VERTECH NEWS
Claude CodeAI GeneralAI BusinessCybersecurityTech General
ToolsPT-BR
> Vertech News

Tech & AI Intelligence Feed. Curated AI & tech news from 12+ sources, auto-categorized and updated every 6 hours.

Categories

  • Claude Code
  • Ai General
  • Ai Business
  • Cybersecurity
  • Tech General

Built by Vertech Solucoes

We build AI automation, custom pipelines, and intelligent systems for businesses. This site is a demo of what we do.

Talk to us on WhatsApp →

Newsletter

Powered by RSS feeds • Auto-updated every 6h • 2026
Vertech Solucoes — AI & Automation Consulting

Cybersecurity

Security threats, vulnerabilities, data breaches & defense

84 articles

>_BleepingComputer
Cybersecurity
BleepingComputer

Acer working to patch max severity zero-days in Wave 7 routers

Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. [...]

Just now
>_Wired
Cybersecurity
Wired

Nvidia’s RTX Spark Laptops Look Hell-Bent on Disruption

The company’s RTX Spark chips might finally turn the “AI PC” into reality.

1h ago
>_The Hacker News
Cybersecurity
The Hacker News

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker. Like in the case of CVE-2026-33829, which impacted the...

1h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

Police dismantles 9 crime groups in illegal streaming crackdown

European and international law enforcement agencies have dismantled nine organized crime groups and arrested 29 suspects in a major crackdown on illegal streaming operations. [...]

2h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

Google adds Android protection against AI deepfake scam calls

Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user's personal contacts. [...]

3h ago
>_The Hacker News
Cybersecurity
The Hacker News

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerabi...

3h ago
SponsoredVPN

NordVPN

Protect your online privacy with military-grade encryption and secure VPN.

Learn more →
>_BleepingComputer
Cybersecurity
BleepingComputer

VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a...

5h ago
>_The Hacker News
Cybersecurity
The Hacker News

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems. The Minecraft-focused malware-as-a-serv...

5h ago
>_CNBC
Cybersecurity
CNBC

Palo Alto CEO says customer meeting requests have surged amid AI security concerns

Palo Alto Networks CEO Nikesh Arora said artificial intelligence is increasing demand for cybersecurity solutions.

12h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

Microsoft's Coreutils project brings Linux commands to Windows

Microsoft announced today at its Build 2026 developer conference the release of Coreutils for Windows, bringing many commonly used Linux command-line utilities to Windows as native applications. [...]

13h ago
>_TechCrunch
Cybersecurity
TechCrunch

Cyera eyes $12B valuation at 80x ARR multiple despite operating losses

The cybersecurity company is nearing a $300 million round led by Evolution Equity Partners.

13h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

OpenAI upgrades GPT-5.5, as it plans to retire legacy ChatGPT models

OpenAI says it's rolling out a new update that improves the existing GPT-5.5 Instant model, and this move comes ahead of the scheduled retirement of multiple legacy models, including o3. [...]

13h ago
SponsoredSecurity

1Password

Secure password manager for teams and individuals. Never reuse a password.

Learn more →
>_BleepingComputer
Cybersecurity
BleepingComputer

Critical Kirki flaw exploited to hijack WordPress admin accounts

Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. [...]

14h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

Over 116,000 Minecraft systems infected in WeedHack malware campaign

A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [...]

14h ago
>_CNBC
Cybersecurity
CNBC

Palo Alto Networks tops earnings as AI fuels cybersecurity urgency

The beat comes on lowered expectations, after the company gave disappointing guidance in February that fell short of analyst estimates.

14h ago
>_CNBC
Cybersecurity
CNBC

HPE surges 19% after Monday's blowout earnings, closing its best day ever

CEO Antonio Neri told CNBC that the company is "uniquely positioned" to capture the disruption brought about by artificial intelligence.

16h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. [...]

16h ago
>_The Verge
Cybersecurity
The Verge

I held the next-gen handheld

The new MSI Claw with Intel Arc G3 Extreme. | Photo by Sean Hollister / The Verge Intel couldn't catch a break. Layoffs. Shakedowns. Crashing CPUs torpedoing its reputation, sending desktop gamers f...

16h ago
SponsoredPrivacy

Proton Mail

End-to-end encrypted email, VPN, and cloud storage from Switzerland.

Learn more →
>_TechCrunch
Cybersecurity
TechCrunch

New Microsoft tool lets devs spin up AI behavior tests using text descriptions

Microsoft on Tuesday took the wraps off Adaptive Spec-driven Scoring for Evaluation and Regression Testing, an open source framework for spinning up AI evaluations.

17h ago
>_The Hacker News
Cybersecurity
The Hacker News

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that h...

17h ago
>_The Verge
Cybersecurity
The Verge

Trump signs executive order to review AI models before they’re released

President Donald Trump signed an executive order Tuesday creating a "voluntary framework" for AI companies to share their frontier models with the federal government before they're released "to promot...

17h ago
>_The Hacker News
Cybersecurity
The Hacker News

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation. Per...

17h ago
>_The Hacker News
Cybersecurity
The Hacker News

Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, ba...

18h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

Microsoft Exchange Online outage causes email delays, failures

Microsoft is working to address a widespread service issue affecting the mail flow pipeline for Exchange Online customers across North America and Germany. [...]

19h ago
SponsoredVPN

NordVPN

Protect your online privacy with military-grade encryption and secure VPN.

Learn more →
>_The Verge
Cybersecurity
The Verge

Microsoft created the mini Surface dev box that Qualcomm couldn’t

Microsoft only just announced a new Surface Laptop Ultra at the weekend, and it's now revealing a miniature Surface PC aimed at developers. The new Surface RTX Spark Dev Box is powered by Nvidia's new...

19h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

Instagram users locked out after Meta AI abused to steal accounts

Multiple Instagram users had their accounts hijacked after attackers convinced Meta's AI-powered support tools that they were the legitimate owners. [...]

20h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

Why the browser is now the front line for AI security

AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why browser visibility is becoming critical for both threat detection and AI govern...

21h ago
>_BleepingComputer
Cybersecurity
BleepingComputer

CISA flags two-year-old Oracle flaw as actively exploited in attacks

CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. [...]

23h ago
>_The Hacker News
Cybersecurity
The Hacker News

AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.

AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of en...

Yesterday
>_BleepingComputer
Cybersecurity
BleepingComputer

Google fixes one actively exploited Android zero-day, 124 flaws

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]

Yesterday
SponsoredSecurity

1Password

Secure password manager for teams and individuals. Never reuse a password.

Learn more →
>_The Hacker News
Cybersecurity
The Hacker News

How Leading Organizations Are Turning EDR Into Operational Resilience

Most organizations now recognize that endpoint protection alone is no longer sufficient. That's why adoption of endpoint detection and response (EDR) has accelerated rapidly in recent years. Organiza...

Yesterday
>_The Hacker News
Cybersecurity
The Hacker News

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source r...

Yesterday
>_The Hacker News
Cybersecurity
The Hacker News

Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party....

Yesterday
>_BleepingComputer
Cybersecurity
BleepingComputer

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. [...]

Yesterday
>_Ars Technica
Cybersecurity
Ars Technica

Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts

Pricey Instagram handles were stolen and resold before Meta patched the exploit.

Yesterday
>_The Hacker News
Cybersecurity
The Hacker News

Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propag...

Yesterday
SponsoredPrivacy

Proton Mail

End-to-end encrypted email, VPN, and cloud storage from Switzerland.

Learn more →
>_Krebs on Security
Cybersecurity
Krebs on Security

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions be...

Yesterday
>_The Hacker News
Cybersecurity
The Hacker News

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: poi...

Yesterday
>_The Hacker News
Cybersecurity
The Hacker News

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite...

2d ago
>_The Hacker News
Cybersecurity
The Hacker News

The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools

Three years ago, the practical question for an MSP building a cybersecurity practice was which "vCISO platform" to buy. The term was good shorthand for the work at the time: assessments, advisory, rep...

2d ago
>_The Hacker News
Cybersecurity
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named co...

2d ago
>_The Hacker News
Cybersecurity
The Hacker News

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrat...

2d ago
SponsoredVPN

NordVPN

Protect your online privacy with military-grade encryption and secure VPN.

Learn more →
>_The Hacker News
Cybersecurity
The Hacker News

Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices

Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks. The b...

2d ago
>_The Hacker News
Cybersecurity
The Hacker News

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. The vulnerability, tracked as...

4d ago
>_The Hacker News
Cybersecurity
The Hacker News

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markdown links and images to trigger...

4d ago
>_The Hacker News
Cybersecurity
The Hacker News

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible...

4d ago
>_The Hacker News
Cybersecurity
The Hacker News

New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per W...

5d ago
>_The Hacker News
Cybersecurity
The Hacker News

What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks

Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publi...

5d ago
SponsoredSecurity

1Password

Secure password manager for teams and individuals. Never reuse a password.

Learn more →
>_The Hacker News
Cybersecurity
The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon clien...

5d ago
>_The Hacker News
Cybersecurity
The Hacker News

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through...

5d ago
>_The Hacker News
Cybersecurity
The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The...

5d ago
>_The Hacker News
Cybersecurity
The Hacker News

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver a credential-stealing malware family dubbed...

5d ago
>_The Hacker News
Cybersecurity
The Hacker News

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better underst...

5d ago
>_The Hacker News
Cybersecurity
The Hacker News

New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"

State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is...

6d ago
SponsoredPrivacy

Proton Mail

End-to-end encrypted email, VPN, and cloud storage from Switzerland.

Learn more →
>_The Hacker News
Cybersecurity
The Hacker News

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineerin...

6d ago
>_The Hacker News
Cybersecurity
The Hacker News

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That's according t...

6d ago
>_The Hacker News
Cybersecurity
The Hacker News

5 Steps to Managing Shadow AI Tools Without Slowing Down Employees

When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a productive employee sho...

6d ago
>_The Hacker News
Cybersecurity
The Hacker News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent soft...

May 27
>_The Hacker News
Cybersecurity
The Hacker News

3 SOC Steps that Shut Down Incident Risks Early

Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. The...

May 27
>_The Hacker News
Cybersecurity
The Hacker News

Gitea Vulnerability Exposes Private Container Images without Authentication

Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container imag...

May 27
SponsoredVPN

NordVPN

Protect your online privacy with military-grade encryption and secure VPN.

Learn more →
>_The Hacker News
Cybersecurity
The Hacker News

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. "This emerging deli...

May 27
>_Ars Technica
Cybersecurity
Ars Technica

Millions of AI agents imperiled by critical vulnerability in open source package

"BadHost" was found in Starlette, a package with 325 million weekly downloads.

May 26
>_The Hacker News
Cybersecurity
The Hacker News

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of 2026. The activi...

May 26
>_The Hacker News
Cybersecurity
The Hacker News

[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back

Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Inte...

May 26
>_The Hacker News
Cybersecurity
The Hacker News

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be m...

May 26
>_The Hacker News
Cybersecurity
The Hacker News

MFA Prompt Bombing: Why Your Second Factor Isn't Saving You

Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credentials, they couldn't log in without the seco...

May 26
SponsoredSecurity

1Password

Secure password manager for teams and individuals. Never reuse a password.

Learn more →
>_The Hacker News
Cybersecurity
The Hacker News

CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being...

May 26
>_The Hacker News
Cybersecurity
The Hacker News

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation a...

May 26
>_The Hacker News
Cybersecurity
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web she...

May 26
>_The Hacker News
Cybersecurity
The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent t...

May 25
>_Krebs on Security
Cybersecurity
Krebs on Security

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and...

May 25
>_The Hacker News
Cybersecurity
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity...

May 25
SponsoredPrivacy

Proton Mail

End-to-end encrypted email, VPN, and cloud storage from Switzerland.

Learn more →
>_The Hacker News
Cybersecurity
The Hacker News

The Alert Firehose Finally Meets Its Match

Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll hea...

May 25
>_The Hacker News
Cybersecurity
The Hacker News

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency...

May 25
>_The Hacker News
Cybersecurity
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware. The campaign, codenamed TrapDoor, spans more t...

May 25
>_The Hacker News
Cybersecurity
The Hacker News

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly...

May 23
>_Krebs on Security
Cybersecurity
Krebs on Security

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intention...

May 22
>_Krebs on Security
Cybersecurity
Krebs on Security

Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada

Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use...

May 21
SponsoredVPN

NordVPN

Protect your online privacy with military-grade encryption and secure VPN.

Learn more →
>_Krebs on Security
Cybersecurity
Krebs on Security

CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovC...

May 18
>_Krebs on Security
Cybersecurity
Krebs on Security

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code...

May 12
>_Krebs on Security
Cybersecurity
Krebs on Security

Canvas Breach Disrupts Schools & Colleges Nationwide

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, af...

May 8
>_Krebs on Security
Cybersecurity
Krebs on Security

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks...

Apr 30
>_Krebs on Security
Cybersecurity
Krebs on Security

‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted hi...

Apr 21
>_Krebs on Security
Cybersecurity
Krebs on Security

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly di...

Apr 14

> Vertech Solucoes

Need AI automation for your business?

We build custom AI pipelines, chatbots, and automation systems. From concept to production — the same tech behind this site.

Talk to Vertech
●Last updated: Jun 3, 2026, 12:15 PM UTC