InfoSec News 09APR2026
General
- Anthropic may be talking up the bug-finding capabilities of the new Claude Mythos model, but existing Claude 4.6 may be all that's required.
Remote Code Execution (RCE) in Apache ActiveMQ Classic, stitching together functionality from four separate components.
A starter prompt, for bug-finding with Claude, is provided in Horizon3's write-up.
These days I always use Claude to take a first pass at source code for vulnerability hunting. I prompt it lightly and set up a target on the network for it to validate findings. A lot of the time, Claude finds interesting stuff but it doesn’t quite rise to the level of a CVE I’d bother reporting. In this case, it did a great job, with nothing more than a couple of basic prompts. This was 80% Claude with 20% gift-wrapping by a human.
In hindsight, the vulnerability is obvious, but you can see why it was missed over the years. It involved multiple components developed independently over time: Jolokia, JMX, network connectors, and VM transports. Each feature in isolation does what it’s supposed to, but they were dangerous together. This is exactly where Claude shone – efficiently stitching together this path end to end with a clear head free of assumptions. Something that would have probably taken me a week manually took Claude 10 minutes.
- https://horizon3.ai/attack-research/disclosures/cve-2026-34197-activemq-rce-jolokia/
- https://www.bleepingcomputer.com/news/security/13-year-old-bug-in-activemq-lets-hackers-remotely-execute-commands/
- It's an advertising stunt, but the numbers are still quite interesting. Testing how good modern AI processors (Nvidia H200, AMD MI300X) are at cracking password hashes.
The answer: terrible! An RTX5090 consumer GPU was a lot faster. This may be due to an almost complete lack of tuning, however. - Microsoft appears to have really bungled updates to its "Windows Hardware Program". Multiple developers have been locked out of their accounts, and can't distribute updates to Windows consumers. The developers hit a lovely friendly message: "Based on the information you have provided...your organization does not currently meet the requirements to pass verification. There are no appeals available, we have closed your application."
It’s the second such incident of a high-profile and widely used open source project being shut out from its customers due to a seemingly abrupt account termination from Microsoft, with popular encryption software VeraCrypt facing a similar circumstance. Both developers said Microsoft locked them out of their accounts without first alerting them.
...
Despite going through the process to verify his driver’s license or passport with Microsoft (the third party Microsoft uses for verification said he was “verified”), Donenfeld said his access was still suspended.
...
“Microsoft never sent me any notification at all about this. I’ve looked in every inbox in every spam folder in every mail log, and zero, nothing, zilch,” Donenfeld said.
...
Donenfeld said that he was referred to Microsoft’s executive support team, which handles customer service and account requests for high-profile individuals, which confirmed his appeal had been received but that they had to wait as long as 60 days for review.
...
Windscribe, a maker of VPN and other consumer privacy tools, said in a post on X that it had also been locked out of its Partner Center account. The company said it had a verified account for over eight years in order to sign its drivers.
“We’ve been trying to resolve this for over a month, and getting nowhere. Support is non-existent,” Windscribe said in its post. “Anyone know a human with a brain that still works at Microsoft and can help?”
- https://techcrunch.com/2026/04/08/veracrypt-encryption-software-windows-microsoft-lock-boot-issues/
- https://techcrunch.com/2026/04/08/wireguard-vpn-developer-cant-ship-software-updates-after-microsoft-locks-account/
- https://sourceforge.net/p/veracrypt/discussion/general/thread/9620d7a4b3/
- OpenSourceMalware have put together a summary of some of the social-engineering based supply-chain attacks from the last couple of years.
Axios, Chalk, Debug, XZ Utils. What do all these open source projects have in common? Threat actors use social engineering to gain access to the legitimate project and pushed a new version containing malware.
Probably for many of us, "social engineering" evokes memories of Nigerian prince schemes and typo-riddled text messages. But threat actors have become experts at targeting developers with typo-free, sophisticated tactics. They've gotten harder to spot, and OSS maintainers make for easy targets: They're overworked, probably unpaid, and trying to do their best.
In this article, I'm going to cover five common techniques we're seeing, and what you can do to prevent yourself from becoming a victim...and the next headline.
- Google Mandiant have released a "Defender's Guide" for VMware vSphere, along with an hardening tool.
Building on recent BRICKSTORM research from Google Threat Intelligence Group (GTIG), this post explores the evolving threats facing virtualized environments. These operations directly target the VMware vSphere ecosystem, specifically the vCenter Server Appliance (VCSA) and ESXi hypervisors. To help organizations stay ahead of these risks, we will focus on the essential hardening strategies and mitigating controls necessary to secure these critical assets.
...
This guide provides a framework for an infrastructure-centric defense. To help automate some of this guidance and secure the control plane against threats like BRICKSTORM, Mandiant released a vCenter Hardening Script that enforces these security configurations directly at the Photon Linux layer. By implementing these recommendations, organizations can transform the virtualization layer into a hardened environment capable of detecting and blocking persistent threats.
Getting Techy
- Trail of Bits audited Meta WhatsApp's new "Private Inference" (id est - execution of a Large Language Model) feature. The feature is built on Moxie Marlinspike's Confer. The article dives into the challenges when using a Trusted Execution Environment (TEE). TEEs are built into modern CPU's, to provide a way to process instructions and data, that even the computer owner/operator cannot observe.
- Sandboxing AI Agents is hard - AWS made some mistakes. Should be enough to play Doom...
To support the growing adoption of AI agents, AWS announced global availability of Amazon Bedrock AgentCore in late 2025. AgentCore is a framework that allows organizations to build, deploy and manage AI agents. It protects one of its most useful resources, Code Interpreters, that allows AI agents to dynamically execute code by isolating it from external network access using sandbox mode. Our discovery showed that this isolation is incomplete. We outline the steps we took to identify the sandbox bypass.
Geo-Politics
- [HU] Unsurprisingly, influence campaigns are running on social media, ahead of Hungary's forthcoming election.
TikTok told Recorded Future News it had since December banned more than 300 accounts for impersonating Hungarian election candidates and elected officials. It said it had also taken action against six covert influence networks, the majority of which TikTok said spread narratives favourable to the Fidesz political party, with some of the smaller networks targeting Hungarian audiences with narratives critical of Fidesz and Orbán.
...
Hungary’s relationship with Russia has become a central issue in the campaign. Orbán has maintained closer political and economic ties with Moscow than most EU leaders, including long-term energy agreements, and has opposed some EU measures supporting Ukraine.
...
Recent reporting has pointed to continued efforts by Orbán to deepen bilateral cooperation with the Kremlin. Documents recently reported by Politico indicate Hungary and Russia agreed on a 12-point plan covering areas including energy, education and cultural ties, underscoring the strategic importance both sides place on the relationship.
...
Hungarians go to the polls on Sunday.
- [US] The Central Intelligence Agency (CIA) has decided that Cyber Intelligence is now just as important as Human Intelligence (HumInt).
The Center for Cyber Intelligence, which had resided within the CIA's Directorate of Digital Innovation since 2015, was promoted to a full-fledged mission center last October by Director John Ratcliffe as part of an internal reorganization.
...
The CIA has informed Congress of the changes and the agency is working to update its official public web site. There was no immediate public announcement of the moves last fall, possibly owing to the prolonged government shutdown.
“A director elevates an organization to a mission center, either because something is so self-evidently important, or because the director determines, ‘No, this is a huge strategic priority for us,’” a former U.S. intelligence official told Recorded Future News, noting Ratcliffe previously created a hub to boost the administration’s fight against drug trafficking and cartel networks.
...
It also aligns with Ratcliffe’s vision to unshackle the spy agency. In his confirmation hearing last year, he promised he would make the CIA less averse to risk, including in cyberspace due to the increasing significance of foreign threats.
“The deterrent effect has to be that there are consequences to our adversaries when they” digitally assault the U.S., he said.
AI
- Well, this pretty much confirms the experience of most users.
A recent surge of interest in Microsoft's Terms of Use for Copilot is a reminder that AI helpers are really just a bit of fun.
Despite the last update taking place in late 2025, the document for Copilot for Individuals recently attracted new attention from netizens. It includes this gem: "Copilot is for entertainment purposes only. It can make mistakes, and it may not work as intended. Don't rely on Copilot for important advice. Use Copilot at your own risk."
- Johann Rehberger (aka wunderwuzzi, Embrace The Red) weighs in on the announcement of Anthropic's Claude Mythos, and implications for the industry. Staying ahead of vulnerabilities is going to be challenging!
- Lawfare also weighs in on the impact of AI on offence and defence. Whether this view will stand the tests of new models, is yet to be determined.
There is undeniable evidence AI automation enhances efficiency, especially for lower capacity actors. They are able to do more with less, and faster. There is little evidence, however, that such automation makes operations more effective, especially for capable actors such as nation-states.
...
Marketing claims ... assert AI-powered attacks are more sophisticated and damaging, but there is little evidence of this in practice. There haven’t been game-changing AI-powered cyberattacks by state-sponsored actors that produced previously impossible outputs.