A cyberattack hit France’s ANTS website, possibly exposing personal data from users applying for IDs, passports, and driver’s licenses. A cyberattack targeted France’s ANTS platform, which handles applications for passports, ID cards, residence permits, and driver’s licenses. Authorities detected the…
Hackers Use AppDomain Hijacking to Turn Trusted Intel Utility Into Malware Launcher
Security researchers have uncovered a highly sophisticated attack campaign that weaponizes a legitimate, digitally signed Intel utility to secretly deploy malware, all without touching a single line of the original program’s code. The campaign, dubbed Operation PhantomCLR, represents a serious evolution…
Gh0st RAT and CloverPlus Adware Delivered Together in New Dual-Payload Malware Campaign
A newly identified malware campaign is raising serious concerns across the cybersecurity community by delivering two very different threats at the same time. Attackers are now using a single, obfuscated loader to push both Gh0st Remote Access Trojan (RAT) and…
Amtrak Data Breach Exposes 2.1M Records, Reports Suggest Larger Leak
Amtrak data breach exposes over 2.1 million customer records after CRM access. Learn what was leaked, risks, and steps users and IT teams should take now. The post Amtrak Data Breach Exposes 2.1M Records, Reports Suggest Larger Leak appeared first…
This VPN Lets You Verify Your Business Privacy For $130
VP.NET makes VPN privacy verifiable, not just policy-based, with secure enclave tech for up to five devices. The post This VPN Lets You Verify Your Business Privacy For $130 appeared first on TechRepublic. This article has been indexed from Security…
[un]prompted 2026 – Rob T. Lee, Glenn Thorpe, Dan Hubbard & Sergej Epp – Vibe Coded (Micro-Talks)
Author, Creator & Presenter: Rob T. Lee, Glenn Thorpe, Dan Hubbard & Sergej Epp Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’ YouTube Channel. Permalink The post…
North Korea-Linked UNC1069 Uses Fake Zoom and Teams Meetings to Hack Crypto Professionals
A North Korean threat group known as UNC1069 has been running a sophisticated campaign that tricks cryptocurrency and Web3 professionals into joining fake online meetings, only to infect their computers with malware designed to steal digital assets. The group pretends…
Claude Desktop changes app access settings for browsers you don’t even have installed yet
Installation and pre-approval without consent looks dubious under EU law One app should not modify another app without asking for and receiving your explicit consent. Yet Anthropic’s Claude Desktop for macOS installs files that affect other vendors’ applications without disclosure,…
Cybersecurity with a Digital Twin: Why Real-Time Data Streaming Matters
Cyberattacks on critical infrastructure and manufacturing systems are growing in scale and sophistication. Industrial control systems, connected devices, and cloud services expand the attack surface far beyond traditional IT networks. Ransomware can stop production lines, and manipulated sensor data can…
The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment
The MCP flaw reveals a systemic AI security gap, exposing enterprise systems to supply chain attacks and forcing a shift toward data-layer governance. The post The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment appeared first on TechRepublic. This…
Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft
Tyler Buchanan, linked to Scattered Spider, pleaded guilty in the US to hacking companies and stealing millions in cryptocurrency. Tyler Buchanan, a 24-year-old from Scotland linked to the Scattered Spider group, admitted in a US court that he hacked dozens…
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0. It has been described…
IT Security News Hourly Summary 2026-04-20 21h : 7 posts
7 posts were published in the last hour 18:34 : Hidden Cyber Threat AI Is Preparing That Some Companies Aren’t Thinking About 18:34 : Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks 18:34 : Over 800 Android Apps…
Hidden Cyber Threat AI Is Preparing That Some Companies Aren’t Thinking About
Cyber threats are in an era where defense and attack are powered by artificial intelligence. While AI has seen a rapid advancement in recent times, it has raised concern among world leaders, policymakers and experts. Evidently, the rapid and unpredictable…
Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks
A privacy expert warns Chrome still allows browser fingerprinting and tracking, raising concerns after Google’s shift away from third-party cookie changes. The post Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks appeared first on TechRepublic. This article has…
Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign
Four Android banking malware campaigns are targeting more than 800 apps by abusing overlays, Accessibility permissions, and sideloaded fake apps to steal PINs. The post Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign appeared first on TechRepublic. This article…
Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched
Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft Defender and Windows users. The post Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched appeared first on TechRepublic. This article has been…
Randall Munroe’s XKCD ‘Subduction Retrieval’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Subduction Retrieval’ appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: Randall Munroe’s…
Article 5 and the EU AI Act’s Absolute Red Lines – FireTail Blog
Apr 20, 2026 – Alan Fagan – Most conversations about the EU AI Act focus on August 2026, when obligations for high-risk AI systems become fully enforceable. But Article 5 is already live. The Act’s eight prohibited practices became enforceable…
Eurail Breach Exposes Data of Over 300,000 U.S. Users
Eurail B.V. has confirmed a data breach affecting 308,777 individuals in the United States. Among them are 242 people from New Hampshire. The incident took place between the end of December 2025 and early January 2026. During this period,…
2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable
From the FBI breach to the DarkSword iPhone exploit, these are the biggest cyber attacks and security failures that have shaped 2026 so far. The post 2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable…
Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand
Vercel confirms a security incident after a threat actor claims internal access and demands a $2M ransom, raising concerns about API keys, CI/CD pipelines, and cloud security. The post Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand…
Cybersecurity in the age of AI means bigger, faster threats
<p>With attackers able to move at AI speed, defenders can’t rely on the techniques and instincts they’ve come to trust. Even the best of best practices won’t meet the threat, said speakers at the recent SecureWorld conference in Boston.</p> <p>An…
Supply Chain Compromise Impacts Axios Node Package Manager
The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this alert to provide guidance in response to the software supply chain compromise of the Axios node package manager (npm).1 Axios is an HTTP client for JavaScript that developers commonly use…