Daily Security Briefing #221

April 11, 2026 | Read Online

Claude and ChatGPT exploited in sweeping cyber campaign, Google locks Chrome sessions to devices, AI training data poisoning concerns…

Executive Summary

A massive cyberattack targeting government infrastructure has been uncovered, leveraging artificial intelligence platforms to breach multiple agencies. Meanwhile, Google has implemented a major security upgrade to protect users from session hijacking. Additionally, the use of Webloc for global geolocation surveillance has raised concerns about law enforcement’s access to sensitive data.

Top Articles

Claude and ChatGPT Exploited in Sweeping Cyber Campaign Against Government Agencies A single threat actor successfully leveraged artificial intelligence platforms to breach nine Mexican government agencies. The campaign, which operated from late December 2025 through mid-February 2026, resulted in the exfiltration of hundreds of sensitive documents. GBHackers

Google Locks Chrome Sessions to Devices to Stop Cookie Theft Google has officially launched a major security upgrade to protect users from session hijacking. Starting with Chrome version 146 for Windows users, Device Bound Session Credentials (DBSC) is now publicly available. GBHackers

End-to-End Encrypted Gmail Arrives on Android and iPhone Google has officially expanded its Gmail end-to-end encryption (E2EE) capabilities to include mobile devices. Users leveraging Gmail’s client-side encryption (CSE) can now securely compose, read, and send encrypted emails directly from their Android and iOS smartphones. CyberPress

Ransomware Groups Increasingly Turn to EDR Killers Outside Vulnerable Driver Tactics Threat actors are rapidly adopting Endpoint Detection and Response (EDR) killers to bypass security protections before deploying ransomware. According to a recent technical analysis by ESET Research, these evasion tools have become a predictable phase in modern ransomware intrusions. CyberPress

Over 20,000 Crypto Fraud Victims Identified in International Crackdown An international law enforcement action led by the U.K.’s National Crime Agency (NCA) has identified over 20,000 victims of cryptocurrency fraud across Canada, the United Kingdom, and the United States. BleepingComputer

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The Hacker News

ChatGPT Rolls Out New $100 Pro Subscription to Challenge Claude OpenAI has rolled out a new Pro subscription that costs $100 and is in line with Claude’s pricing, which also has a $100 subscription, in addition to the $200 Max monthly plan. BleepingComputer

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.