cybr.cx — Daily Digest | April 10, 2026 - Part 2

Headline News

CPUID Site Hijacked to Distribute Malware via Trojanised HWMonitor Downloads

The official website for CPUID — the widely-used CPU diagnostics and hardware monitoring tool — was compromised and briefly served malware-laced installers in place of legitimate HWMonitor downloads. Anyone who downloaded HWMonitor from the official site during the compromise window may have executed attacker-controlled code with user-level or elevated privileges, depending on install behaviour. This is a classic supply-chain-adjacent attack: users doing exactly the right thing — going to the official vendor site — still got burned. Security teams should audit endpoint logs for unexpected CPUID installer executions and treat any recently downloaded HWMonitor binary as suspect until confirmed clean. The incident is a timely reminder that hash verification of downloaded installers isn't paranoia — it's hygiene.

Prompt Injection Bypassed Apple Intelligence On-Device Protections

Researchers have published a detailed breakdown of a now-patched prompt injection vulnerability that allowed attackers to circumvent Apple Intelligence's safety guardrails and force the on-device LLM to execute attacker-directed actions. The attack worked by embedding adversarial instructions in content processed by the model — emails, documents, or web pages — that the model interpreted as legitimate commands rather than user data. Apple has corrected the issue, but the mechanics matter beyond this single patch: on-device LLMs ingesting untrusted content represent a persistent attack surface that will require ongoing defensive architecture, not one-time fixes. For practitioners, this underscores that AI integration into OS-level features doesn't inherit the OS's security model — it introduces a new one that needs independent threat modelling. Expect similar disclosures across other vendor AI assistants as researchers continue probing these interfaces.

Eurail Breach Exposes Passport Data of 308,000 Travellers

Eurail has confirmed that a breach occurring in December 2025 exposed the personal data of 308,777 customers, including names and passport numbers. The delayed notification — now arriving roughly four months after the intrusion — means affected travellers have had limited opportunity to monitor for downstream fraud or document misuse. Passport numbers are particularly sensitive: unlike a compromised password, you can't rotate a passport cheaply or quickly, and the data has durable value for identity fraud, synthetic identity creation, and potentially border-crossing schemes. Organisations handling travel documents should treat them with the same sensitivity as financial data and implement appropriate segmentation and access controls. Affected users should contact their national passport authority to flag potential misuse and monitor credit and identity services closely.

Schrödinger's Feed

Can Bitcoin Quantum-Proof Itself Without Changing Its Own Rules?

A researcher at StarkWare has proposed a method for "quantum-proofing" Bitcoin without modifying the network's core protocol — a non-trivial constraint given how resistant the Bitcoin community is to fundamental changes. The approach introduces a layer that could shield existing addresses from the cryptographic threat posed by sufficiently capable quantum computers, which could theoretically break the elliptic curve signatures underpinning Bitcoin wallet security. The proposal is still academic, but it's notable that serious cryptographic attention is now being directed at retrofit strategies rather than assuming a clean-slate protocol upgrade will ever achieve consensus. Practitioners managing long-lived digital assets or PKI infrastructure should watch this space — the question of how to migrate legacy cryptographic commitments without breaking what they protect is not unique to Bitcoin.

/dev/random

Linus Torvalds Now Has Official Feelings About AI Coding Assistants

The Linux kernel's official documentation now includes a page specifically addressing the use of AI coding assistants when contributing to the kernel — which is either a sign of the times or a sign that maintainers got tired of reviewing AI-generated patch submissions that were confidently wrong. The document doesn't ban AI assistance outright, but sets clear expectations: contributors are responsible for every line they submit, regardless of what generated it. It's a measured, pragmatic stance from a project that famously has strong opinions about code quality. Somewhere, a junior developer is reading this while nervously checking whether their AI-assisted patch actually does what the commit message claims.