-
·
Stablecoins are becoming the money layer for the always-on economy.¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Apr. 28, 2026Media outlets globally have been covering the 2026 CISO Report from Cybersecurity Ventures in collaboration with Sophos, and the main message is around the chief information security officer gap: There are 35,000 CISOs employed worldwide in 2026, and there are nearly 360 million businesses in operation.
Joe Levy, CEO at Sophos, told the World Economic Forum that’s a 10,000:1 ratio and a massive challenge for global cybersecurity resilience. “Those are not good odds,” says Levy. “This is a market failure. We haven’t figured out how to address this gap. We have the potential to do that now.”
The good news, according to an article in Forbes, is that an increasing number of organizations are utilizing virtual (remote) CISOs, also referred to as vCISOs, to address the expertise deficit without incurring the costs associated with hiring a full-time executive. “The challenge with the vCISO offerings in the market today is that human bandwidth doesn’t scale infinitely,” says Raja Patel, President, Product & Marketing at Sophos.
Sophos views managed service providers (MSPs) and managed security service providers (MSSPs) as the force multiplier in security leadership. Just as managed detection and response (MDR) proved that security operations scale best through services, security leadership scales best through partners. Various industry estimates put the number of MSPs and MSSPs at tens of thousands globally.
These service providers already sit at the intersection of technology, operations, and trust. Sophos is providing MSPs and MSSPs with its CISO Advantage to extend their role into governance, compliance, and risk management, services that are desperately needed by underserved small to midsized businesses (SMBs). “There’s an opportunity for us to create the next generation of MSPs and MSSPs through this hybrid model of humans and agents working together to be able to deal this strategy leadership to hundreds of millions of businesses that would otherwise not have access to it,” says Levy.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
The post CISO Gap: SMBs Exposed; MSSPs To The Rescue appeared first on Cybercrime Magazine.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution (RCE) vulnerability has been uncovered in Hugging Face’s LeRobot, a popular open-source robotics machine learning framework. Tracked as CVE-2026-25874, the flaw carries a maximum CVSS severity score of 9.8 and allows unauthenticated attackers to execute arbitrary system commands on affected servers. With over 21,500 stars on GitHub, LeRobot’s widespread adoption […]
The post Hugging Face LeRobot Flaw Opens Door to Remote Code Execution Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Chinese authorities-linked hacker Xu Zewei, accused of playing a central role in the notorious Silk Typhoon (HAFNIUM) cyber campaign, has been extradited from Italy to the United States, marking a significant development in ongoing efforts to combat state-sponsored cyber espionage. Xu, 34, a Chinese national, appeared before a U.S. District Court in Houston following his […]
The post Silk Typhoon Hacker Extradited to U.S. from Italy appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Application security provider Checkmarx has officially confirmed a new security incident involving the exposure of its internal GitHub repository. On April 27, 2026, Udi-Yehuda Tamar, the company’s VP of Platform Engineering and Global CISO, revealed that a cybercriminal group successfully leaked Checkmarx data on the dark web. This alarming development stems from an earlier security […]
The post Checkmarx Confirms Security Incident Involving GitHub Repository Exposure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Textron debuted the RIPSAW M1 demonstrator on the floor of the Modern Day Marine conference Tuesday, hoping to catch the service’s eye as it expands its unmanned vehicle portfolio.
“It's really an early investment in what we believe the Marines will need in the future,” Sara Willett, Textron’s vice president of programs, told Defense One. “It’s not replacing something, but augmenting the capability that they have, keeping those Marines out of harm's way and really providing additional effective range of both manned and unmanned platforms, is where we see it going.”
The M1 is part of Textron’s Modular Open Systems Approach for uncrewed ground vehicles, meaning operators can plug in a wide variety of payloads depending on mission needs. The company envisions pairing it with the Advanced Reconnaissance Vehicle or the Amphibious Combat Vehicle.
“Some of the operational benefits we see it providing to the Marine Corps are enhanced situational awareness and lethality, keeping those Marines out of harm's way,” Willett said. “It can reduce risk to high-value crewed assets like the ARV, ACD by enabling better standoff operations.
The M1 can support modules like counter-unmanned systems, reconnaissance and surveillance sensors, and loitering munition launch platforms, she said.
That could include Damocles, a Textron search-and-strike drone with a small footprint, which will be loaded on the demonstrator at Modern Day Marine.
“So this is our unveiling of the pairing of that launched effect onto our M1 tech demonstrator, really to show the art of the possible to the Marine Corps by providing a kinetic capability, which gives the m1 and then, by extension, the crewed vehicles like the ARV or ACV, the organic ability to target a tank or item of interest,” Willett said.
Textron is hoping to grab the Corps’ attention with the new system, having put their own money into its development thus far.
“Once we're able to make the vehicle ready for deployment, we would certainly look to put these with a unit, you know, go through a campaign of learning, get some of that feedback, and then iterate on the vehicle to make it more of a fieldable platform outside of the technology demonstrator element of it right now.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a gateway, push the data through. Done. That assumption is wrong. It is also a major reason Zero Trust programs stall. New research my team just published puts numbers on it. The Cyber360: Defending the Digital Battlespace report, based on a survey of 500 security
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
·
CISA and NCSC warn that FIRESTARTER, a Linux-based backdoor, targets Cisco Firepower devices, evades patches, and enables persistent access even after firmware updates.¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A China-linked threat group known as Silver Fox is running a new wave of cyber campaigns using fake tax audit notifications and software update lures to deliver malware across Asia. Active since at least 2022, the group initially focused on financially motivated attacks but, since 2024, has evolved into a dual-purpose operation combining cybercrime and […]
The post Fake Tax Audits and Updates Fuel Silver Fox Malware Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face’s open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to achieve remote code execution. The vulnerability in question is CVE-2026-25874 (CVSS score: 9.3), which has been described as a case of untrusted data deserialization stemming from the use of the
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
