Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Sophos analysts are investigating the active abuse of QEMU, an “open-source machine emulator and virtualizer,” by threat actors seeking to hide malicious activity within virtualized environments. Attackers are drawn to QEMU and more common hypervisor-based virtualization tools like Hyper-V, VirtualBox, and VMware because malicious activity within a virtual machine (VM) is essentially invisible to endpoint security controls and leaves little forensic evidence on the host itself.

AI agents need to authenticate with numerous systems, making AI authentication a crucial security boundary that determines blast radius, revocability, and long-term governance risk.

On 7th April 2026, Anthropic published a system card for an AI model we may never be allowed to use: Claude Mythos. This preview demonstrated a significant leap in capability over Anthropic’s previous Claude Model (Opus 4.6), and their Responsible Scaling Policy (RSP) v3.1 led to them making the decision to withhold it from general availability, serving as a "defensive only" asset.

Let's address the elephant in the room, or I should say … the AI in the security operations center (SOC). If you're an SOC analyst, you've probably heard the doom and gloom predictions — AI is coming for your job! AI will replace you! Start updating your resumes now! In all honesty, that probably is not the case. AI isn't going to take your job, but it will change how you do it — and that's brilliant news.

Let’s be real. Shadow AI is already reshaping Shadow IT Security, whether organizations are ready or not. Chances are that your developers aren’t waiting for a formal RFP to start using AI. They’re already deep in the trenches, using Open WebUI to manage models or shipping entire projects through platforms like Lovable at a velocity that makes traditional AppSec look like it’s standing still.

Artificial intelligence is changing how a business handles its operations, and that too very rapidly. AI agents can easily read, analyze, and act on enterprise data in real time. This ease also brings serious risk. If not managed well, these systems can expose sensitive information, break compliance rules, or even make harmful decisions. Did you know that on average, the overall cost of a data breach reached $4.45 million in 2023?

Modern development teams move fast; security must keep pace. As organizations increasingly rely on GitLab to power CI/CD pipelines, integrating application security directly into the workflow is no longer optional — it’s essential. The Veracode GitLab Workflow Integration embeds automated security testing directly into GitLab pipelines, enabling teams to shift security left without disrupting delivery.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Well, better late than never as some comments have been that I’ve seen.

Two big things in this release, a remote-updating CertKit agent Google Trust Store CA issuer support.

Something big just happened in the cybersecurity world. And if you’re using OpenAI’s macOS apps… this affects you directly. OpenAI has rotated its macOS code-signing certificates after a supply chain attack quietly slipped into its workflow. No, your data wasn’t stolen. But yes, this is serious enough that every macOS user must update before May 8, 2026.