New Pixnapping Attack Steals Signal Messages and 2FA Codes from Android Devices
A new Android attack dubbed Pixnapping allows malicious apps to covertly capture sensitive data rendered on users’ screens, including Signal messages, one-time 2FA codes, emails, location history, and financial information, without requiring a single permission. The attack affects nearly all modern Android phones and leverages a combination of legitimate system APIs and a GPU hardware side channel to reconstruct displayed pixels with surprising precision. Although Pixnapping is capable of targeting a wide range of apps and web content, its ability to extract private messages from Signal, an app prized for its privacy guarantees, adds a particularly jarring dimension. The exploit works even when Signal’s Screen Security feature is enabled, which typically prevents screenshots or previews of chats.
Russia-linked hackers attack Texas electric cooperatives
Qilin, the cybercriminal gang behind the alleged ransomware attacks, has listed two Texas electric distribution cooperatives as victims on its leak site on the dark web. One of the alleged victims is San Bernard Electric Cooperative, which has approximately 3,900 miles of electrical distribution lines serving approximately 28,000 households in eight Texas counties, including Austin, Colorado, Fayette, Grimes, Harris, Lavaca, Montgomery, and Waller. The company’s annual revenue reaches $92.5 million.
FBI and French Police Shutter BreachForums Domain Again
The FBI and French investigators have seized at least one domain for a popular cybercrime forum being used as a leak site in connection with the recent Salesforce breaches. Screenshots posted to X (formerly Twitter) reveal the clearweb site for BreachForums now embossed with the logos of the FBI, Justice Department, French cybercrime police group BL2C and Paris Prosecutor’s Office division JUNALCO. “The FBI and our partners have seized domains associated with BreachForums, a major criminal marketplace used by ShinyHunters, Baphomet, and IntelBroker to traffic stolen data and facilitate extortion,” the accompanying post explained.
Introducing MAESTRO: A framework for securing generative and agentic AI
Artificial Intelligence (AI) is advancing at a pace that outstrips traditional security frameworks. Generative AI has already changed how financial institutions analyze data, create insights and engage with customers. The next frontier, agentic AI, is even more transformative. These systems can reason, plan and act autonomously, interacting with APIs, orchestrating workflows and even collaborating with other agents across payment gateways, credit systems and fraud detection platforms. While frameworks like MITRE ATLAS/ATT&CK, the OWASP LLM Top 10, the NIST AI Risk Management Framework and ISO/IEC 23894 provide valuable guidance, they were not designed to address the systemic risks and emergent behaviors unique to multi-agent AI ecosystems in highly regulated sectors like banking.
Taiwan warns Chinese cyberattacks are intensifying
China’s cyberattacks and misinformation campaigns against Taiwan are escalating, as the Red Dragon looks to degrade public trust against the government ahead of the Taiwanese 2026 local elections. This is according to the Taiwanese National Security Bureau (NSB), who recently presented a new security report in front of the country’s parliament, The Record reported. As per the NSB, whose findings were cited by the local media, government networks faced an average of 2.8 million intrusions every day this year, up 17% compared to the year prior.
