Quick thought experiment. Pull out your phone, look at your lock screen, and ask yourself who else is reading those notification previews. The answer is stranger than you think.

EFF just laid out what most people don't realize: push notifications usually route through Apple or Google servers before they hit your device, often with content visible in the clear. Then they get written to a local notification database that doesn't always get wiped when you swipe the alert away or even when you uninstall the app. 404 Media reported the FBI has pulled deleted Signal message text out of that database using standard forensic tools. Signal. The app you installed specifically because you didn't want this.

🔐 Apple and Google now require a court order for push notification data, but Apple's transparency report still shows hundreds of users handed over
📱 Lock screen previews are a free read for anyone who picks up your phone, including at a border crossing or traffic stop
🧹 Uninstalling an app does not guarantee its notification history goes with it, and we don't know what gets backed up to iCloud or Google
🛠️ Signal's notification setting "No Name or Content" is a 30-second fix that closes the easiest leak

For the security folks, this is a useful reminder that end-to-end encryption ends at the endpoint, and the endpoint includes a SQLite file most users have never heard of. For the executives, this is the reason your travel security policy for high-risk regions should say more than "use Signal." The default settings on a stock iPhone leak more than the app you chose to protect you.

https://www.eff.org/deeplinks/2026/04/how-push-notifications-can-betray-your-privacy-and-what-do-about-it
#Privacy #Cybersecurity #MobileSecurity #security #cloud #infosec

An ex-Azure engineer published six essays arguing Microsoft's cloud has been on life support since 2008, and the cause isn't bad code. It's bad people decisions. Rushed launch, post-launch talent exodus, no testing discipline, no architectural vision. Sound familiar to anyone who's worked in a place that ships first and staffs later?

Now layer 2026 on top. Microsoft cut roughly 15,000 jobs in mid-2025. Coding agents are pumping out 4x more commits in 90 days. GitHub's unofficial uptime has slipped under 90% and the proposed fix is, wait for it, moving more of GitHub onto Azure. The same Azure the engineer says is held together with rushed decisions and wishful thinking.

🧠 The phrase that stuck with me is "knowledge dilution from high attrition." When the senior people who knew why a system was built that way leave, no LLM in the world can recover that context
🤖 More AI-written code does not mean less work. It means more code to review, test, deploy, and run, which means more compute and more humans needed downstream
📉 OpenAI signing an $11.9B compute deal with CoreWeave in March 2025 was the loudest "we don't trust your capacity" signal Microsoft has ever received from its closest partner
🪑 The bet that AI lets you cut headcount keeps colliding with the reality that AI generates work for humans faster than it removes it

Every CIO I talk to is being pitched the same dream: fewer engineers, more agents, lower run rate. The Azure story is what happens when that math doesn't pencil out and the bill comes due in incidents instead of dollars.

https://www.theregister.com/2026/04/04/azure_talent_exodus/
#Azure #AI #Leadership #security #privacy #cloud #infosec #cybersecurity #software #devops

Four grand. That's what it costs a random kid with a laptop to run a voice phishing operation that used to require a call center, a phisher, and a developer. ATHR packages all of it into one dashboard, tosses in AI voice agents that can ad-lib when a victim gets suspicious, and ships with ready-made lures for Google, Microsoft, Coinbase, Binance, and a few more.

CyberCrime has a SaaS model now, complete with commission splits (10% of profits back to the vendor). The barrier to running a convincing vishing campaign just collapsed, and your awareness training still says "watch for typos in the email."

🎙️ AI agents handle objections live, so the "support rep" sounds real because they are, functionally, reasoning
📧 Lure emails are customized per target with accurate IPs, dates, locations, and pass authentication checks
🏦 Eight brands supported out of the box, crypto exchanges heavily represented for obvious reasons
🛡️ Stop looking at email indicators, start modeling normal communication patterns and flag the anomalies

If your vishing defense is a 20-minute annual training video and a phish-report button, you're bringing a knife to a drone fight. The humans on the other end of the phone aren't humans anymore, and they don't get tired, rattled, or bored on calls.

https://www.bleepingcomputer.com/news/security/new-athr-vishing-platform-uses-ai-voice-agents-for-automated-attacks/

#Cybersecurity #Vishing #AI #security #privacy #cloud #infosec #cybersecurity

🚨 I'm hiring right now. And I'm deleting a huge chunk of applications inside the first 10 seconds. Not because the candidates are bad. Because their profiles look fake.

📌 TLDR In 2026, bots, scammers, and nation-state actors are flooding every job posting. If your LinkedIn profile looks like one of theirs, you get swept into the same trash pile, no matter how qualified you are. Here's how to clear the 10-second test.

🔑 THE NON-NEGOTIABLE MINIMUMS

✅ A real photo of your actual face. Not an avatar. Not an AI portrait. Not a blank silhouette.
✅ LinkedIn identity verification — free, 5 minutes, instant signal you're human: https://www.linkedin.com/help/linkedin/answer/a1359065
✅ Your city, or at minimum your state. "United States" alone reads as a scam. Not every company is set up to hire in every state; payroll, tax, and legal nexus all matter.

🚫 INSTANT TURN-OFFS

❌ "Dear Hiring Manager" with zero customization
❌ Typos in the first sentence of your outreach
❌ Résumé claims that don't match your LinkedIn dates
❌ "Can we move this to WhatsApp?" — textbook scammer, blocked and done
❌ Bashing your last employer

The bar hasn't gotten higher. The noise floor has. Standing out in 2026 doesn't require a gimmick. It requires proving, in 10 seconds, that you're not one of the fakes.

#Hiring #JobSearch #LinkedInTips #CareerAdvice #Recruiting #Cybersecurity

I'm hiring an Analytics Engineer (GCP) to join my team at RHR International, reporting directly to me.

What you'd actually be doing: building and owning our analytics foundation in a GCP-first environment — BigQuery, Looker Studio, Python, SQL, GitHub, Docker. Real production work, version-controlled and documented, not throwaway queries.

RHR is a leadership consulting firm that's been around 80+ years. We're cloud-first, SaaS-only, no on-prem. Small IT team, which means your work matters immediately.

What I'm looking for beyond the technical skills: curiosity, self-direction, and the ability to explain what you built and why to people who don't write code. Bonus points if you've fixed something nobody asked you to fix.

Hybrid in Chicago preferred, remote considered.

Link to apply: https://www.linkedin.com/jobs/view/4399748962/

If you know someone who fits, I'd appreciate the tag or share.

#Hiring #AnalyticsEngineer #GCP #BigQuery #DataEngineering #Chicago #RHRInternational #Google

Anthropic built an AI model called Mythos that autonomously found a 17-year-old remote code execution vulnerability in FreeBSD. No human involvement after the initial prompt. It found thousands more zero-days across every major OS and browser, some hiding for decades. Anthropic says it's too dangerous to release publicly, so they gave it to AWS, Microsoft, Apple, Google, CrowdStrike, and a handful of others under a new initiative called Project Glasswing. $100M in usage credits to go fix things before similar capabilities go wide.

Impressive, but worth some skepticism. Bruce Schneier pointed out this is also a very effective PR play. A security firm called Aisle replicated many of the same findings using older, cheaper, publicly available models. The gap between "too dangerous to release" and "already achievable with what's out there" may be thinner than the headlines suggest.

🔒 Mythos autonomously discovered and exploited a FreeBSD RCE that had been present for 17 years (CVE-2026-4747)
🔗 It chains 3-5 vulnerabilities together into multi-step attack sequences
📊 Over 99% of the vulnerabilities found are still unpatched, so we're trusting Anthropic's claims on scope
💰 $25/$125 per million input/output tokens for partners, if you're on the list

Meanwhile, the advice cybersecurity experts are giving the rest of us: update your software, use MFA, get a password manager. The most advanced AI vulnerability scanner ever built, use off-line (truly air-gapped) backups, and basic hygiene is still the best defense most people have.

https://www.crn.com/news/security/2026/5-things-to-know-on-anthropic-s-claude-mythos-and-project-glasswing
#CyberSecurity #AI #ProjectGlasswing #security #privacy #cloud #infosec

😳 Someone hid a prompt injection inside invisible markdown comments in a pull request. A developer asked Copilot to review the PR. Copilot read the hidden instructions, searched the codebase for AWS keys, encoded them in base16, and smuggled them out through GitHub's own image proxy as 1x1 transparent pixels. The CSP didn't flag it because the traffic was routed through GitHub's trusted infrastructure. CVSS 9.6. No malicious code ever executed.

The attacker weaponized the AI assistant's own access permissions. Copilot could see everything the developer could see, and it can't distinguish a legitimate instruction from a hidden one buried in a PR description.

🔍 The attack, dubbed "CamoLeak," was patched by GitHub in August 2025 and publicly disclosed in October
🔑 Copilot was directed to find secrets like API keys and cloud credentials, then exfiltrate them character by character
🖼️ Data was hidden inside pre-signed image URLs, making it look like normal browser activity
⚠️ Any AI assistant with deep system access, Microsoft 365 Copilot, Google Gemini, all of them, is a potential exfiltration channel if untrusted content can reach its instruction stream

We've spent years teaching developers not to trust user input. Now we're handing AI tools full repo access and letting them ingest unvalidated text from pull requests.

https://cybersecuritynews.com/hackers-exploit-github-copilot-flaw/
#CyberSecurity #AI #GitHubCopilot #security #privacy #cloud #infosec #software

Russia's military intelligence 🇷🇺 the GRU, was caught using between 18,000 and 40,000 home and small office routers to harvest credentials. Most of these were MikroTik and TP-Link devices, spread across 120 countries. The attackers didn't use any advanced tools or unknown exploits. Instead, they exploited known, unpatched vulnerabilities on outdated hardware that people had not replaced.

This is a nation-state espionage campaign that may be operating through the router right next to your cable box.

🪤 Even with multi-factor authentication, users weren't protected. APT28 set up adversary-in-the-middle servers that waited for people to finish logging in, then intercepted the OAuth token. People followed all the recommended steps, but the attackers still managed to get in.

📡 The only warning was a browser certificate alert. Millions of people see these self-signed certificate pop-ups every day and click through them without thinking. That simple action gave Russian intelligence access to authenticated sessions.

🔁 When Britain's NCSC published an alert about part of this campaign in August, APT28 did not slow down. Instead, they increased their activity. In just four weeks, 290,000 unique IP addresses connected to their malicious DNS resolver.

This group has been hijacking routers since at least 2018. They were caught using VPNFilter to infect 500,000 devices. The DOJ caught them again in 2024. Now, in 2026, we are still dealing with the same problem.

The solution is simple, but not exciting: replace outdated routers, check your DNS settings for unfamiliar servers, and avoid clicking through certificate warnings. It is not glamorous or powered by AI; it is just basic steps that are often ignored.

APT28 is not succeeding because they are smarter. They are succeeding because we keep leaving easy ways for them to get in.

https://arstechnica.com/security/2026/04/russias-military-hacks-thousands-of-consumer-routers-to-steal-credentials/
#Cybersecurity #InfoSec #Leadership #security #privacy #cloud