IT Security News Daily Summary 2026-04-20

172 posts were published in the last hour

• 21:36 : Vercel Breach Linked to Context.ai, ShinyHunters Says It’s Not Involved
• 21:36 : Smishing Triad
• 21:11 : North Korean hackers blamed for $290M crypto theft
• 21:11 : France’s ANTS ID System website hit by cyberattack, possible data breach
• 21:11 : Hackers Use AppDomain Hijacking to Turn Trusted Intel Utility Into Malware Launcher
• 21:11 : Gh0st RAT and CloverPlus Adware Delivered Together in New Dual-Payload Malware Campaign
• 20:36 : Amtrak Data Breach Exposes 2.1M Records, Reports Suggest Larger Leak
• 20:36 : This VPN Lets You Verify Your Business Privacy For $130
• 20:36 : [un]prompted 2026 – Rob T. Lee, Glenn Thorpe, Dan Hubbard & Sergej Epp – Vibe Coded (Micro-Talks)
• 20:6 : North Korea-Linked UNC1069 Uses Fake Zoom and Teams Meetings to Hack Crypto Professionals
• 20:6 : Claude Desktop changes app access settings for browsers you don’t even have installed yet
• 19:32 : Cybersecurity with a Digital Twin: Why Real-Time Data Streaming Matters
• 19:32 : The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment
• 19:11 : Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft
• 19:11 : SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
• 19:5 : IT Security News Hourly Summary 2026-04-20 21h : 7 posts
• 18:34 : Hidden Cyber Threat AI Is Preparing That Some Companies Aren’t Thinking About
• 18:34 : Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks
• 18:34 : Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign
• 18:34 : Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched
• 18:34 : Randall Munroe’s XKCD ‘Subduction Retrieval’
• 18:34 : Article 5 and the EU AI Act’s Absolute Red Lines – FireTail Blog
• 18:34 : Eurail Breach Exposes Data of Over 300,000 U.S. Users
• 18:4 : 2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable
• 18:4 : Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand
• 18:4 : Cybersecurity in the age of AI means bigger, faster threats
• 18:4 : ​​Supply Chain Compromise Impacts Axios Node Package Manager​
• 17:34 : North Korea hackers blamed for $290M crypto theft
• 17:34 : Scot becomes second Scattered Spider-linked crook to plead guilty in US
• 17:34 : Life in the Swimlane with Jonathan Badal, Sr. Business Development Representative
• 17:34 : Vulnerability Summary for the Week of April 13, 2026
• 17:34 : Making opportunistic cyberattacks harder by design
• 17:2 : Mastodon says its flagship server was hit by a DDoS attack
• 17:2 : Supercharged Security: Security in the Time of Mythos
• 17:2 : Lovable AI App Builder Reportedly Exposes Thousands of Projects Data via API Flaw
• 17:2 : Researchers Say Iranian MOIS Uses Multiple Hacker Personas for One Coordinated Cyber Campaign
• 16:37 : The AI Threat Multiplier: Why Architectural Flaws Are the New Frontier
• 16:36 : Microsoft Teams Desktop Client Faces Launch Failures After Update Triggers Caching Regression
• 16:36 : New JanaWare Ransomware Targets Turkish Users Through Customized Adwind RAT
• 16:36 : Attackers Turn QEMU Into a Stealth Backdoor for Credential Theft and Ransomware
• 16:36 : Attackers Abuse Microsoft Teams and Quick Assist in New Helpdesk Impersonation Attack Chain
• 16:36 : Lovable AI App Builder Reportedly Exposes Customer Data From Projects via Unpatched API Flaw
• 16:36 : Vercel Breach Explained: OAuth Risk in AI + SaaS Environment
• 16:36 : Fireside Chat: PKI has carried digital trust through every tech advance—now comes the hardest one
• 16:11 : NIST Scales Back Vulnerability Scoring in 2026 as CVE Volume Surges
• 16:11 : Vercel breached via compromised third-party AI tool
• 16:11 : Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking
• 16:11 : ZionSiphon Malware Targets Water Infrastructure Systems
• 16:11 : Stellantis teams with Microsoft to strengthen digital capabilities
• 16:5 : IT Security News Hourly Summary 2026-04-20 18h : 9 posts
• 15:36 : Fake TikTok Downloaders on Chrome and Edge Spying on 130,000 Users
• 15:36 : [un]prompted 2026 – Gadi Evron – Opening Words
• 15:36 : Hackers Steal $3.665 Million in Bitcoin from Crypto ATM Giant Bitcoin Depot
• 15:36 : Ransomware Attack Disrupts Dutch Healthcare Software Provider ChipSoft, Raising Sector-Wide Concerns
• 15:36 : Formbook Malware Campaign Uses Multiple Obfuscation Techniques to Avoid Detection
• 15:36 : How to clone an AWS CloudHSM cluster across Regions
• 15:36 : Vulnerability exploitation surges often precede disclosure, offering possible early warnings
• 15:7 : App host Vercel says it was hacked and customer data stolen
• 15:7 : Ten Great Cybersecurity Job Opportunities
• 14:32 : How to Remove Objects from Video: AI Tools & Pro Tips (2026)
• 14:32 : How CNAPP Bridges the Gap Between DevSecOps and Cloud Security Companies
• 14:32 : Why Every Defense Against Prompt Injection Gets Broken — And What to Build Instead
• 14:32 : Big Tech can stop scams. They just don’t (Lock and Code S07E08)
• 14:32 : ⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More
• 14:32 : Cyber Briefing: 2026.04.20
• 14:7 : Gh0st RAT, CloverPlus Hit Victims in Dual-Malware Campaign
• 14:7 : Vercel Confirms Security Incident as Threat Actor Claims Stolen Data for Sale
• 14:7 : CVE-2023-33538 under attack for a year, but exploitation still unsuccessful
• 14:7 : New Windows 11 Dev Build Improves Secure Boot Monitoring and Storage Controls
• 14:7 : Mythos: An AI tool too powerful for public release
• 14:7 : 6 Best MVP Developers For Cybersecurity Startups and Enterprises
• 14:6 : Vercel Data Breach Linked to Earlier Context.ai Compromise
• 13:36 : The Supply Chain Is the New Battlefield: How One Weak Link Compromises Entire Ecosystems
• 13:36 : The Gentlemen: A New Ransomware Threat Climbing the Charts — Fast
• 13:36 : Microsoft releases Windows Server update fix to fix its April update fixes
• 13:36 : Industrial Cybersecurity Under Strain as Iran-Linked Actors Breach U.S. Systems
• 13:36 : Adobe Reader Zero-Day PDF Exploit Actively Used in Attacks to Steal Data
• 13:36 : Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet
• 13:7 : British Hacker Tyler Buchanan Pleads Guilty to $8M Hacking Scheme in US
• 13:7 : Notion Pages Leak User Data
• 13:7 : Over 200 Japanese firms paid ransomware attackers
• 13:7 : Senate Extends Surveillance Powers
• 13:7 : Canada’s cyber resilience plan targets AI threats
• 13:7 : CSLE: A Reinforcement Learning Platform
• 13:5 : IT Security News Hourly Summary 2026-04-20 15h : 8 posts
• 12:34 : Intel Utility Hijacked in AppDomain Attack to Launch Malware
• 12:34 : British Scattered Spider Hacker Pleads Guilty in the US
• 12:34 : Understanding Key Differences of SAML, OpenID, OAuth and JWT
• 12:34 : Solving the Multi-Tenancy Identity Crisis in Modern Finance
• 12:34 : Why Most AI Deployments Stall After the Demo
• 12:9 : North Korea-Linked UNC1069 Hacks Crypto Pros via Fake Meetings
• 12:9 : Anthropic MCP Hit by Critical Vulnerability Enabling Remote Code Execution
• 12:9 : Hackers Abuse QEMU for Defense Evasion
• 11:36 : Is “Satoshi Nakamoto” Really Adam Back?
• 11:36 : Hackers Use FUD Crypt to Generate Microsoft-Signed Malware With Built-In Persistence and C2
• 11:36 : New RDP Alert After April 2026 Security Update Warns of Unknown Connections
• 11:36 : Bluesky Disrupted by Sophisticated DDoS Attack
• 11:36 : AI platform ATHR makes voice phishing a one-person job
• 11:13 : 52M-Download protobuf.js Library Hit by RCE in Schema Handling
• 11:13 : Iran’s MOIS Tied to Coordinated Cyber Campaign Using Multiple Hacker Personas
• 11:13 : Third-party AI hack triggers Vercel breach, internal environments accessed
• 11:13 : Senate Extends Surveillance Powers Until April 30 After Chaotic Votes in House
• 11:12 : Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
• 10:36 : Fracturing Software Security With Frontier AI Models
• 10:36 : TBK DVR Vulnerability CVE-2024-3721 Exploited to Spread Nexcorium DDoS Malware
• 10:36 : The Weird, Twisting Tale of How China Spied on Alysa Liu and Her Dad
• 10:36 : The AI Visibility Gap Is Real – And It Lives on Your Website
• 10:36 : From AI Pilots to Autonomous Finance: What CFOs Must Fix Before Agentic AI Scales
• 10:36 : Vercel April 2026 Incident: Non-Sensitive Environment Variables Need Investigation Too
• 10:7 : iTerm2 Flaw Turns SSH Escape Sequences Into Arbitrary Code Execution
• 10:7 : Public Notion Pages Leaks Profile Photos and Email address of Editors
• 10:7 : Half of the 6 Million Internet-Facing FTP Servers Lack Encryption
• 10:5 : IT Security News Hourly Summary 2026-04-20 12h : 8 posts
• 9:37 : Silicon In Focus Podcast: Shaping Technology for Transformation
• 9:37 : Microsoft-Signed Malware Built With FUD Crypt Packs Persistence and C2
• 9:36 : NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience
• 9:36 : Beyond IT: Cybersecurity is a strategic business risk
• 9:16 : MiningDropper Spreads Infostealers, RATs, Banking Malware on Android
• 9:15 : AI Model Claude Opus turns bugs into exploits for just $2,283
• 9:15 : FakeWallet crypto stealer spreading through iOS apps in the App Store
• 9:15 : Crypto Exchange Grinex Blames Western Spies for $13m Theft
• 8:36 : Boeing Develops Medium-Sized Satellite Amid Growing Demand
• 8:36 : Windows 11 Dev Build Introduces Improved Secure Boot Oversight and Storage Security
• 8:36 : Hackers Use CVE-2024-3721 to Infect TBK DVRs With Nexcorium DDoS Malware
• 8:36 : Google Uses Gemini AI to Stop Malicious Ads From Threat Actors – 8.3 billion ads Blocked
• 8:36 : NIST Shifts to Risk-Based NVD Model as CVE Submissions Surge 263% Since 2020
• 8:36 : Next.js Creator Vercel Hacked
• 8:36 : Meta and PortSwigger drive offensive security further to find what others miss
• 8:36 : Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
• 8:3 : Ransomware’s Next Phase: From Data Encryption to Business Extortion
• 8:3 : Maine Lawmakers Vote To Suspend Data Centre Expansion
• 8:3 : Next.js developer Vercel warns of customer credential compromise
• 8:3 : Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers
• 7:32 : Ganfeng Lithium Sees Profits Soar Amid Energy Disruption
• 7:32 : JanaWare Ransomware Hits Turkish Users via Tailored Adwind RAT
• 7:32 : A week in security (April 13 – April 19)
• 7:32 : Trump Taxes and the Price of Privacy
• 7:32 : London hospital ransomware legacy, PowerOFF takedown, Microsoft RedSun zero-day
• 7:7 : Handling the CVE Flood With EPSS, (Mon, Apr 20th)
• 7:7 : Are passwords putting you at risk?
• 7:7 : Arnold Clark Faces Data Breach Class Action In Scotland
• 7:7 : Compensation vs. Burnout: The New Retention Calculus for Cybersecurity Leaders
• 7:6 : EU pushes for stronger cloud sovereignty, awards €180 million to four providers
• 7:5 : IT Security News Hourly Summary 2026-04-20 09h : 7 posts
• 6:34 : NSA Confirms Use of Anthropic’s Mythos Despite Pentagon Blacklist
• 6:34 : ZionSiphon Hits Israeli Water Systems With OT Sabotage Malware
• 6:34 : British Hacker Admits Stealing Millions in Virtual Currency From Targeted Companies
• 6:34 : What is DANE? DNS-Based Authentication of Named Entities Explained (2026)
• 6:34 : Why Dark Web Monitoring Is No Longer Enough (And What Comes Next)
• 6:9 : QEMU Hijacked as Stealth Backdoor for Credential Theft, Ransomware
• 6:9 : Public Notion Pages Expose Editors’ Profile Photos and Email Addresses
• 5:32 : Critical Gardyn Flaws Open Smart Garden Devices to Remote Hijacking
• 5:32 : Project Glasswing: When AI Becomes the Ultimate Hacker—and Defender
• 5:32 : How to spot a North Korean fake in a job interview
• 5:32 : SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
• 5:9 : Vercel Reports Data Breach Amid Claims of Compromised Internal Infrastructure
• 5:9 : NIST Adopts Risk-Based NVD Model as CVE Submissions Jump 263% Since 2020
• 5:9 : Fake Helpdesk Attack Uses Teams and Quick Assist to Breach Targets
• 5:9 : Critical Vulnerability In Flowise Allows Remote Command Execution Via MCP Adapters
• 5:9 : Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
• 5:9 : Security Researcher Goes To War Against Microsoft
• 4:38 : Product showcase: Syncthing for secure, private file synchronization
• 4:5 : IT Security News Hourly Summary 2026-04-20 06h : 2 posts
• 4:4 : The Real Cyber Awards and Conference opens for entries
• 3:34 : Pro-Russian threat actors target Swedish heat and power plant in failed cyberattack
• 3:2 : Vercel Confirms Data Breach — Hackers Claim Access to Internal Systems
• 2:9 : ISC Stormcast For Monday, April 20th, 2026 https://isc.sans.edu/podcastdetail/9898, (Mon, Apr 20th)
• 1:34 : Cryptographically Agile Policy Enforcement for Contextual Data Access
• 23:11 : Just like phishing for gullible humans, prompt injecting AIs is here to stay
• 22:5 : IT Security News Hourly Summary 2026-04-20 00h : 2 posts
• 21:58 : IT Security News Weekly Summary 16
• 21:55 : IT Security News Daily Summary 2026-04-19