infosecintel – Curated Information Security Articles and Threat Intelligence News

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

April 11, 2026

Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies and is now sold by its successor Penlink after the two firmsRead More »Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

Friday Squid Blogging: Squid Overfishing in the South Pacific

April 10, 2026

Regulation is hard: The South Pacific Regional Fisheries Management Organization (SPRFMO) oversees fishing across roughly 59 million square kilometers (22 million square miles) of the South Pacific high seas, trying to impose order on a region double the size of Africa, where distant-water fleets pursue species ranging from jack mackerelRead More »Friday Squid Blogging: Squid Overfishing in the South Pacific

Top Secret Clearance Holder Charged With Leaking Classified National Defense Information

April 10, 2026

Former Army employee indicted for allegedly sharing classified national defense information to unauthorized individuals.

What Are Security Experts Saying About Claude Mythos and Project Glasswing?

April 10, 2026

Security experts share their thoughts on Claude Mythos and Project Glasswing with Security magazine.

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

April 10, 2026

Other noteworthy stories that might have slipped under the radar: Jones Day hacked, Internet Bug Bounty program paused due to AI, new Mac stealer malware. The post In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack appeared first on SecurityWeek.

Juniper Networks Patches Dozens of Junos OS Vulnerabilities

April 10, 2026

A critical-severity flaw could be exploited remotely, without authentication, to take over a vulnerable device. The post Juniper Networks Patches Dozens of Junos OS Vulnerabilities appeared first on SecurityWeek.

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

April 10, 2026

Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that’s designed to stealthily infect all integrated development environments (IDEs) on a developer’s machine. The technique has been discovered in an Open VSX extension named “specstudio.code-wakatime-activity-tracker,” which masquerades as WakaTime, a

Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday

April 10, 2026

The US government has warned that Iran-linked hackers are manipulating PLCs and SCADA systems to cause disruption. The post Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday appeared first on SecurityWeek.

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

April 10, 2026

Attackers could exploit these vulnerabilities in denial-of-service, information disclosure, and arbitrary code execution attacks. The post Orthanc DICOM Vulnerabilities Lead to Crashes, RCE appeared first on SecurityWeek.

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

April 10, 2026

While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there’s a wide-open window nobody’s guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI threat surface in your network that isn’t on anyone’s