London hospitals continue to suffer from 2024 ransomware attack Four arrested in PowerOFF takedown Microsoft Defender “RedSun” zero-day Get the show notes here: https://cisoseries.com/cybersecurity-news-london-hospital-ransomware-legacy-poweroff-takedown-microsoft-redsun-zero-day/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their…
Handling the CVE Flood With EPSS, (Mon, Apr 20th)
Every morning, security people around the world face the same ritual: opening their vulnerability feed to find a lot of new CVE entries that appeared overnight. Over the past decade, this flood has become a defining challenge of modern defensive…
Are passwords putting you at risk?
Almost every year we hear that passwords are dead (we even wrote about back in December 2023). But now three years later, the vast majority… The post Are passwords putting you at risk? appeared first on Panda Security Mediacenter. This…
Arnold Clark Faces Data Breach Class Action In Scotland
About 15,000 motorists given go-ahead for Scottish group lawsuit against auto dealership after hackers post sensitive data online This article has been indexed from Silicon UK Read the original article: Arnold Clark Faces Data Breach Class Action In Scotland
Compensation vs. Burnout: The New Retention Calculus for Cybersecurity Leaders
High turnover and burnout are reshaping the 2026 cybersecurity landscape, forcing leaders to prioritize compensation, AI integration, and mental health to retain top talent. The post Compensation vs. Burnout: The New Retention Calculus for Cybersecurity Leaders appeared first on Security…
EU pushes for stronger cloud sovereignty, awards €180 million to four providers
The European Commission is stepping up efforts to strengthen the EU’s digital sovereignty by awarding a cloud services tender worth up to €180 million over six years. The initiative gives EU institutions and agencies access to sovereign cloud services delivered…
IT Security News Hourly Summary 2026-04-20 09h : 7 posts
7 posts were published in the last hour 6:34 : NSA Confirms Use of Anthropic’s Mythos Despite Pentagon Blacklist 6:34 : ZionSiphon Hits Israeli Water Systems With OT Sabotage Malware 6:34 : British Hacker Admits Stealing Millions in Virtual Currency…
NSA Confirms Use of Anthropic’s Mythos Despite Pentagon Blacklist
The National Security Agency (NSA) is actively using Anthropic’s highly restricted “Mythos” artificial intelligence model, despite the developer currently being on the Department of Defense (DoD) blacklist. According to recent intelligence reports highlighted by the International Cyber Digest, the NSA…
ZionSiphon Hits Israeli Water Systems With OT Sabotage Malware
ZionSiphon is a newly analyzed Operational Technology (OT) malware strain designed to target Israeli water treatment and desalination facilities, with a clear emphasis on sabotage rather than simple IT disruption. Darktrace’s investigation found that ZionSiphon restricts itself to hardcoded IPv4…
British Hacker Admits Stealing Millions in Virtual Currency From Targeted Companies
A 24-year-old British national, Tyler Robert Buchanan, has pleaded guilty to orchestrating a massive cyberattack campaign that compromised over a dozen U.S. companies and resulted in the theft of at least $8 million in cryptocurrency. According to a Friday announcement…
What is DANE? DNS-Based Authentication of Named Entities Explained (2026)
DANE (DNS-Based Authentication of Named Entities) uses DNSSEC and TLSA records to secure TLS certificates and prevent man-in-the-middle attacks on email and the web. Here’s how it works. The post What is DANE? DNS-Based Authentication of Named Entities Explained (2026)…
Why Dark Web Monitoring Is No Longer Enough (And What Comes Next)
The problem with how we monitor identity risk today For years, dark web monitoring has been positioned as the frontline defense against compromised credentials and identity exposure. If your data showed up on the dark web, you got an alert.…
QEMU Hijacked as Stealth Backdoor for Credential Theft, Ransomware
Attackers are increasingly abusing QEMU virtual machines to hide credential theft and ransomware staging inside “invisible” virtual environments, making detection and forensics significantly harder for defenders. QEMU is a legitimate open-source emulator and virtualizer that allows running full operating systems…
Public Notion Pages Expose Editors’ Profile Photos and Email Addresses
A significant data exposure issue has been brought to light regarding Notion, a highly popular productivity and note-taking application. This exposure happens without requiring any authentication, cookies, or access tokens, leaving thousands of indexable company wikis and personal pages vulnerable…
Critical Gardyn Flaws Open Smart Garden Devices to Remote Hijacking
A recently updated advisory from the Cybersecurity and Infrastructure Security Agency (CISA) has revealed severe vulnerabilities in Gardyn Home Kit systems. These critical flaws carry a maximum CVSS score of 9.3 and could allow malicious actors to hijack smart gardening…
Project Glasswing: When AI Becomes the Ultimate Hacker—and Defender
Anthropic has introduced Project Glasswing, a cybersecurity initiative powered by an unreleased AI model called Claude Mythos. This system can identify zero-day vulnerabilities, generate exploits, and even help fix them—often without human input. But there’s a catch: it’s considered too…
How to spot a North Korean fake in a job interview
North Korean operatives are getting hired at companies by passing job interviews using fake identities and AI tools. In this Help Net Security video, Adrian Cheek, a senior cybercrime researcher at Flare, outlines several ways organizations can catch these attempts…
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
Boost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an attacker would do in their specific environment. What the tool does SmokedMeat takes a flagged pipeline…
Vercel Reports Data Breach Amid Claims of Compromised Internal Infrastructure
According to a recent security bulletin published by Vercel, the cloud platform company has suffered a data breach involving unauthorized access to its internal infrastructure. The incident, which was updated on April 20, 2026, highlights the growing risks associated with…
NIST Adopts Risk-Based NVD Model as CVE Submissions Jump 263% Since 2020
According to a recent announcement from the National Institute of Standards and Technology (NIST), the agency is fundamentally restructuring how it manages the National Vulnerability Database (NVD). Driven by a massive 263% increase in Common Vulnerabilities and Exposures (CVE) submissions…
Fake Helpdesk Attack Uses Teams and Quick Assist to Breach Targets
Attackers are increasingly abusing Microsoft Teams and Windows Quick Assist to run a helpdesk‑themed social engineering attack chain that leads to full enterprise compromise and stealthy data theft. By impersonating IT support and relying on legitimate tools and protocols, adversaries can move…
Critical Vulnerability In Flowise Allows Remote Command Execution Via MCP Adapters
A critical vulnerability in Flowise and multiple AI frameworks has been discovered by OX Security, exposing millions of users to remote code execution (RCE). The flaw stems from the Model Context Protocol (MCP), a widely used communication standard for AI…
Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to “certain” internal Vercel systems. The incident stemmed from the compromise of Context.ai, a third-party artificial intelligence (AI) tool, that was used by…
Security Researcher Goes To War Against Microsoft
Microsoft Under Fire, NIST Scales Back NVD, FortiSandbox Critical Bugs, Vercel Breach Claims, Scattered Spider Member Pleads Guilty Host David Shipley covers five major stories: researcher “Chaotic Eclipse” publicly released Windows exploits—first “Blue Hammer,” then “Red Sun,” a Microsoft Defender…