#cybersecurity

[ follow ]
#malware #data-breach #vulnerabilities #ai #anthropic #phishing #ransomware #vulnerability #vercel #hacking #healthcare
#vulnerabilities
Information security
fromThe Hacker News
4 minutes ago

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

CISA added eight new vulnerabilities to its KEV catalog, including critical flaws in Cisco Catalyst SD-WAN Manager, indicating active exploitation.
Information security
fromThe Hacker News
4 days ago

ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

Hackers exploit vulnerabilities, including a fake app draining $9.5M, while new exploits like RedSun target Microsoft Defender.
Information security
fromThe Hacker News
4 minutes ago

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

CISA added eight new vulnerabilities to its KEV catalog, including critical flaws in Cisco Catalyst SD-WAN Manager, indicating active exploitation.
Information security
fromThe Hacker News
4 days ago

ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

Hackers exploit vulnerabilities, including a fake app draining $9.5M, while new exploits like RedSun target Microsoft Defender.
more#vulnerabilities
#data-breach
Privacy professionals
fromTechRepublic
11 hours ago

Amtrak Data Breach Exposes 2.1M Records, Reports Suggest Larger Leak

Amtrak customers face data exposure due to a breach affecting millions of records, including personal and travel-related information.
Information security
fromThe Hacker News
16 hours ago

Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Third-party tools are exploited to gain internal access, highlighting a shift in attack strategies that bend trust rather than break systems.
fromTechzine Global
23 hours ago
Information security

Vercel hit by attack via compromised AI tool

Attackers accessed Vercel's internal systems through a compromised Context.ai account, affecting limited customers but no sensitive data was reportedly accessed.
Privacy professionals
fromTechRepublic
11 hours ago

Amtrak Data Breach Exposes 2.1M Records, Reports Suggest Larger Leak

Amtrak customers face data exposure due to a breach affecting millions of records, including personal and travel-related information.
Information security
fromThe Hacker News
16 hours ago

Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Third-party tools are exploited to gain internal access, highlighting a shift in attack strategies that bend trust rather than break systems.
Information security
fromTechzine Global
23 hours ago

Vercel hit by attack via compromised AI tool

Attackers accessed Vercel's internal systems through a compromised Context.ai account, affecting limited customers but no sensitive data was reportedly accessed.
more#data-breach
#ai-security
fromSecurityWeek
4 days ago
Information security

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Information security
fromTheregister
1 day ago

Prompt injection proves AI models are gullible like humans

Prompt injection attacks exploit AI systems, similar to phishing, by embedding malicious instructions that the AI executes instead of treating as content.
Information security
fromSecurityWeek
4 days ago

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

A prompt injection attack method named 'Comment and Control' targets AI code security tools, allowing attackers to hijack AI agents using crafted GitHub comments.
more#ai-security
Information security
fromTechRepublic
13 hours ago

Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign

Hackers exploit Android's overlay feature to capture PINs and monitor user interactions across over 800 apps using banking trojans.
Information security
fromTechRepublic
14 hours ago

2026's Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable

2026 has seen significant cyber threats, including a major FBI hack and the discovery of the DarkSword iPhone exploit framework.
#pentagon
Washington DC
fromNextgov.com
5 days ago

Pentagon announces senior appointments to CIO's office

Five officials appointed to the Pentagon's CIO office to enhance technology management and drive transformation.
Washington DC
fromNextgov.com
5 days ago

Pentagon announces senior appointments to CIO's office

Five officials appointed to the Pentagon's CIO office to enhance technology management and drive transformation.
more#pentagon
Information security
fromTechCrunch
14 hours ago

Mastodon says its flagship server was hit by a DDoS attack | TechCrunch

Mastodon's flagship server experienced a DDoS attack, causing significant outages and instability, but countermeasures were implemented to restore access.
Privacy professionals
fromMail Online
15 hours ago

CrunchyRoll users slammed with lawsuit as millions of users exposed

Crunchyroll faces a class-action lawsuit after a data breach exposed personal information of 6.8 million users due to inadequate data security.
#ai
fromAlleyWatch
14 hours ago
Information security

Artemis Raises $55M to Cut Security Response Times by 94% Through Autonomous Investigation

Information security
fromSecurityWeek
4 days ago

Artemis Emerges From Stealth With $70 Million in Funding

Artemis launched with $70 million funding, offering an AI platform for threat detection and response across various environments.
Information security
fromComputerWeekly.com
5 days ago

UK businesses must face up to AI threat, says government | Computer Weekly

AI models are rapidly advancing in discovering and exploiting software vulnerabilities, necessitating urgent attention from business leaders.
Information security
fromAlleyWatch
14 hours ago

Artemis Raises $55M to Cut Security Response Times by 94% Through Autonomous Investigation

AI-powered cybersecurity solutions are essential to address the speed and complexity of modern attacks.
Information security
fromwww.bbc.com
3 days ago

What is Claude Mythos and what risks does it pose?

Anthropic's Claude Mythos AI model outperforms humans in some cybersecurity tasks, raising concerns among regulators and tech companies.
Information security
fromSecurityWeek
4 days ago

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

OpenAI launched GPT-5.4-Cyber, a cybersecurity AI model, expanding access to verified defenders and enhancing capabilities for vulnerability analysis.
Information security
fromSecurityWeek
4 days ago

Artemis Emerges From Stealth With $70 Million in Funding

Artemis launched with $70 million funding, offering an AI platform for threat detection and response across various environments.
Information security
fromComputerWeekly.com
5 days ago

UK businesses must face up to AI threat, says government | Computer Weekly

AI models are rapidly advancing in discovering and exploiting software vulnerabilities, necessitating urgent attention from business leaders.
more#ai
Artificial intelligence
fromTechCrunch
15 hours ago

NSA spies are reportedly using Anthropic's Mythos, despite Pentagon feud | TechCrunch

The NSA is reportedly using Anthropic's Mythos model for cybersecurity despite previous tensions over access to AI capabilities.
#vercel
Information security
fromTechCrunch
16 hours ago

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.
Information security
fromTechCrunch
16 hours ago

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.
more#vercel
Careers
fromSecuritymagazine
1 day ago

Advance Your Cybersecurity Career

Degrees and certifications in cybersecurity indicate foundational knowledge but hands-on experience and skills are more critical for success.
fromSecurityWeek
20 hours ago

Bluesky Disrupted by Sophisticated DDoS Attack

The attack is impacting our application, with users experiencing intermittent interruptions in service for their feeds, notifications, threads and search.
Information security
Information security
fromThe Hacker News
20 hours ago

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

A critical vulnerability in the Model Context Protocol allows remote code execution, affecting over 7,000 servers and compromising sensitive data.
Information security
fromThe Hacker News
22 hours ago

Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

ZionSiphon malware targets Israeli water treatment systems, showcasing a trend in politically motivated attacks on critical infrastructure.
Information security
fromSecurityWeek
23 hours ago

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers

Hackers have targeted a vulnerability in discontinued TP-Link routers for a year without successful exploitation, according to Palo Alto Networks.
Venture
fromAlleyWatch
2 days ago

#NYCtech Week in Review: 4/12/26 - 4/18/26

NYC Tech News highlights recent startup funding, exits, and events, featuring companies like Chapter, Artemis, and Bluefish.
#anthropic
fromTechCrunch
2 days ago
Washington DC

Anthropic's relationship with the Trump administration seems to be thawing | TechCrunch

Artificial intelligence
fromThe Verge
3 days ago

Anthropic's new cybersecurity model could get it back in the government's good graces

Anthropic's relationship with the Trump administration has improved due to its new cybersecurity model, Claude Mythos Preview.
Artificial intelligence
fromAxios
4 days ago

Trump officials negotiating access to Anthropic's Mythos despite blacklist

Anthropic is selectively rolling out Mythos to assess its cyber capabilities with a few organizations, including potential government agencies.
fromTechCrunch
2 days ago
Washington DC

Anthropic's relationship with the Trump administration seems to be thawing | TechCrunch

Artificial intelligence
fromThe Verge
3 days ago

Anthropic's new cybersecurity model could get it back in the government's good graces

Anthropic's relationship with the Trump administration has improved due to its new cybersecurity model, Claude Mythos Preview.
Artificial intelligence
fromAxios
4 days ago

Trump officials negotiating access to Anthropic's Mythos despite blacklist

Anthropic is selectively rolling out Mythos to assess its cyber capabilities with a few organizations, including potential government agencies.
more#anthropic
Software development
fromFast Company
2 days ago

The hidden risks of vibe coding: 4 steps to protect your organization

Vibe coding democratizes software development but poses significant cybersecurity risks due to unknown origins of AI-generated code.
Information security
fromSecurityWeek
2 days ago

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.
Information security
fromThe Hacker News
3 days ago

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Threat actors exploit vulnerabilities in TBK DVR and TP-Link routers to deploy Mirai-botnet variants, targeting IoT devices for large-scale attacks.
Information security
fromBusiness Matters
4 days ago

Why Trust and Verification Are Critical for Modern Online Platform Businesses

Trust is essential yet fragile in the digital economy, with platforms facing increasing challenges from sophisticated online scams.
Artificial intelligence
fromwww.bbc.com
3 days ago

White House and Anthropic set aside court fight to meet amid fears over Mythos model

The White House met with Anthropic's CEO to discuss collaboration on AI technology amid ongoing legal issues with the Department of Defense.
Cryptocurrency
fromArs Technica
3 days ago

Russia-friendly exchange says "western special service" behind $15 million cyberattack

Grinex halts operations after a $13 million heist attributed to western special services hackers, impacting Russian users and financial sovereignty.
fromNextgov.com
3 days ago

OMB's examination of Mythos is 'not giving access to anything to agencies,' official says

OMB is not giving access to anything to agencies, according to a spokesperson, despite the administration's interest in the powerful Mythos AI model that identifies digital vulnerabilities.
Washington DC
Artificial intelligence
fromAxios
3 days ago

Scoop: Bessent and Wiles met Anthropic's Amodei in sign of thaw

The White House meeting with Anthropic aimed to address AI technology challenges and explore collaboration opportunities.
fromArs Technica
3 days ago

Man with @ihackedthegovernment Instagram account tells judge, "I made a mistake"

Moore intentionally accessed the Supreme Court's electronic filing system without authorization using the stolen credentials of an authorized user on 25 different days, sometimes returning to the site multiple times on the same day.
Privacy professionals
Information security
fromHarvard Gazette
3 days ago

Time for government, business leaders to figure out AI cybersecurity regulation - Harvard Gazette

Agentic AI poses both opportunities for cybersecurity and risks to personal data, economy, and national security, necessitating regulation by leaders.
#nist
Information security
fromTechzine Global
4 days ago

NIST updates NVD: not every CVE will be scrutinized

NIST is updating its vulnerability assessment methodology due to an overwhelming increase in CVEs, prioritizing critical vulnerabilities for analysis.
Information security
fromSecurityWeek
4 days ago

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

NIST updates its National Vulnerability Database operations to prioritize enriching critical CVEs due to a surge in submissions.
Information security
fromTechzine Global
4 days ago

NIST updates NVD: not every CVE will be scrutinized

NIST is updating its vulnerability assessment methodology due to an overwhelming increase in CVEs, prioritizing critical vulnerabilities for analysis.
Information security
fromSecurityWeek
4 days ago

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

NIST updates its National Vulnerability Database operations to prioritize enriching critical CVEs due to a surge in submissions.
more#nist
#north-korea
fromTechCrunch
4 days ago
US news

Two Americans sentenced for helping North Korea steal $5 million in fake IT worker scheme | TechCrunch

Information security
fromComputerWeekly.com
3 days ago

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.
US news
fromTechCrunch
4 days ago

Two Americans sentenced for helping North Korea steal $5 million in fake IT worker scheme | TechCrunch

Two U.S. citizens were sentenced for aiding North Korea in placing remote IT workers in American companies, netting $5 million.
more#north-korea
fromwww.housingwire.com
3 days ago

Disconnected systems fueling title, wire fraud risks

Disconnected systems, inconsistent definitions of data, and the manual nature of data movement create ongoing challenges in the title industry, according to FundingShield President Adam Chaudhary.
Real estate
Information security
fromTechCrunch
3 days ago

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

Hackers exploited Windows vulnerabilities published by a researcher, affecting Windows Defender and allowing high-level access.
SF politics
fromNextgov.com
3 days ago

CISA resources 'more limited than I would like' amid shutdown, top official says

CISA faces significant funding limitations impacting its ability to counter hacking threats and conduct essential activities.
#apache-activemq
Information security
fromTheregister
3 days ago

CISA tells feds to patch 13-year-old Apache ActiveMQ bug

CISA warns of a critical Apache ActiveMQ vulnerability requiring federal agencies to patch within two weeks to prevent exploitation.
Information security
fromSecurityWeek
3 days ago

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

A vulnerability in Apache ActiveMQ Classic, CVE-2026-34197, is being actively exploited, requiring immediate patching by organizations.
Information security
fromTheregister
3 days ago

CISA tells feds to patch 13-year-old Apache ActiveMQ bug

CISA warns of a critical Apache ActiveMQ vulnerability requiring federal agencies to patch within two weeks to prevent exploitation.
Information security
fromSecurityWeek
3 days ago

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

A vulnerability in Apache ActiveMQ Classic, CVE-2026-34197, is being actively exploited, requiring immediate patching by organizations.
more#apache-activemq
#malware
Information security
fromTechRepublic
3 days ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.
fromThe Hacker News
4 days ago
Information security

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

A new botnet named PowMix targets Czech Republic's workforce, utilizing advanced evasion techniques and multi-stage infection methods since December 2025.
fromThe Hacker News
5 days ago
Information security

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

A new malware campaign targeting Ukrainian healthcare institutions has been identified, utilizing deceptive emails to deliver malicious payloads.
Information security
fromTechRepublic
3 days ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.
Information security
fromSecurityWeek
3 days ago

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon is a new malware targeting water treatment plants in Israel, designed to manipulate chlorine levels and pressure in these facilities.
Information security
fromThe Hacker News
4 days ago

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

A new botnet named PowMix targets Czech Republic's workforce, utilizing advanced evasion techniques and multi-stage infection methods since December 2025.
Information security
fromThe Hacker News
5 days ago

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

A new malware campaign targeting Ukrainian healthcare institutions has been identified, utilizing deceptive emails to deliver malicious payloads.
more#malware
Artificial intelligence
fromTechRepublic
3 days ago

AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech - TechRepublic

AI innovation and security threats are reshaping technology and corporate strategies across various platforms and applications.
Artificial intelligence
fromFortune
3 days ago

AI cybersecurity capabilities require urgent international cooperation, AI godfather Bengio says | Fortune

Yoshua Bengio emphasizes the urgent need for international cooperation in addressing AI's risks, particularly with the release of Anthropic's Mythos model.
Careers
fromEntrepreneur
3 days ago

He Was Laid Off, Posted on LinkedIn - Then Scammers Started Impersonating Real Recruiters to Target Him

Cybercriminals are impersonating recruiters on LinkedIn to exploit job seekers, especially those recently laid off.
Information security
fromThe Hacker News
3 days ago

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.
Information security
fromSecurityWeek
3 days ago

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.
fromwww.cbc.ca
3 days ago

Stellantis, Microsoft sign 5-year partnership for AI push | CBC News

Through our collaboration with Microsoft, we are accelerating our AI momentum across the enterprise, focusing on over 100 AI initiatives that cover product development, predictive maintenance, and the faster rollout of digital features.
European startups
fromTheregister
4 days ago

Claude Opus wrote a Chrome exploit for $2,283

"The V8 [out of bounds error] we used was from Chrome 146, the same version Anthropic's own Claude Desktop is running. A week of back and forth, 2.3 billion tokens, $2,283 in API costs, and about ~20 hours of me unsticking it from dead ends. It popped calc."
Software development
London startup
fromwww.theguardian.com
4 days ago

Liz Kendall urges UK public to embrace AI as government makes first 500m fund investment

The UK government is investing in AI to create jobs and address global challenges despite concerns about job disruption and cybersecurity risks.
Privacy technologies
fromMail Online
4 days ago

Is YOUR phone safe? Facial recognition on 21 devices can be spoofed

Facial recognition on many mobile phones can be easily fooled by printed photos, posing security risks for users.
Information security
fromComputerworld
4 days ago

Cisco Systems issues three advisories for critical vulnerabilities in Webex, ISE

Identity and access management is crucial for cybersecurity, with a focus on IAM hygiene necessary to mitigate risks from vulnerabilities.
Venture
fromAlleyWatch
4 days ago

The AlleyWatch Startup Daily Funding Report: 4/16/2026

Artemis, Joyful Health, and Traza secured significant funding to enhance cybersecurity, healthcare financial infrastructure, and AI-powered procurement.
Information security
fromTechRepublic
4 days ago

McGraw-Hill Confirms Data Exposure, Hackers Claim 45M Salesforce Records Leaked

Unauthorized access to limited internal data at McGraw-Hill was linked to a Salesforce misconfiguration, raising concerns about potential identity fraud and harassment.
Artificial intelligence
fromFortune
4 days ago

Attacks on Sam Altman's home are extreme. But the AI backlash is going mainstream | Fortune

OpenAI faces increasing public concern and backlash over AI's societal impacts, highlighted by recent violent incidents involving its CEO.
Artificial intelligence
fromArs Technica
4 days ago

Microsoft and Stellantis want to use AI to help car owners

Stellantis is integrating AI across its operations to enhance product development, customer features, and cybersecurity while reducing data center footprint.
Information security
fromTechRepublic
4 days ago

Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

Malicious WordPress plugins with backdoors compromised thousands of websites, demonstrating a supply-chain attack and leading to their permanent removal.
#ai-models
more#ai-models
#ransomware
Healthcare
fromSecuritymagazine
5 days ago

What "The Pitt" Gets Right About Ransomware and What Hospitals Can't Afford to Ignore

Ransomware incidents in healthcare lead to significant operational fallout, requiring extensive recovery efforts beyond just paying the ransom.
Healthcare
fromSecurityWeek
4 days ago

Data Breach at Tennessee Hospital Affects 337,000

Cookeville Regional Medical Center experienced a ransomware attack, compromising data of over 337,000 individuals, including sensitive personal and medical information.
Privacy professionals
fromFortune
4 days ago

As a small business owner, I never expected to pay $100,000 protecting my business from ransomware | Fortune

Ransomware attacks can severely impact small businesses, leading to significant recovery costs despite having cyber insurance.
Healthcare
fromSecuritymagazine
5 days ago

What "The Pitt" Gets Right About Ransomware and What Hospitals Can't Afford to Ignore

Ransomware incidents in healthcare lead to significant operational fallout, requiring extensive recovery efforts beyond just paying the ransom.
Healthcare
fromSecurityWeek
4 days ago

Data Breach at Tennessee Hospital Affects 337,000

Cookeville Regional Medical Center experienced a ransomware attack, compromising data of over 337,000 individuals, including sensitive personal and medical information.
Privacy professionals
fromFortune
4 days ago

As a small business owner, I never expected to pay $100,000 protecting my business from ransomware | Fortune

Ransomware attacks can severely impact small businesses, leading to significant recovery costs despite having cyber insurance.
more#ransomware
Information security
fromComputerWeekly.com
4 days ago

Cyber Essentials closes the MFA loophole but leaves some organisations adrift | Computer Weekly

Multi-factor authentication becomes mandatory under Cyber Essentials v3.3, with no exceptions for organizations failing to implement it.
Information security
fromThe Hacker News
4 days ago

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A social engineering campaign exploits Obsidian to distribute PHANTOMPULSE trojan targeting financial and cryptocurrency sectors.
Privacy professionals
fromThe Hacker News
4 days ago

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

A bank's Taboola pixel redirected users to a Temu tracking endpoint without consent or security controls detecting the violation.
Information security
fromSecurityWeek
4 days ago

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

Microsoft's Zero Day Quest 2026 awarded $2.3 million for discovering 80 high-impact vulnerabilities in cloud and AI services.
Careers
fromFortune
4 days ago

This CEO pirated video games as a teen and became a hacker for the Air Force. Now he's built a $3 billion cyber firm | Fortune

Gen Z should trust instincts in career paths, as demonstrated by Kyle Hanslovan's unconventional journey to CEO of a $3 billion cybersecurity firm.
fromBoston.com
5 days ago

Services at Brockton hospital return to normal more than a week after cyberattack

"We moved to down-time procedures to ensure high-quality patient care and safety," the provider announced. "We are working with outside resources to help us investigate the incident and restore operations as quickly as possible."
Healthcare
Information security
fromThe Cipher Brief
5 days ago

Copy of Trump's Cyber Strategy Is a Strong Playbook, but It's All in the Execution

The National Cyber Strategy aims to enhance U.S. national security through aggressive defense and collaboration with the private sector.
[ Load more ]