RC RANDOM CHAOS

The Wire

Curated cybersecurity and tech news — AI-summarized, source attributed.

cybersecurityprivacy

France's ANTS document agency breached, 19M records allegedly up for sale

The Agence nationale des titres sécurisés (ANTS), the French Interior Ministry body that issues passports, national IDs, driver's licenses, and immigration pape

via BleepingComputer ·
malwarecybersecurity

GoGra Linux backdoor abuses Microsoft Graph API and Outlook for C2

Symantec has identified a Linux build of the GoGra backdoor attributed to Harvester, a state-aligned espionage group active since 2021 against telecom, governme

via BleepingComputer ·
aivulnerability

Google Patches Critical RCE in Antigravity AI Development Tool

Google has shipped a fix for a critical remote code execution vulnerability in Antigravity, its AI-powered development platform. The flaw allowed attackers to e

via Dark Reading ·
cloudidentity

Graph API code change exposes race condition in Universal Print share creation

Microsoft has attributed an ongoing Universal Print outage (UP1287359) to a recent Microsoft Graph API code change that increased Entra ID directory replication

via BleepingComputer ·
cybersecuritymalware

Harvester APT Port GoGra Backdoor to Linux, Abuses Microsoft Graph API for C2

The Harvester threat group has expanded its Linux tooling with a port of the GoGra backdoor, previously seen only on Windows, and is using it against targets in

via The Hacker News ·
privacypolicy

ICE Confirms Use of Graphite Spyware in Domestic Operations

U.S. Immigration and Customs Enforcement has acknowledged deploying Graphite, a zero-click spyware product from Israeli vendor Paragon Solutions. The agency fra

via Schneier on Security ·
cybersecuritymalware

Kyber ransomware ships dual ESXi/Windows payloads, fakes post-quantum crypto on Linux

Rapid7 analyzed two Kyber ransomware variants deployed in tandem during a March 2026 incident, with one targeting VMware ESXi and a Rust-built sibling hitting W

via BleepingComputer ·
cybersecuritymalware

Lotus Wiper Hits Venezuelan Energy Grid in Destructive Campaign

A previously uncatalogued wiper dubbed Lotus has surfaced in attacks against Venezuelan energy infrastructure, destroying data rather than encrypting it for ran

via The Hacker News ·
cybersecurityvulnerability

Microsoft patches critical ASP.NET Core flaw letting attackers forge SYSTEM-level auth

Microsoft pushed an emergency fix for CVE-2026-40372, a high-severity bug in the Microsoft.AspNetCore.DataProtection NuGet package (versions 10.0.0 through 10.0

via Ars Technica ·
cybersecurityvulnerability

Microsoft Ships Emergency Fix for Critical ASP.NET Core Auth Bypass

Microsoft has issued out-of-band patches for CVE-2026-40372, a critical privilege escalation flaw in ASP.NET Core's Data Protection cryptographic APIs. A regres

via BleepingComputer ·
vulnerabilitycybersecurity

Microsoft Ships Fix for Critical ASP.NET Core Privilege Escalation Flaw

Microsoft has released a patch for CVE-2026-40372, a critical privilege escalation vulnerability in ASP.NET Core. The flaw allows an attacker to elevate privile

via The Hacker News ·
cybersecuritymalware

Mustang Panda Deploys LOTUSLITE Variant Against Indian Banks, South Korean Policy Targets

China-linked threat actor Mustang Panda has resurfaced with a refined variant of its LOTUSLITE backdoor, aimed squarely at financial institutions in India and p

via The Hacker News ·