Cyber Division

Vercel confirmed suffering a breach after a hacker claiming to be part of ShinyHunters offered to sell stolen data for $2 million.
The post Next.js Creator Vercel Hacked appeared first on SecurityWeek.

In-the-wild exploitation has been ongoing for a year, but no successful payload execution has been observed.
The post Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers appeared first on SecurityWeek.

Operation PowerOFF identifies and warns 75K users of DDoS-for-hire services, nets 4 arrests, and seizes 53 domains in a Europol-led crackdown.

Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot.

A White House official said the administration is engaging with advanced AI labs about their models and the security of software.
The post White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology appeared first on SecurityWeek.

CoChat is fundamentally an AI collaboration platform designed for teamwork and to bring visibility and governance into enterprise AI shadows.
The post CoChat Launches AI Collaboration Platform to Combat Shadow AI appeared first on SecurityWeek.

Founders can access liquidity without exiting by selling shares via secondary deals, reducing financial pressure while staying focused on long-term growth.

New research from Zimperium reveals four active Android malware campaigns, RecruitRat, SaferRat, Astrinox, and Massiv, targeting over 800 banking apps globally.

The race to quantum-proof the internet is underway as experts warn of “harvest now, decrypt later” risks and slow migration to post-quantum security.

Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into a botnet for DDoS attacks.

Google claims that its security teams work around the clock using its Gemini AI models to detect and stop harmful ads. “Bad actors are using generative AI to create deceptive ads at scale, and Gemini helps us detect and block them in real time” Keerat Sharma, VP and GM, Ads Privacy and Safety, Google, said. “Our models analyze hundreds of billions of signals — including account age, behavioral cues and campaign patterns — to stop … More →
The post Google wipes out 602 million scam ads with Gemini on duty appeared first on Help Net Security.

The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw in the same platform. The second, “UnDefend,” allows a standard user to block Microsoft Defender from receiving signature updates or disable it entirely (if Microsoft pushes a major Defender update). And, according to Huntress researchers, all three exploitation techniques have … More →
The post Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild appeared first on Help Net Security.

Other noteworthy stories that might have slipped under the radar: ShinyHunters targets Rockstar Games, ShowDoc vulnerability exploited in the wild, and EPA to boost cybersecurity budget to $19 million.
The post In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested appeared first on SecurityWeek.

Kamerin Stokes sold stolen credentials through an online marketplace even after pleading guilty to his role in the DraftKings attack. 
The post Another DraftKings Hacker Sentenced to Prison appeared first on SecurityWeek.

Thursday’s discussion comes as leaders on Capitol Hill grapple with the dizzying pace of global developments in which technology plays a central role.
The post Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed appeared first on SecurityWeek.

The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April.
The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appeared first on SecurityWeek.

Have you ever taken a look at your Microsoft 365 mailbox rules? If not, it might be worth a few minutes of your time. Because newly released research reveals that hackers may already have beaten you to it.

Read more in my article on the Fortra blog.

Researchers at Darktrace have identified ZionSiphon, a new malware targeting Israeli water treatment plants. Learn how this OT-focused…

Hackers spread CGrabber and Direct-Sys malware through GitHub ZIP files, bypassing security tools to steal passwords, crypto wallets, and user data.

Google shipped Android 17 Beta 4 on April 16, marking the last scheduled beta in the Android 17 release cycle. The build targets app compatibility testing and platform stability ahead of the final release, and it carries several behavior changes that developers need to account for before the stable version ships. Supported Pixel devices can enroll in the Android Beta program to receive the update over the air. Developers without a Pixel device can use … More →
The post Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits appeared first on Help Net Security.

Governments are moving to block children under 16 from social media in the name of safety. But once these measures move from policy to practice, they raise a harder question: what happens when protecting kids requires collecting more data than ever before and may put them at greater risk? Age checks spark debate over privacy and safety Last year, Australia became the first country to introduce a ban for those under 16. Following its example, … More →
The post Social media bans might steer kids into riskier corners of the internet appeared first on Help Net Security.

An indirect prompt injection could be chained with a sandbox bypass and Cursor’s remote tunnel feature for shell access to machines.
The post Cursor AI Vulnerability Exposed Developer Devices appeared first on SecurityWeek.

Authorities in 21 countries participated in a coordinated action against DDoS-for-hire services.
The post 53 DDoS Domains Taken Down by Law Enforcement appeared first on SecurityWeek.

Securing national resilience now depends on faster, deeper partnerships with the private sector.
The post Government Can’t Win the Cyber War Without the Private Sector appeared first on SecurityWeek.

NIST is overhauling how it manages the National Vulnerability Database (NVD) and switching to a risk-based model that prioritizes “enrichment” of only the most critical CVE-numbered security vulnerabilities. “This change is driven by a surge in CVE submissions, which increased 263% between 2020 and 2025,” the National Institute of Standards and Technology said. “We don’t expect this trend to let up anytime soon.” A two-year struggle and a new approach NIST has been struggling to … More →
The post NIST admits defeat on NVD backlog, will enrich only highest-risk CVEs going forward appeared first on Help Net Security.

Google’s new set of Google Play policy updates and account transfer feature strengthen user privacy and protect businesses from fraud. Google is also expanding features for managing new contact and location policy changes to support a smoother, more predictable app review experience. By October, Play policy insights in Android Studio can help developers identify if their apps should use new features and will guide them on the steps to take. From October 27, new pre-review … More →
The post Google Play is changing how Android apps access your contacts and location appeared first on Help Net Security.

GPT‑5.4‑Cyber is a model fine-tuned for defenders, lowering boundaries for legitimate cybersecurity work.
The post OpenAI Widens Access to Cybersecurity Model After Anthropic’s Mythos Reveal appeared first on SecurityWeek.

Cookeville Regional Medical Center was targeted last year by the Rhysida ransomware group, which stole 500GB of data.
The post Data Breach at Tennessee Hospital Affects 337,000 appeared first on SecurityWeek.

The startup is leveraging AI to prevent AI-powered attacks across applications, users, machines, and cloud workloads.
The post Artemis Emerges From Stealth With $70 Million in Funding appeared first on SecurityWeek.

The flaw allows low-privileged users to upload files to a temporary directory to achieve remote code execution.
The post Splunk Enterprise Update Patches Code Execution Vulnerability appeared first on SecurityWeek.

Researchers found more than 80 high-impact cloud and AI vulnerabilities during the event, which had a $5 million prize pool.
The post Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest appeared first on SecurityWeek.

To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched.
The post NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software appeared first on SecurityWeek.

The flaws can be exploited remotely to impersonate users or execute arbitrary commands on the underlying OS.
The post Cisco Patches Critical Vulnerabilities in Webex, ISE appeared first on SecurityWeek.

The automotive analysis and data company is working with external experts to investigate the attack.
The post Ransomware Hits Automotive Data Expert Autovista appeared first on SecurityWeek.

A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’.
The post Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments appeared first on SecurityWeek.

OpenAI unveils GPT-5.4-Cyber, a cybersecurity-focused model built to help defenders analyze malware and fix software bugs. The company is also expanding its Trusted Access for Cyber (TAC) program to thousands of verified experts.

A hacking group claims to have broken into the flood defence system protecting Venice's Piazza San Marco - and is offering to sell access to whoever wants it. The asking price? A frankly insulting $600.

Meanwhile, Anthropic accidentally leaked the source code for Claude Code via a basic packaging mistake. Oh, and by the way, they've also just revealed they've built an AI model called Mythos that can find and chain together software vulnerabilities faster than any human. Sleep well.

All this and more in episode 463 of the “Smashing Security” podcast with cybersecurity expert and keynote speaker Graham Cluley, joined this week by special guest Tanya Janca.

Virtual assistants boost productivity but add cybersecurity risks. Poor access control, weak devices, and credential sharing can expose sensitive business data.

Private Fiverr user documents, including tax records and IDs, were reportedly found in Google search results due to a storage configuration issue. Read more about the findings and the company’s response to the data exposure.

A U.S. Supreme Court ruling issued in March has settled a question that has circulated among platform operators and developers for years: whether a service provider can be held liable for copyright infringement committed by its users without evidence of intent to contribute to that infringement. The answer, per the Court’s opinion in Cox v. Sony, is no. Liability requires conscious, culpable conduct. The standard endorsed by the Court is the same one advocated in … More →
The post GitHub lays out copyright liability changes and upcoming DMCA review for developers appeared first on Help Net Security.

The EU AI Act is 144 pages long. The logging requirements that matter for AI agent developers sit across four articles that keep referencing each other. Here’s what they say, when the deadlines hit, and where the gaps are. Your agent is probably high-risk The Act doesn’t mention “AI agents” by name. What matters is what the system does. If your agent scores credit applications, filters resumes, decides who gets healthcare benefits, prices insurance, or … More →
The post What the EU AI Act requires for AI agent logging appeared first on Help Net Security.

SOCKS5 protocol explained: anonymize traffic, boost security with encryption, bypass restrictions, and enable reliable data collection for business use.

Microsoft has introduced new Windows protections starting with the April 2026 security update to reduce phishing attacks that abuse Remote Desktop (.rdp) files. With these updates, the Remote Desktop Connection app displays stronger warning dialogs before a connection is established, shows details about the remote system, and requires users to review any request to share local resources such as drives or the clipboard. RDP files define how a system connects to a remote computer and … More →
The post Windows is getting stronger RDP file protections to fight phishing attacks appeared first on Help Net Security.

VPNs help secure remote server access by encrypting traffic, restricting entry to authorized users, and reducing exposure of critical systems to the internet.

Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems.

Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool. 
The post Exploited Vulnerability Exposes Nginx Servers to Hacking appeared first on SecurityWeek.

The Israeli startup aims to secure AI agents at runtime, continuously monitoring their behavior to prevent unsafe actions.
The post Capsule Security Emerges From Stealth With $7 Million in Funding appeared first on SecurityWeek.

Researchers warn that a flaw in Anthropic’s Model Context Protocol allows unsanitized commands to execute silently, enabling full system compromise across widely used AI environments.
The post ‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks appeared first on SecurityWeek.

Published through five accounts, the extensions appear part of a coordinated campaign based on shared C&C infrastructure.
The post 100 Chrome Extensions Steal User Data, Create Backdoor appeared first on SecurityWeek.

Offered as a MaaS to a small number of affiliates, mainly Russian speakers, the RAT can turn devices into residential proxy nodes.
The post Mirax RAT Targeting Android Users in Europe appeared first on SecurityWeek.