizations with greater control over Copilot's deployment and security, addressing concerns about AI management on corporate devices.
The U.S. Treasury sanctioned Cambodian Senator Kok An on April 24, 2026, over his alleged involvement in a large-scale crypto scam and trafficking network. The crackdown also targeted casino-linked crypto hubs in Cambodia, with Tether freezing $344 million to disrupt scam flows. This move expands U.S. efforts to dismantle Southeast Asian crypto scam operations.
