Apr 01, 2026

Email 1:

Subject: California uses AI contracts to impose safeguards, teeing up clash with Trump

Summary:

– California Governor Gavin Newsom issued an executive order requiring AI companies seeking state contracts to meet safety, transparency, and civil rights standards.

– The order targets preventing bias, discrimination, unlawful surveillance, and abusive AI-generated content.

– Measures include watermarking AI-generated material.

– California leverages procurement to set AI guardrails, framing this as protective and pro-innovation.

– This contrasts with the Trump administration’s national framework aiming for uniform, industry-friendly AI regulation.

– California asserts independence to assess AI risk beyond federal guidance.

Additional Coverage:

– Italy fined Intesa Sanpaolo bank €31.8M for a 3,500-customer data breach due to unauthorized employee access.

– Australia’s online safety regulator probes Meta, Snap, TikTok, and YouTube for under-16 social media ban enforcement failures, risking fines up to A$49.5M.

– Match Group settled FTC lawsuit over unauthorized sharing of OkCupid user data with a facial recognition company.

– Researchers discovered a supply chain attack via compromised Axios JavaScript library versions delivering remote-access trojans.

– Healthcare IT firm CareCloud reported an eight-hour network disruption after hackers accessed their infrastructure.

– New credential-stealing malware “DeepLoad,” likely AI-assisted, evades detection and maintains persistence.

– Critical Citrix NetScaler vulnerability (CVE-2026-3055) is being actively exploited.

– India bans certain Chinese-made CCTV cameras over security certification concerns.

– FBI investigates cyberattack on Jackson County, Indiana.

– Alamo Heights Independent School District experienced a ransomware-led multi-day internet outage.

– Google rolled out improved ransomware detection and file restoration to all Drive users.

– Google Research updated estimates on quantum computing’s threat to cryptocurrency security.

– Korea forms a ransomware lifecycle response task force.

– Data brokers providing ICE with personal information remain contentious.

---

Email 2:

Subject: The 6 surfaces your pentest tool doesn’t touch

Summary:

– Automated pentesting tools typically test only 1 of the 6 necessary validation surfaces.

– Critical surfaces like detection rules, prevention controls, identity, cloud, and AI remain largely untested.

– Employing multiple automated tools only yields diminishing returns in coverage.

– A new whitepaper outlines these six surfaces and practical audit methods for real coverage.

– It debunks the narrative that automated pentesting can replace breach and simulation testing.

– The paper includes diagnostic questions for vendor evaluations.

Related Resources:

– Top 10 ATT&CK Techniques: Red Report 2026

– Introduction to Exposure Validation

– How Breach and Attack Simulation (BAS) supports layered defense

– BAS vs Automated Pentesting guide

– State of Exposure Management report

– Webinar on why automated pentesting alone is insufficient

---

Email 3:

Subject: Hackers begin exploiting critical Citrix NetScaler vulnerability

Summary:

– Active exploitation observed for a critical Citrix NetScaler vulnerability CVE-2026-3055 disclosed March 23, 2026.

– Vulnerability involves insufficient input validation when configured as a SAML Identity Provider leading to memory overread.

– Exploitation detected starting March 27.

– US CISA mandates federal agencies patch by April 2, 2026.

– This vulnerability likened to previous severe CitrixBleed vulnerabilities.

– Also, a critical SQL injection flaw in Fortinet FortiClient EMS (CVE-2026-21643) is under active exploitation.

– Lloyds Banking Group disclosed a breach from a software defect impacting around 448,000 customers, exposing others’ transaction info.

– The bank compensated affected users for emotional distress.

---

Email 4:

Subject: Venom Stealer Raises Stakes With Continuous Credential Harvestings

Summary:

– Venom Stealer malware now performs continuous credential harvesting to increase stolen data volume.

– Critical OpenAI Codex vulnerability allowed compromise of GitHub tokens.

– Google reduced quantum computing resource estimates needed to break cryptocurrency encryption.

– Fortinet FortiClient EMS flaw under active exploitation.

– Censys raised $70 million for its internet intelligence platform.

– Stolen login credentials feed ransomware and nation-state attacks.

– TeamPCP is transitioning from open-source software to AWS cloud environments.

– Vulnerabilities discovered in StrongSwan VPN and CrewAI expose devices to risk.

– Lloyds Banking Group’s security incident impacts approximately 450,000 individuals.

– Large Language Models (LLMs) are breaking organizational access controls silently.

– Upcoming SecurityWeek webcast on agentic AI systems and identity management.

– Recent notable cybersecurity incidents include Citrix NetScaler exploit, Mac malware via ClickFix, F5 BIG-IP DoS upgraded flaw, Russian APT activity, healthcare IT breach, and FBI rewards for prominent hacking cases.

Stay Well!