![Cybersecurity News | Daily Recap [11 Apr 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [11 Apr 2026]")
Daily Recap, International law enforcement identified over 20,000 cryptocurrency fraud victims, froze $12 million, traced $45 million in stolen crypto, and a related incident saw a $280 million theft tied to North Korea using fake companies and cutouts. They also highlight security concerns across multiple fronts—from LayerX warning about unmonitored AI browser extensions as an enterprise attack surface and Google’s Chrome 146 Device Bound Session Credentials to bind cookies to hardware to block session reuse by stealers like Atomic, Lumma, and Vidar; Webloc data used by law enforcement to track roughly 500 million devices; the GlassWorm campaign leveraging a Zig dropper against software supply chains, NotnullOSX Mac stealer, BlueHammer zero-day, and Iranian attacks on about 4,000 U.S. Rockwell/Allen-Bradley PLCs, with ongoing policy probes in the US and UK. #NorthKorea #GlassWorm #ZigDropper #NotnullOSX #BlueHammer #IranianAttacks #Rockwell #AllenBradley #DBSC #Webloc
Crypto Crime
- International law enforcement identified over 20,000 cryptocurrency fraud victims, froze $12 million, traced $45 million in stolen crypto, and a related incident saw a $280 million theft tied to North Korea using fake companies and cutouts – Crypto Crackdown, Drift Theft
Browser & Extensions
- LayerX warns unmonitored AI browser extensions are an enterprise attack surface that bypass DLP, hold elevated permissions, and require immediate inventorying and governance – AI Extensions
- Google ships Device Bound Session Credentials (DBSC) in Chrome 146 for Windows to bind cookies to hardware (TPM/Secure Enclave), blocking session reuse by stealers like Atomic, Lumma, and Vidar – DBSC Rollout
Surveillance & Privacy
- Citizen Lab finds law enforcement used ad-network Webloc data to track roughly 500 million devices via ad signals and shared identifiers – Webloc Tracking
Malware & Campaigns
- The GlassWorm campaign leverages a Zig dropper to infect multiple developer IDEs, targeting software supply chains and development environments – GlassWorm Campaign
- SecurityWeek roundup flags new threats including the mac stealer NotnullOSX, leaked BlueHammer zero-day, high-profile breaches and accelerated post-quantum efforts across the industry – Security Roundup
Nation-State & Industrial
- Iranian-linked actors exposed nearly 4,000 U.S. Rockwell/Allen-Bradley PLCs, extracted project files and manipulated HMI/SCADA displays, prompting emergency OT defenses and patching guidance – Iranian Attacks
Policy & Regulation
- Sen. Chuck Grassley opened an inquiry into eight tech firms for allegedly failing to provide adequate CSAM data to NCMEC after more than 17 million reports in 2025 omitted critical details and AI-training material disclosures – CSAM Inquiry
- The UK proposes criminal penalties for tech executives who fail to remove nonconsensual intimate images within two days following the Grok nudification scandal, with Ofcom promising tougher enforcement and possible fines or service blocks – UK Jail Threat