Lifeboat News: The Blog – Safeguarding Humanity

Get the latest international news and world events from around the world.

Apr 23
2026

Scientists Discover Hidden Pathway Inside Catalysts That Defies Decades of Assumptions

A new study reveals an unexpected pathway in catalytic systems, where oxygen does not remain confined to surfaces but can move through deeper regions of the material.

Apr 23
2026

Scientists Finally Crack Decades-Old Mystery of “Breathing” Lasers

A new model reveals that two very different laser pulse behaviors are fundamentally connected.

Apr 23
2026

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure secrets.

Apr 23
2026

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Apr 23
2026

Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

Harvester deploys Linux GoGra via Microsoft Graph API in South Asia, targeting India and Afghanistan since 2021, enabling covert espionage

Apr 23
2026

Toxic Combinations: When Cross-App Permissions Stack into Risk

Moltbook’s agents sat at that bridge, carrying credentials for their host platform and for the outside services their users had wired them into, in a place that neither platform owner had line of sight into. Most SaaS access reviews still examine one application at a time, which is the blind spot attackers are learning to target.

How Toxic Combinations Form

Toxic combinations are rarely the product of a single bad decision. They appear when an AI agent, an integration, or an MCP server bridges two or more applications through OAuth grants, API scopes, or tool-use chains, and each side of the bridge looks fine on its own because the bridge itself is what no one reviewed.

Apr 23
2026

Microsoft Patches Critical ASP.NET Core CVE-2026–40372 Privilege Escalation Bug

CVE-2026–40372 scores 9.1 due to cryptographic flaw in ASP.NET Core 10.0.0–10.0.6, risking SYSTEM access.

Apr 23
2026

Apple fixes bug that let the FBI recover deleted Signal messages

Apple has released out-of-band security updates for iPhone and iPad devices to fix a Notification Services flaw that could allow notifications marked for deletion to remain stored on the device.

Apr 23
2026

New Mirai campaign exploits RCE flaw in EoL D-Link routers

A new Mirai-based malware campaign is actively exploiting CVE-2025–29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet.

CVE-2025–29635 allows an attacker to execute arbitrary commands on remote devices by sending a POST request to a vulnerable endpoint, triggering remote command execution (RCE).

Akamai’s SIRT, which detected the Mirai campaign in March 2026, reports that, although the flaw was first disclosed 13 months ago by security researchers Wang Jinshuai and Zhao Jiangting, this is the first time in-the-wild active exploitation has been observed.

Apr 23
2026

Kyber ransomware gang toys with post-quantum encryption on Windows

A new Kyber ransomware operation is targeting Windows systems and VMware ESXi endpoints in recent attacks, with one variant implementing Kyber1024 post-quantum encryption.

Cybersecurity firm Rapid7 retrieved and analyzed two distinct Kyber variants in March 2026 during an incident response. Both variants were deployed on the same network, with one targeting VMware ESXi and the other focusing on Windows file servers.

“The ESXi variant is specifically built for VMware environments, with capabilities for datastore encryption, optional virtual machine termination, and defacement of management interfaces,” explains Rapid7.