The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
CISA: 13-Year-Old ActiveMQ Flaw Found by Claude AI Now Under Active Exploit
CISA added CVE-2026-34197, a high-severity Apache ActiveMQ vulnerability, to its Known Exploited Vulnerabilities catalog this week, giving federal agencies unti
CISA Flags Apache ActiveMQ Flaw CVE-2026-34197 as Actively Exploited
CISA has added CVE-2026-34197, a vulnerability in Apache ActiveMQ, to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the wi
Friday Squid Blogging: Giant Squid Filmed Eating Another Squid
Schneier's weekly squid post highlights a Japanese video capturing a giant squid consuming another squid, serving as the recurring open thread for security topi
Google Blocks 8.3B Bad Ads in 2025, Ships Android 17 Privacy Overhaul
Google says it stopped 8.3 billion ads from running in 2025 for breaching its policies, a scale that underscores how much of the ad ecosystem is adversarial rat
Kaseya-BleepingComputer webinar pitches integrated security-plus-recovery model for MSPs
BleepingComputer is hosting a sponsored webinar with Kaseya on May 14, 2026, framed around a single argument: MSPs can no longer treat prevention and recovery a
NIST Throttles CVE Enrichment as Vulnerability Submissions Surge 263%
NIST is scaling back the depth of analysis it applies to incoming CVE records, citing a 263% jump in vulnerability submissions that has overwhelmed the National
NIST's NVD Retreat Leaves Defenders Scrambling for CVE Enrichment Alternatives
NIST has scaled back its handling of the National Vulnerability Database, creating a widening enrichment gap that security teams previously relied on for CVSS s
Old Vulnerabilities Get a Second Life as AI Attack Surface Expands
Legacy weaknesses - injection flaws, broken access controls, insecure deserialization, exposed secrets - are resurfacing inside AI systems. The same classes of
Operation PowerOFF Seizes 53 DDoS-for-Hire Domains, Exposes 3M Accounts
International law enforcement coordinated under Operation PowerOFF has seized 53 domains tied to DDoS-for-hire services, commonly known as booters or stressers.
Payouts King ransomware hides payloads inside QEMU VMs to evade endpoint scans
Sophos has documented two active campaigns abusing the open-source QEMU emulator to run hidden Alpine Linux virtual machines on compromised Windows hosts, placi
Sanctioned Grinex exchange loses $13.7M, pins breach on 'Western intelligence'
Grinex, a Kyrgyzstan-based crypto exchange widely regarded as a rebrand of the seized Russian platform Garantex, halted operations after attackers drained $13.7
Three Defender Zero-Days Under Active Exploitation, Two Remain Unpatched
Three zero-day vulnerabilities in Microsoft Defender are being actively exploited in the wild, with only one of the flaws currently addressed by a patch. The re