So, the security researchers are at it again. Pwn2Own Berlin 2026 just wrapped, and the haul? A cool $1,298,250. For what? Exploiting 47 zero-day vulnerabilities across a smorgasbord of tech giants: think Windows, Linux, VMware, and NVIDIA. DEVCORE took the crown, snagging 50.5 Master of Pwn points and a tidy $505,000 for their efforts, which included taking down Microsoft SharePoint, Exchange, Edge, and Windows 11. STARLabs SG and Out Of Bounds followed, raking in $242,500 and $95,750 respectively.
This isn’t just a game of cat and mouse; it’s a high-stakes demonstration of how our digital fortresses are far from impenetrable. When the best ethical hackers can find such deep flaws in systems we rely on daily, it begs the question: what are the bad actors doing with their time (and potentially less ethical motivations)?
The Agentic AI Tightrope Walk
Meanwhile, across the pond, the U.K.’s National Cyber Security Centre (NCSC) is waving a red flag on agentic AI. They’ve dropped new guidance, essentially telling businesses: “Hold up, think before you unleash these autonomous AI agents into your network.” Their warning is blunt: “If an agent is over-privileged or poorly designed, a single failure can quickly become a serious incident.” This is critical. We’re not just talking about chatbots spitting out nonsense; these are tools that can act. Imagine an AI agent with broad access to systems, making decisions, and carrying out tasks. A slight misconfiguration, a clever social engineering trick aimed at the AI itself, and suddenly you’ve got a cascade of unintended consequences. It’s a valid concern, and one that underscores the immaturity of current AI security protocols in enterprise settings.
Signals Crossed: A Government’s Security Signal Flare
Over in Poland, a different kind of warning is being issued. Public officials and critical infrastructure entities are being told to ditch Signal. Why? Because advanced persistent threat (APT) groups are reportedly impersonating Signal support in social engineering attacks to seize control of user accounts. The Polish government’s solution? Switch to mSzyfr, an encrypted messenger developed locally. This move highlights a growing trend: as mainstream secure communication tools become more popular, they also become bigger targets for sophisticated adversaries looking to infiltrate government and corporate communications. It’s a tough spot – you want secure, accessible communication, but that very accessibility can be exploited.
Game Over? Or Just Beginning for Fraudsters?
The Dutch police have launched a rather novel initiative called ‘Game Over?!’. They’re plastering blurred photos of 100 suspected fraudsters on billboards, TV, and online. The deal? Surrender within two weeks before the images are unblurred. The results? Pretty impressive, actually. 74 suspects have been identified, with 34 voluntarily turning themselves in. The public’s information has been key. This isn’t about high-tech cyber warfare, but a low-tech, high-visibility approach to tackling street-level fraud. Still, it points to the pervasive nature of financial crime, with suspects ranging from 14 to 42 years old.
Espionage: The Open Secret
In a candid (and perhaps surprising) moment, U.S. President Donald Trump admitted to discussing cyber attacks and espionage with Chinese President Xi Jinping. “They’re talking about the spying. Well, we do it too,” he stated. “We spy like hell on them too.” While not delving into specifics of U.S. actions, the acknowledgment comes amid ongoing accusations of Chinese network intrusions into U.S. systems. This is a fascinating admission. It suggests a level of transparency, albeit a somewhat cynical one, about the ongoing cyber-espionage game played by global powers. It normalizes, to a degree, what is essentially a digital arms race, making it harder to pinpoint specific state-sponsored attacks when everyone is playing the same game.
The Gunra Gunfight in South Korea
South Korea is grappling with the ransomware family known as Gunra. Since its emergence in April 2025, it’s hit five companies, with the group claiming 32 victims as of March 2026. Initially built on Conti’s code, Gunra has since morphed into its own RaaS (Ransomware-as-a-Service) model. This evolution from a specific malware to a service available to other criminals is a worrying trend. It lowers the barrier to entry for aspiring ransomware operators, potentially leading to more widespread and sophisticated attacks.
Composer’s Credential Conundrum
For developers using PHP, a critical vulnerability in Composer, the dependency manager, has been patched. The issue? Composer was leaking GitHub Actions issued GITHUB_TOKENs into its logs (CVE-2026-45793, CVSS 7.5). This happened because a recent change in GitHub’s token format, including a hyphen, tripped up Composer’s validation logic. The result was the disclosure of sensitive tokens, which could grant unauthorized access. The fix is straightforward: update to Composer 2.9.8 or 2.2.28 (LTS). Until then, disabling GitHub Actions workflows that run Composer commands is a necessary workaround. This is a classic example of how seemingly small bugs in widely used tools can have significant security implications, especially when dealing with CI/CD pipelines.
Linux Rootkit: The Ghost in the Machine Persists
Intezer first flagged the Linux userland rootkit OrBit back in July 2022. Its capabilities were chilling: advanced evasion, hooking key functions for persistence, SSH remote access, credential harvesting, and TTY command logging. Now, nearly four years later, new artifacts suggest this elusive piece of malware is still active and evolving. The persistence of such sophisticated rootkits on Linux systems is a persistent headache for system administrators. They’re designed to be hard to detect, deeply embedding themselves into the operating system’s core functions. The continued presence of OrBit serves as a reminder that Linux, while often lauded for its security, is not immune to deeply embedded threats.
Is it just the usual digital noise, or are we seeing a deliberate shift? The common thread isn’t just new malware; it’s the exploitation of trust. From tokens leaking in logs to AI agents that might become liabilities, the attack surface is increasingly made up of the systems and processes we already rely on. It’s a landscape where attackers are less about brute force and more about subtle infiltration, aided by AI that simply amplifies their reach and speed.
