Cybersecurity Headlines
Cybersecurity Headlines

Agent payments, Russian phishing, LeRobot RCE flaw

7 min
Apr 29, 2026about 1 month ago
Listen to Episode
Summary

This episode covers critical cybersecurity developments including FIDO Alliance's work on AI agent payment security, Russian phishing attacks against German political operatives, an unpatched RCE vulnerability in HuggingFace's LeRobot platform, and a spike in both social media scam losses and privacy-related fines. Additional stories highlight ransomware gang retaliation, North Korean crypto attacks, and a cautionary tale of an AI coding agent accidentally deleting a production database.

Insights
  • AI agent security is becoming a critical industry focus, with major tech companies collaborating on payment validation standards while simultaneously demonstrating dangerous gaps in AI safety protocols
  • State-level privacy enforcement is accelerating dramatically, with 2025 fines exceeding the previous five years combined, signaling a shift toward coordinated multi-state regulatory action
  • Supply chain breaches through third-party analytics tools are creating cascading impacts, with Anodot's breach affecting multiple downstream customers including Vimeo and Rockstar Games
  • Nation-state actors are conducting sophisticated long-con campaigns with months-long dwell times, indicating a shift toward patience and persistence over rapid exploitation
  • Critical infrastructure and emerging technology platforms lack adequate safeguards, as demonstrated by both unpatched vulnerabilities and inadequate API confirmation mechanisms
Trends
AI agent security standardization emerging as industry priority with cross-company collaborationCoordinated multi-state privacy enforcement replacing fragmented regulatory approachSupply chain attacks targeting analytics and monitoring tools as high-value breach vectorsNation-state actors shifting to extended dwell time campaigns for cryptocurrency and defense targetsRansomware gangs engaging in retaliatory hacking and counter-intelligence operationsSocial media platforms becoming primary vector for financial scams with exponential loss growthUnpatched vulnerabilities in emerging platforms remaining unfixed for extended periodsAI coding agents creating new operational risk vectors in production environmentsTypo-squatting and calendar-based social engineering proving effective against crypto firmsThird-party integrations creating unexpected data exposure pathways for SaaS platforms
Topics
AI Agent Payment Security StandardsRussian State-Sponsored Phishing CampaignsRemote Code Execution VulnerabilitiesSocial Media Scam Loss PreventionState Privacy Enforcement CoordinationSupply Chain Breach AttributionRansomware Gang Counter-IntelligenceNorth Korean Cryptocurrency TargetingAI Safety and Production Database ProtectionThird-Party Integration Risk ManagementUnpatched Vulnerability RemediationSpear-Phishing Campaign DetectionCredential Management and API SecurityData Backup and Disaster RecoveryThreat Actor Attribution and Tracking
Companies
FIDO Alliance
Leading industry standards development for AI agent payment security with Google and MasterCard
Google
Contributing agent payments protocol to FIDO Alliance for cryptographic authorization verification
MasterCard
Providing Verifiable Intent Framework to FIDO Alliance for user authorization of AI agents
Signal
Secure messaging service targeted by Russian phishing attacks against German political operatives
HuggingFace
LeRobot open-source robotics platform contains unpatched RCE vulnerability in async interface policy server
ReSecurity
Security researchers who identified the untrusted data deserialization flaw in LeRobot
Meta
Facebook, Instagram, and WhatsApp accounted for top three spots in social media scam losses in 2025
Gartner
Reported that U.S. states issued $3.45 billion in privacy fines in 2025, exceeding previous five years combined
ZeroAPT
Ransomware tracking group whose site was hacked and defaced by CryBit after publishing group information
CryBit
Ransomware group that retaliated against ZeroAPT by hacking their site and leaking operational data
Halcyon
Security firm that reported on CryBit's retaliatory hacking of ZeroAPT
Arctic Wolf
Researchers who identified Blue Noroff's large-scale spear-phishing campaign against crypto organizations
Lazarus Group
North Korean threat actor group affiliated with Blue Noroff crypto targeting campaign
Vimeo
Video platform whose user data leaked due to breach at third-party security analytics vendor Anodot
Anodot
Security analytics company breached by Shiny Hunters, affecting downstream customers including Vimeo
Shiny Hunters
Threat group responsible for Anodot breach and subsequent attacks on Vimeo, Rockstar Games, and Medtronic
Rockstar Games
Video game developer whose data was stolen through Shiny Hunters' breach of Anodot
Medtronic
Medtech company that confirmed unauthorized system access by Shiny Hunters, likely paid ransom
PocketOS
Car rental SaaS platform whose production database was deleted by AI coding agent from Cursor
Cursor
AI coding agent tool that accidentally deleted PocketOS production database and all backups
Railway
Infrastructure provider whose API lacked confirmation mechanism for destructive data deletion operations
People
Rich Straffolino
Host and reporter delivering cybersecurity headlines for the episode
Yer Crane
Reported on X about AI agent accidentally deleting production database and backups
Quotes
"Google is contributing its agent payments protocol to cryptographically verify that a user has authorized an agent."
Rich Straffolino~2:00
"Roughly 300 signal accounts tied to political operatives were compromised by receiving faked suspicious activity notifications"
Rich Straffolino~3:30
"The flaw remains unpatched with plans to fix it in version 0. According to LeRobot team that part of the codebase needs to be almost entirely refactored, as its original implementation was more experimental."
Rich Straffolino~5:00
"Americans lost 2.1 billion U.S. dollars in social media scams in 2025, eight times higher than 2020 losses."
Rich Straffolino~6:30
"The cursor agent was attempting to resolve a conflict by deleting a storage volume on Railway using an API token that it found in a completely unrelated project."
Rich Straffolino~22:00
Full Transcript
From the CISO series, it's cybersecurity headlines. These are the cybersecurity headlines for Wednesday, April 29th, 2026. I'm Rich Straffolino. Fido Alliance working on securing AI agent payments. The industry association said it's working with Google and MasterCard and a pair of working groups to develop industry standards for validating and protecting payments made by AI agents. Google is contributing its agent payments protocol to cryptographically verify that a user has authorized an agent. MasterCard will provide its Verifiable Intent Framework, which will allow users to authorize the agents. The FIDO alliance still needs to build out use cases for using both in real-world deployments, then work with merchants and payment providers on adoption and support. Germany suspects Russia in signal phishing. A spokesperson for the German government said federal prosecutors began investigating phishing attacks against the secure messaging service since mid-February 2026. Roughly 300 signal accounts tied to political operatives were compromised by receiving faked suspicious activity notifications, according to a reporting by Der Spiegel. Clicking on these messages would link their account to an external device. While Germany suspects Russian involvement, it did not officially attribute the attacks. This mirrors a warning from the Dutch government last month. RCE flaw in open-source robotics platform. A GitHub advisory disclosed details on an untrusted data deserialization flaw in HuggingFace's robotics platform LeRobot, which could allow for remote code execution. Researchers at ReSecurity said the flaw is in the async interface policy server component that allows an unauthenticated attacker on the same network to send a malicious serialized payload to host machines. This doesn appear to be completely new with a researcher disclosing the flaw back in December 2025 The flaw remains unpatched with plans to fix it in version 0 According to LeRobot team that part of the codebase needs to be almost entirely refactored, as its original implementation was more experimental. Privacy fines and scam losses spike. It's a tale of two figures. On the one hand, the U.S. Federal Trade Commission released a report finding that Americans lost 2.1 billion U.S. dollars in social media scams in 2025, eight times higher than 2020 losses. Social media accounted for 30% of all scam losses in the year. Meta platforms unsurprisingly took the top three spots, with Facebook seeing $794 million in scam losses and Instagram and WhatsApp combining for $629 million in losses. On the other side of the coin, Gartner reports that U.S. states issued $3.45 billion in privacy-related fines in 2025, more than the last five years combined. Some of this comes from more active enforcement of the California Consumer Privacy Act, but Gartner also cited the Consortium of Privacy Regulators, formed by 10 states last year, leading to more coordinated enforcement. And now a huge thanks to our sponsor, GuardSquare. Is your mobile app truly protected? Relying on the OS isn't enough. A global study of 1,300 security and developer leaders found that 96% of teams using layer protection reported significantly fewer security incidents. Don't wait for a breach to harden your defenses. Get the protection needed for modern security risks. Learn more at guardsquare.com. Ransomware gangs, still going at it. Earlier this month, we reported on the Group 0APT, putting the ransomware group Crybit on its leak site, publishing information that partially dox the group A new report from Halcyon found that CryBit responded by hacking back ZeroAPT site defacing it and leaking ZeroAPT full operation dataset with full access logs PHP source code and system files This revealed that the initial victims published by ZeroAPT in January 2026 were completely fabricated. So far, ZeroAPT has been unable to recover its site. North Korea targets crypto firms. Researchers at Arctic Wolf found that the Lazarus Group-affiliated Blue Noroff team conducted a large-scale spearfishing campaign against over 100 cryptocurrency organizations. First observed back in January, these attacks used typo-squatted Zoom meeting links sent through manipulated Calendly invites. Going into the meetings would capture their live video camera feed and deploy a clipboard injection attack that attempted to exfiltrate crypto wallet details. This appears to have been a long con, with attackers taking up to five months to deploy after initial contact. Once the attack took place, researchers found they retained access to systems for an average of 66 days. Vimeo blames Anodot breach for incident. Vimeo confirmed reports that some of its user and customer data leaked, saying this came as a result of a breach at the security analytics company Anodot. The leaked data included technical information on accounts, video titles, and metadata, as well as emails. No video content or payment information was impacted. In response, Vimeo disabled all Anodot credentials and removed the Anodot integration with Vimeo systems. Shiny Hunters added Vimeo to its leak site earlier this week and claimed that its breach of Anodot enabled the theft of Rockstar Games data earlier this month. Medtronic confirms attack. The Medtech giant confirmed unauthorized access to its systems after the threat group Shiny Hunters, you may have heard of them just a minute ago, listed it on its leak site Medtronic did not confirm any actual data loss saying its customer networks remained separate from its IT systems Shiny hunters removed Medtronic from its leak site on April 21st indicating it may have paid a ransom. It claims it obtained over 9 million records with personal information and terabytes of corporate data. AI agent deletes production database again. The founder of the car rental SaaS platform PocketOS, Yer Crane, posted on X that an AI coding agent from Cursor deleted its production database and all volume-level backups in a single API call to Railway, the company's infrastructure provider. The action took about nine seconds. The cursor agent was attempting to resolve a conflict by deleting a storage volume on Railway using an API token that it found in a completely unrelated project. This saw multiple failures of oversight, the agent specifically didn't follow established safety protocols, and the Railway API didn't properly document that it could delete all data with no confirmation. Railway also stored its backups on the same volume as the primary data source. Pocket OS was able to restore from a full three-month-old backup. Before we finish this episode, I just wanted to say thank you to everyone who makes cybersecurity headlines part of your daily routine. If that's you, I've got something to ask. Why don't you tell a friend or a colleague to check out the show? Talk about a couple of the stories that we feature. We would really appreciate it. Thanks for helping grow the show. And if you have some thoughts about the news from today or about the show in general, be sure to reach out to us, feedback at CISOseries.com. We'd love to hear from you. Reporting for the CISO Series, I'm Rich Straffolino, reminding you to have a super sparkly day. Cybersecurity headlines are available every weekday. Head to CISOseries.com for the full stories behind the headlines. you