Agent payments, Russian phishing, LeRobot RCE flaw - LinkedIn

Today on CISO Series... Register for Friday's Super Cyber Friday, "Hacking the Death of Entry-Level Jobs" Video: "Cyber content that cuts through the noise" In today's cybersecurity news... FIDO Alliance working on securing AI agent payments The industry association said its working with Google and Mastercard on a pair of working groups to develop industry standards for validating and protecting payments made by AI agents. Google is contributing its Agent Payments Protocol to cryptographically verify that a user has authorized an agent. Mastercard will provide its Verifiable Intent framework, allowing users to authorize agents. The FIDO Alliance still needs to build out use cases for using both in real-world deployments, then work with merchants and payment providers on adoption and support.  (Wired) Germany suspects Russia in Signal phishing A spokesperson for the German government said federal prosecutors began investigating phishing attacks against the secure messaging service in mid-February 2026. Roughly 300 Signal accounts tied to political operatives were compromised by receiving faked “suspicious activity” notifications, according to reporting by Der Spiegel. Clicking on these messages would link their account to an external device. While Germany suspects Russian involvement, it did not officially attribute the attacks. This mirrors a warning from the Dutch government last month. (Security Week) RCE flaw in open-source robotics platform A GitHub advisory disclosed details on an untrusted data deserialization flaw in Hugging Face’s robotics platform LeRobot, which could allow for remote code execution. Researchers at Resecurity said the flaw in the async inference PolicyServer component allows an unauthenticated attacker on the same network to send a malicious serialized payload to host machines. This doesn’t appear to be entirely new, as a researcher disclosed the flaw in December 2025. The flaw remains unpatched, with plans to fix it in version 0.6.0. According to the LeRobot team, “that part of the codebase needs to be almost entirely refactored as its original implementation was more experimental.” (The Hacker News) Privacy fines and scam loses spike It’s a tale of two figures. On the one hand, the US Federal Trade Commission released a report finding that Americans lost $2.1 billion to social media scams in 2025, 8 times higher than losses in 2020. Social media accounted for 30% of all scam losses in the year. Meta platforms unsurprisingly took the top 3 spots, with Facebook seeing $794 million in scam losses and Instagram and WhatsApp combined seeing $629 million. On the other side of the coin, Gartner reports that US states issued $3.45 billion in privacy-related fines in 2025, more than the last five years combined. Some of this comes from more active enforcement of the California Consumer Privacy Act. But Gartner also cited the Consortium of Privacy Regulators formed by ten states last year, leading to more coordinated enforcement.  (Tom’s Guide, CyberScoop) Huge thanks to our episode sponsor, Guardsquare Recommended by LinkedIn Deepfakes and AI-Generated Attacks: A New Era of Cyber… Xaltius 1 year ago Smishing: Understanding the Growing Cyber Threat Jeevan George John 1 year ago AI-Powered Cyber Threats: The Dark Side of Artificial… Dr. Jerry A. Smith 3 years ago Ransomware gangs still going at it Earlier this month, we reported on the 0APT putting the ransomware group KryBit on its leak site, publishing information that partially doxxed the group. A new report from Halcyon found that KryBit responded by hacking back 0APTs site, defacing it and leaking 0APTs full operation data set with full access logs, PHP source code, and system files. This revealed that the initial victims published by 0APT in January 2026 were completely fabricated. So far 0APT has been unable to recover its site.  (Infosecurity Magazine) North Korea targets crypto firms Researchers at Arctic Wolf found that the Lazarus Group-affiliated BlueNoroff team, conducted a large-scale spearphishing campaign against over 100 cryptocurrency organizations. First observed back in January, these attacks used typosquatted Zoom meeting links send through manipulated Calendly invites. Going in the meetings would capture their live video camera feed and deploy a clipboard injection attack that attempted to exfiltrate crypto wallet details. This appears to have been a long con, with attacks taking up to five months to deploy after initial contact. Once the attack took place, researchers found they retained access to systems for an average of 66 days.  (Infosecurity Magazine Vimeo blames Anodot breach for incident Vimeo confirmed reports that some of its user and customer data leaked, saying this came as a result of a breach at the security analytics company Anodot. The leaked data included technical information on accounts, video titles and metadata, as well as emails. No video content or payment information was impacted. In response, Vimeo “disabled all Anodot credentials, [and] removed the Anodot integration with Vimeo systems.” ShinyHunters added Vimeo to its leak site earlier this week and claimed that its breach of Anodot enabled the theft of Rockstar Games data earlier this month.  (The Record) Medtronic confirms attack The medtech giant confirmed unauthorized access to its system after the prolific threat group ShinyHunters listed in on its leak site. Medtronic did not confirm any actual data loss, saying its customer networks remain separate from it’s IT networks. ShinyHunters removed Medtronic from its leak site on April 21st, indicating in may have paid a ransom. It claimed it obtained over 9 million records with personal information and terabytes of corporate data.  (Security Week) AI agent deletes production database… again The founder of car rental SaaS platform PocketOS, Jer Crane, posted on X that an AI coding agent from Cursor deleted its “production database and all volume-level backups in a single API call to Railway,” the companies infrastructure provider. The action tool about 9 seconds. The Cursor agent was attempting to resolve a conflict by deleting a storage volume on Railway, using an API token found in a completed unrelated project. This saw multiple failures of oversight, the agent specifically didn’t follow established safety protocols and the Railway API didn’t properly document it could delete all data with no confirmation. Railway also stored its backups on the same volume as the primary data source. PocketOS was able to restore from a full 3-month-old backup.  (Tom’s Hardware) Subscribe to Cybersecurity Headlines podcast Spotify, Apple Podcasts, YouTube, RSS link, Amazon Music, add as an Alexa Skill, or search "Cybersecurity Headlines" on your favorite podcast app.