Software

Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand

April 20, 2026 add comment
Vercel confirms a security incident after a threat actor claims internal access and demands a $2M ransom, raising concerns about API keys, CI/CD pipelines, and cloud security. The post... Read more »

2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable

April 20, 2026 add comment
From the FBI breach to the DarkSword iPhone exploit, these are the biggest cyber attacks and security failures that have shaped 2026 so far. The post 2026’s Breach List... Read more »

Clothing Retailer Patches Website Flaw Exposing Customer Data

April 17, 2026 add comment
A clothing retailer patched a website flaw that exposed customer data via order links, highlighting risks associated with predictable URL structures. The post Clothing Retailer Patches Website Flaw Exposing... Read more »

New Phishing Attack Turns n8n Into On-Demand Malware Machine

April 17, 2026 add comment
Hackers are abusing n8n workflows to deliver malware and evade detection, according to Cisco Talos, using trusted automation to bypass security defenses. The post New Phishing Attack Turns n8n... Read more »

McGraw-Hill Confirms Data Exposure, Hackers Claim 45M Salesforce Records Leaked

April 16, 2026 add comment
McGraw-Hill confirms a data exposure tied to a Salesforce misconfiguration as hackers claim 45M records, raising concerns over SaaS security risks. The post McGraw-Hill Confirms Data Exposure, Hackers Claim... Read more »

Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab

April 15, 2026 add comment
Misconfigured source code management platforms remain a common entry point in software supply chain attacks, and organizations often lack visibility into which settings put them at risk. Legitify, an... Read more »

OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support

April 14, 2026 add comment
OpenSSL 4.0.0 removes several long-deprecated features, adds support for Encrypted Client Hello, and introduces API-level changes that will require code updates for applications built against older versions. SSLv3, SSLv2... Read more »

DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend

April 14, 2026 add comment
Organizations that run DavMail to bridge standard mail clients to Microsoft Exchange or Office 365 received an update this week. Version 6.6.0 addresses a code-scanning alert tied to a... Read more »

GrafanaGhost: The AI That Leaked Everything Without Being Hacked

April 13, 2026 add comment
A newly disclosed vulnerability reveals how AI assistants can become invisible channels for data exfiltration — and why security enforcement must shift to the data layer. The post GrafanaGhost:... Read more »

ZeroID: Open-source identity platform for autonomous AI agents

April 13, 2026 add comment
ZeroID is an open-source identity platform that implements an identity and credentialing layer specifically for autonomous agents and multi-agent systems. The attribution problem The core issue ZeroID targets is... Read more »
Subscribe to our Newsletter