The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
Microsoft Entra passkeys land on Windows, closing a gap on unmanaged devices
Microsoft is rolling out Entra passkey support on Windows starting late April, with general availability targeted for mid-June 2026. The feature lets users crea
Pack2TheRoot: 12-year-old PackageKit flaw hands local users root on most Linux distros
A high-severity vulnerability in PackageKit, the daemon that brokers software install and update requests across most Linux distributions, lets unprivileged loc
Project Glasswing: AI Finds the Bugs, But Humans Still Bottleneck the Fix
Project Glasswing demonstrated that AI systems can surface software vulnerabilities at a pace and scale human auditors cannot match. The finding pipeline is no
Rituals breach exposes member data from 41M-strong loyalty database
Dutch cosmetics retailer Rituals confirmed that an attacker exfiltrated personal records from its My Rituals loyalty program database earlier this month. Expose
The AI Agent Authority Gap: Why Continuous Observability Must Drive Runtime Decisions
Enterprise AI agents are being granted production-level permissions—executing trades, modifying records, calling internal APIs—without the runtime controls that
ThreatsDay Roundup: $290M DeFi Heist, macOS LotL Abuse, ProxySmart SIM Farms
The latest ThreatsDay bulletin spans a wide threat surface in a single news cycle. A $290M DeFi exploit dominates the financial-crime beat, underscoring that on
Trigona ransomware deploys custom exfiltration tool to dodge detection
Trigona ransomware operators have shifted from off-the-shelf utilities like Rclone and MegaSync to a bespoke command-line tool called uploader_client.exe, accor
Tropic Trooper Weaponizes SumatraPDF and GitHub to Drop AdaptixC2
The Tropic Trooper APT group is abusing a trojanized build of the open-source SumatraPDF reader as a delivery vehicle for AdaptixC2, a newer command-and-control
UNC6692 Weaponizes Teams Helpdesk Impersonation to Drop SNOW Malware
A threat cluster tracked as UNC6692 is abusing Microsoft Teams as the initial access channel, posing as internal IT support staff to coax targets into executing
Vast unveils custom flight suits and Swiss watch for Haven-1 private station crews
Vast, the company racing to deploy the first commercial space station, has introduced a purpose-built two-piece astronaut flight suit and certified a custom Swi
Webinar pitch: defenders need AI-speed response to automated exploit chains
The Hacker News is promoting a vendor webinar framed around a now-familiar asymmetry: attackers are stitching together reconnaissance, vulnerability triage, and
Apple patches iOS flaw that preserved deleted Signal notifications for forensic recovery
A bug in iOS retained notification data even after users deleted the underlying messages, giving anyone with physical device access — including forensic tools u