Latest news as of 4/20/2026, 8:37:10 AM
Bleeping Computer
Microsoft has released out-of-band (OOB) updates to fix issues affecting Windows Server systems after installing the April 2026 security updates. [...]
The Hacker News
Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence, tamper with local configuration files, and scan for operational technology (OT)-relevant services on the local subnet.
The Register
Blames outfit called Context.ai, which reckons an agentic OAuth tangle caused the incident Vercel, the company that created the open source Next.js web development framework, has a data leak that led to compromise of some customer credentials, and blamed an outfit called Context.ai for the mess.…
The Hacker News
Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to "certain" internal Vercel systems. The incident stemmed from the compromise of Context.ai, a third-party artificial intelligence (AI) tool, that was used by an employee at the company. "The attacker used that access to take over the employee's Vercel Google Workspace account,
The Register
Aren't we all just prompting tokens of linguistic meaning and hoping the other person isn't bullshitting us? It's a week of the year, which means there's been the discovery of yet another prompt injection attack that will force supposedly well-guarded AI bots to spill secrets by asking the right way. … kettle
Bleeping Computer
Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data. [...]
Bleeping Computer
Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data. [...]
Bleeping Computer
Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple's servers, increasing legitimacy and potentially allowing them to bypass spam filters. [...]
Bleeping Computer
The National Institute of Standards and Technology will stop assigning severity scores to lower-priority vulnerabilities due to the growing workload from rising submission volumes. [...]
The Register
Passing the buck, and the blame, down the road shows lack of AI companies' maturity AI vendors: "You need to use AI to fight AI threats (and do everything else in your corporate IT environment)." Also AI vendors: "That's not a security flaw; it's working as intended."… OPINION