Chrome installs AI model on devices, Daemon Tools disk app backdoored, crypto security exodus

From the CISO series, it's cybersecurity headlines. These are the cybersecurity headlines for Thursday, May 7, 2026. I'm Sarah Lane. Google Chrome installs 4-gigabyte AI model on devices. Computer scientist and lawyer Alexander Homph reports that recent versions of Google Chrome automatically download a roughly 4 gigabyte Gemini Nano AI model to user devices without explicit consent when default AI features are enabled. He says the file installs silently and can re-download after deletion, and at Chrome's scale could generate between 6,000 and 60,000 tons of CO2 equivalent emissions, raising privacy and environmental concerns. Honf argues the behavior may violate privacy laws and calls for an opt-in prompt. Daemon Tools' Disk App Backdoored in Supply Chain Attack Kaspersky reports that Daemon Tools' Disk Imaging app was compromised in a month-long supply chain attack starting April 8th, with malicious updates signed by the developer infecting Windows users who downloaded versions 12.5.0.2421 through 12.5.0.2434. The malware collects system data and sends it to attacker servers, with thousands of machines across more than 100 countries affected. A subset of organizations received more advanced backdoors capable of executing commands and evading detection. Kaspersky says the attack was highly sophisticated and likely targeted, urging users to scan systems and monitor for suspicious activity. Crypto decentralized finance sector hit by investor Exodus The Financial Times reports that the DeFi sector is seeing a sharp investor pullback with nearly $14 billion withdrawn after two major hacks, including a $290 million exploit tied to North Korean actors that destabilized open-source protocol Aave and triggered a bailout. The attacks exposed structural risks in interconnected DeFi protocols, leaving Aave with more than $200 million in bad debt and pushing the market down to around $86 billion, near a yearly low. Iran Cyber Snoops Still LARPing as Ransomware Crooks Rapid 7 researchers report that an Iranian state-linked group, likely Muddy Water, tied to the Iranian Ministry of Intelligence and Security, masqueraded as the Chaos Ransomware Gang to conceal an espionage campaign. The attackers used Microsoft Teams phishing, social engineering, and remote tools to steal credentials, deploy dark comp backdoors, and move laterally across networks, while staging fake ransomware messages without encrypting files or seeking payment. Rapid7 says the operation was designed to obscure attribution and distract defenders, with stolen data ultimately published, suggesting intelligence gathering or pre-positioning for future attacks rather than financial motives. Huge thanks to our sponsor, Vanta. Risk and regulation ramping up, and customers expect proof of security just to do business. Vanta automation brings compliance risk and customer trust together on one AI platform So whether you prepping for a SOC 2 or running an enterprise GRC program Vanta keeps you secure and keeps your deals moving Learn more at vanta.com slash CISO. Sandboxbug lets attackers execute code on hosts. A critical vulnerability in the widely used Node.js sandboxing library VM2 lets attackers escape the sandbox and execute arbitrary code on the host system. The flaw stems from improper handling of exceptions, where WebAssembly features can bypass JavaScript-level protections and exposed host objects, enabling access to sensitive Node.js internals. A proof-of-concept exploit is available, and users are urged to upgrade to version 3.10.5 or later. New offline CISA initiative for cyber attacks. CISA launched a new initiative called CI Fortify to help critical infrastructure operators maintain operations during cyber attacks by preparing to disconnect from Internet and telecom dependencies and operate in isolation. The guidance emphasizes network segmentation, rapid recovery, and resilience as officials acknowledge that nation-state actors like China-linked Volt Typhoon may already be embedded in systems and difficult to remove. New Cisco DOS flaw requires manual reboot. Cisco has patched a high-severity denial-of-service flaw affecting its cross-work network controller and network services orchestrator products. The bug lets unauthenticated attackers remotely exhaust connection resources and crash systems leaving them unresponsive until a manual reboot is performed Cisco says there no evidence of active exploitation but urges customers to upgrade to fixed versions noting similar DOS flaws have been exploited in past attacks. Arctic Wolf thins out the pack. Arctic Wolf laid off 250 employees, or less than 10% of its workforce, as part of a restructuring to shift more investment towards AI, including its super intelligence platform and agentic SOC offerings. The cuts impacted roles across sales, product, and marketing as the company looks to operate more efficiently while competing in the crowded MDR and EDR markets. There's a broader industry trend going on of reallocating resources towards AI-driven security capabilities. Remember to join us this Friday for Super Cyber Friday. Our topic is hacking the end of compliance. We're going to be digging into the impacts of continuous monitoring on the compliance landscape. It all starts at 1 p.m. Eastern Time. Head on over to the events page at CISOseries.com to register. And we want you to share the event. If you share the registration link on LinkedIn and tag the CISO series, we will put you in a drawing to win some awesome CISO Series swag. We will see you then. If you have some thoughts on the news from today or about our show in general, be sure to reach out to us, feedback at CISOseries.com. We always want to hear from you. I am Sarah Lane reporting for the CISO Series. Stay safe, stay warm, and stay cool out there. Cybersecurity headlines are available every weekday. Head to CISOseries.com for the full stories behind the headlines.