Session Hardening, Cloud Observability, and Urgent ICS Advisories

Proactive controls led today’s developments. The Chrome and Account Security teams at Google made Device Bound Session Credentials generally available on Windows in Chrome 146, binding session cookies to hardware keys to blunt infostealer reuse. Across the cloud stack, major platforms expanded governance and observability for AI-driven and large-scale services. At the same time, new advisories and ongoing compromises reminded defenders to keep patching and incident response close at hand.

Platform Controls Raise the Bar for Identity and AI

DBSC shifts session protection from reactive detection to prevention by requiring proof of possession of a non-exportable, hardware-backed private key before issuing short-lived cookies. Each session uses distinct keys to limit tracking, and the browser rotates credentials transparently to preserve compatibility. Early adopters saw fewer session theft cases, and roadmap items include cross-origin bindings for federated SSO and support for environments without dedicated secure hardware.

To bring order to rapidly growing agent ecosystems, AWS introduced the Agent Registry in AgentCore (preview), a private catalog with approval workflows, IAM/OAuth access, and CloudTrail auditing for agents, tools, and MCP servers. For procurement and price transparency, the new AWS Marketplace Discovery API exposes authoritative product metadata and both public and private pricing, enabling integrations with internal portals and procurement tooling.

On the cryptography front, CSO Online reports that Cloudflare is advancing its post‑quantum roadmap after Google signaled an accelerated migration timeline. Cloudflare says over half its traffic already uses ML‑KEM against harvest‑now/decrypt‑later risks and plans post‑quantum certificates in 2027.

Operations and Observability Consolidate

AWS added a unified observability experience in OpenSearch Service, integrating directly with AWS Managed Service for Prometheus so teams can run PromQL from OpenSearch without duplicating metrics. Live queries correlate metrics, logs, traces, and AI agent activity while reducing storage costs, with availability across 20 regions.

Google Cloud detailed two building blocks for high‑throughput AI serving. Estée Lauder Companies adopted Google Cloud Run worker pools to decouple UI latency from multi‑step LLM inference via Pub/Sub buffering and pull‑based workers, with GPU options and external‑metrics autoscaling via the open‑sourced CREMA. For gateway‑level safety, Google Cloud’s Model Armor on GKE enforces centralized policies to block prompt injection and jailbreaks, integrates with Data Loss Prevention, and logs decisions for audit, adding an operational guardrail without relying on opaque model refusals.

Advisories and Active Exploitation

CISA published a critical advisory for GPL Odorizers GPL750 controllers (CISA), where unauthenticated Modbus packets can manipulate registers driving odorant injection (CVE‑2026‑4436; CVSS 8.6). Recommended actions include updating GPL750 software and Horner firmware and isolating control networks. Separately, an obsolete Contemporary Controls BASC 20T device is affected by a forgeable‑packet flaw enabling remote reconfiguration and file transfers (CISA; CVSS 9.8); network exposure should be minimized and secure remote access enforced while coordinating with the vendor.

Microsoft analyzed an intent‑redirection vulnerability in a third‑party Android EngageSDK that exposed millions of wallet installs to potential data access abuse. The issue, reported in 2025 and fixed by setting the affected activity non‑exported in EngageSDK v5.2.1, allowed crafted intents to grant persistent URI permissions (Microsoft). Teams should upgrade dependencies, review merged manifests for unexpected exported components, and audit content provider permissions.

Researchers also reported active exploitation of an unpatched Adobe Reader issue via malicious PDFs that invoke privileged APIs on open, enabling fingerprinting and data exfiltration. Until a patch is available, defenders can monitor for suspicious "Adobe Synchronizer" traffic and restrict risky PDF flows (BleepingComputer).

Incidents and Targeted Phishing

The update channel for Smart Slider 3 Pro was compromised to deliver a malicious build that preserves functionality while planting multiple backdoors, creating hidden admin accounts, and stealing credentials. The vendor advises restoring from pre‑April 5 backups or reinstalling clean builds, then rotating all credentials and hardening access (BleepingComputer). Why it matters: stealthy persistence in themes and core directories can survive superficial cleanups without exhaustive file and key rotation.

Abnormal Security tracked a closed PhaaS platform, VENOM, targeting senior executives with SharePoint‑themed lures, QR codes, and environment checks to evade analysis. The operation abuses adversary‑in‑the‑middle logins or device‑code flows to capture credentials and session tokens, enabling durable account takeover despite MFA (BleepingComputer).

Eurail disclosed that over 300,000 individuals were affected by a December data theft involving personal, identification, and some health data, with samples posted for sale, while Dutch healthcare IT vendor ChipSoft faced a ransomware outage affecting connected services and some hospitals (BleepingComputer; BleepingComputer). Both cases underscore the downstream impact when centralized platforms for travel or healthcare are disrupted.