The U.S. CISA (Cybersecurity and Infrastructure Security Agency) issued an alert warning of a supply chain compromise affecting the Axios npm package, urging organizations to…
In 2025, attackers increasingly targeted weaknesses in multi-factor authentication (MFA) workflows, and phishing attacks leveraged valid, compromised credentials to launch lures from trusted accounts. The…
This blog was updated on April 17 to include threat activity we’re observing with Nightmare-Eclipse’s BlueHammer, RedSun, and UnDefend exploitation techniques. One of the many…
Ofcom, the United Kingdom’s independent communications regulator, has launched an investigation into Telegram based on evidence suggesting it’s being used to share child sexual abuse…
A group of unauthorized users has reportedly breached access controls surrounding Claude Mythos Preview, Anthropic’s powerful and closely guarded AI-driven cybersecurity tool, raising serious concerns…
Comment and Control prompt injection vulnerabilities discovered in AI agents, including Claude Code Security Review, Google Gemini CLI Action, and GitHub Copilot Agent. “Comment and…
New York, United States, April 21st, 2026, CyberNewswire BreachLock, a global leader in offensive security, today announced it has been named a representative vendor in the 2026 Gartner Market Guide…
Ravie LakshmananApr 21, 2026Insider Threat / Cybercrime A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against…
A security team recently walked me through a scenario that illustrates exactly why the industry’s current obsession with autonomous AI is so risky. They had…
Australian life insurer TAL is set to consolidate its data in Azure and build a suite of AI tools in close collaboration with Microsoft. TAL…
A researcher has analyzed internet-facing Perforce P4 servers and found that many are still misconfigured, exposing highly sensitive information. Perforce P4 (formerly Helix Core) is…
North Korea’s Lazarus APT stole $290M from Kelp DAO Pierluigi Paganini April 21, 2026 North Korea-linked Lazarus Group stole $290M from Kelp DAO by abusing…
