Apr 10, 2026

Email 1:

Subject: Srsly Risky Biz: American Diplomats to Fight Propaganda… on Xs

Summary: US Secretary of State Marco Rubio has directed US diplomatic posts globally to counter foreign state-backed propaganda and disinformation, despite having dismantled the State Department’s counter-propaganda office last year. Embassies are tasked with recruiting local influencers to promote American interests in an organic manner and to combat hostile messaging using tools like X’s Community Notes and AI. Rubio’s memo also involves coordination with the Department of War’s psychological operations, which typically have military objectives differing from the State Department’s diplomatic goals. The dismantling of the counter-propaganda office has left detection of disinformation largely to private companies, some of which do not actively counter such campaigns. The US government’s image worldwide is weakened by unpopular foreign policies and lack of organized counter-propaganda efforts. Reinstating the counter-propaganda office is expected eventually. Additionally, Chinese cyber espionage groups are targeting lawful intercept and surveillance systems like those of the FBI and telecommunications companies, exposing national security risks by revealing who is under surveillance.

Email 2:

Subject: Hackers stole millions from Bitcoin Depot wallets

Summary: Bitcoin Depot reported a breach in March where attackers stole $3.665 million worth of Bitcoin from its crypto wallets by stealing credentials and transferring over 50 Bitcoin before losing access. OpenAI is developing a vulnerability hunting AI model with limited access to advance defensive cybersecurity. The Iran-linked hacking group Handala breached the devices of former Israel Defense Forces chief Herzi Halevi, leaking thousands of confidential images and videos. A massive data theft from China’s National Supercomputing Center is suspected, involving over 10 petabytes of sensitive research data. Security researchers identified 179 exposed Modbus industrial control devices worldwide, presenting operational risks. Hack-for-hire attacks target journalists in Egypt and Lebanon, with links to groups suspected of ties to the Indian government. Ukrainian police uncovered a crypto scam group using malicious trading platforms to steal cryptocurrencies. European company Eurail suffered a data breach exposing personal data of over 300,000 people. Researchers discovered attack techniques bypassing AI model protections on Apple devices. The Pentagon’s national security ban on AI company Anthropic remains upheld temporarily, with ongoing legal disputes. Open source VPN project WireGuard was locked out of its Microsoft developer account, delaying software updates. An e-commerce campaign used tiny SVG images to steal credit card data from Magento stores. South Korean company Lotte Card faces penalties over a large data leak affecting nearly 3 million customers. British auction house Christie’s fined for leaking personal client information from a phishing attack. Google warns of a threat actor compromising business process outsourcing providers to access major companies.

Email 3:

Subject: New ThreatLabz 2026 VPN Risk Reports

Summary: Zscaler ThreatLabz released its 2026 VPN Risk Report highlighting that attackers use AI to exploit vulnerabilities at machine speed, while legacy VPNs limit defenders’ visibility and response capability. Survey results show 79% of respondents believe attackers move faster with AI than patches can be applied, 70% acknowledge limited visibility into AI threats over VPN, and 61% feel adversaries outpace their patching process. The report and related resources explore the challenges of securing VPNs against AI-powered attacks and recommend adopting zero trust and AI-enhanced security approaches.

Email 4:

Subject: Iranian cyber operations will likely continue during ceasefire | The CyberWire 4.9.26

Summary: Despite a shaky ceasefire between the US and Iran, Iranian cyber operations are expected to continue or increase. The IRGC-linked hacktivist group Handala has paused attacks on the US but continues targeting Israel. US intelligence reports warnings of Iranian APT groups targeting US critical infrastructure systems like PLCs and SCADA. Experts advise treating this threat with urgency, as cyberattacks allow plausible deniability below open conflict levels. CISA has ordered US government agencies to patch a critical, actively exploited Ivanti Endpoint Manager Mobile vulnerability by April 12th. Trellix reported on the stealthy Masjesu IoT botnet used for DDoS-for-hire, which targets diverse devices without affecting sensitive IP ranges like US DoD. The botnet evades detection by randomizing packet headers and payloads to mimic legitimate traffic. Upcoming events and reports focus on AI security and response strategies.

Email 5:

Subject: Can We Trust AI?s

Summary: SecurityWeek reports on recent cybersecurity news highlighting ongoing exploitation of an Adobe Reader zero-day, bypassing security guardrails in Apple’s on-device AI, and debates on trust in AI technology. Articles emphasize the critical need for visibility in cybersecurity to improve decisions and user behavior, and that AI’s rapid advancement requires architectural responses rather than incremental ones to counter nation-state threats. Other highlights include vulnerabilities in Google API keys exposing endpoints, patches for high-severity vulnerabilities in Palo Alto Networks and SonicWall products, ongoing Iran-linked hacker attacks, a $3.6 million Bitcoin Depot hack, and efforts to combat cybercrime losses nearing $21 billion in 2025. The newsletter encourages obtaining detailed briefing on AI risks and security strategies through webinars and events.

Stay Well!