Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security

After Anthropic’s Mythos AI uncovers thousands of zero-day bugs, top US officials huddle with bank CEOs

The heads of America’s biggest banks met this week with Federal Reserve Chairman Jerome Powell and Treasury Secretary Scott Bessent to weigh the security implications of a new artificial intelligence system developed by Anthropic, according to reports Friday.

The gathering was convened on the sidelines of an event in Washington, with officials calling the extra session to address Anthropic’s newly unveiled Claude Mythos model, Bloomberg and the Financial Times reported.

The US Treasury Department did not immediately respond to a request for comment. The Federal Reserve had no comment.

Microsoft: Canadian employees targeted in payroll pirate attacks

A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees’ salary payments after hijacking their accounts in payroll pirate attacks.

The attackers used malicious Microsoft 365 sign-in pages to steal victims’ authentication tokens and session cookies by redirecting them to domains (e.g., bluegraintours[.]com) hosting malicious web pages (pushed to the top of search engine results through malvertising or SEO poisoning) that masqueraded as Microsoft 365 sign-in forms.

This allowed Storm-2755 to bypass multifactor authentication (MFA) in adversary‑in‑the‑middle (AiTM) attacks by replaying stolen session tokens rather than re-authenticating.

Project Zomboid identifies and bans over a dozen Steam Workshop mods containing ‘heavily obfuscated code’ that was ‘creating malicious files’

The exploit only affected Build 42 branches of Project Zomboid (the game’s current ‘unstable’ testing release), so if you’re on Build 41, you were “not vulnerable to this specific issue,” the dev said. While The Indie Stone hasn’t determined what the malicious files were actually doing, “we strongly recommend that anyone who downloaded them take appropriate security measures to ensure their system is safe. Simply uninstalling the mods is not sufficient.”

If you use mods in Project Zomboid, check them against the list below to determine if you’ve downloaded and run any of these mods, which all look to be sound or music-related.

Hackers use pixel-large SVG trick to hide credit card stealer

A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code in a pixel-sized Scalable Vector Graphics (SVG) image.

When clicking the checkout button, the victim is shown a convincing overlay that can validate card details and billing data.

The campaign was discovered by eCommerce security company Sansec, whose researchers believe that the attacker likely gained access by exploiting the PolyShell vulnerability disclosed in mid-March.

Hackers exploit critical flaw in Ninja Forms WordPress plugin

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution.

Identified as CVE-2026–0740, the issue is currently exploited in attacks. According to WordPress security company Defiant, its Wordfence firewall blocked more than 3,600 attacks over the past 24 hours.

With over 600,000 downloads, Ninja Forms is a popular WordPress form builder that lets users create forms without coding using a drag-and-drop interface. Its File Upload extension, included in the same suite, serves 90,000 customers.

New GPUBreach attack enables system takeover via GPU rowhammer

A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise.

GPUBreach was developed by a team of researchers at the University of Toronto, and full details will be presented at the upcoming IEEE Symposium on Security & Privacy on April 13 in Oakland.

The researchers demonstrated that Rowhammer-induced bit flips in GDDR6 can corrupt GPU page tables (PTEs) and grant arbitrary GPU memory read/write access to an unprivileged CUDA kernel.

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions.

Dubbed BlueHammer, the vulnerability was published by a security researcher discontent with how Microsoft’s Security Response Center (MSRC) handled the disclosure process.

Since, the security issue has no official patch and there is no update to address it, the flaw is considered a zero-day by Microsoft’s definition.

/* */