Incident Overview Vercel, a major development platform that hosts and deploys web apps, was compromised. Hackers are attempting to sell the stolen data. A pers...

!https://www.bleepstatic.com/content/hl-images/2026/04/19/vercel-header-lg.jpg Cloud development platform Vercel has disclosed a security incident after threat...

!https://www.bleepstatic.com/content/hl-images/2023/09/11/apple_triangle.jpg Apple account change notifications are being abused to send fake iPhone purchase ph...

Incident Overview Vercel, a widely used cloud platform for developing and deploying apps, has disclosed a breach of its internal systems that affected a “limit...

!https://www.bleepstatic.com/content/hl-images/2026/04/17/NIST.jpg The National Institute of Standards and Technology will stop assigning severity scores to low...

Security Incident We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems. We are actively investigating and...

Report Summary Research and development engineer Romain Marchand of Paris‑based Quarkslab obtained a telematic control unit TCU from a salvage yard in Poland....

Overview More than 30 WordPress plugins have been compromised with malicious code that allows unauthorized access to sites running them. The backdoor was plant...

As you may know, a couple weeks ago on Security Bite I was raving about Apple’s new warning prompt in Terminal that appears when a user pastes potentially malic...

Plus: Major data breaches at a gym chain and hotel giant, a disruptive DDoS attack against Bluesky, dubious ICE hires, and more....

WordPress Plugin Backdoors Someone planted backdoors in dozens of WordPress plug‑ins used in thousands of websiteshttps://techcrunch.com/2026/04/14/someone-pla...

Background Nicholas Moore pleaded guilty to hacking the U.S. Supreme Court’s electronic document filing system dozens of times over several months. He also bre...

Unauthorized Access to the Supreme Court Electronic Filing System “Moore intentionally accessed the Supreme Court’s electronic filing system without authorizat...

Bluesky’s website and app are still struggling on Friday after experiencing service interruptions that chief operating officer Rose Wang attributed to an ongoin...

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised s...

Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or r...

The National Institute of Standards and Technology NIST has announced changes to the way it handles cybersecurity vulnerabilities and exposures CVEs listed in i...

An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial‑of‑service DDoS o...

Chinese drone companies DJI, the market‑share leader, and its smaller rival Autel have yet to receive exemptions. “If the router Conditional Approval process fo...

Bluesky DDoS Attack Update Bluesky has been dealing with a DDoS attack for nearly a full day. As a result, users have been experiencing “intermittent interrupt...

A recently disclosed high‑severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infra...

Incident Overview Bluesky experienced another service disruption. The platform reported that some systems were down and that it was “investigating an incident...

Google's new warning about quantum hackers and the threat to crypto Quantum computers could break crypto encryption....

!https://www.bleepstatic.com/content/hl-images/2022/04/11/Europol_headpic.jpg More than 75,000 individuals using distributed denial‑of‑service DDoS platforms fo...

!https://www.bleepstatic.com/content/hl-images/2024/09/24/water-plant-hacker.jpg A new malware called ZionSiphon, specifically designed for operational technolo...

!https://www.bleepstatic.com/content/hl-images/2023/10/11/Microsoft-Defender_for_Endpoint.jpg Overview A researcher known as Chaotic Eclipse released a proof‑of...

!This general view shows the exterior of the European Union EU police agency Europol headquarters in The Hague on March 28, 2026.https://techcrunch.com/wp-conte...

Overview Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumen...

The Chinese “display of deep‑sea cable‑cutting technology” represented a “show of strength,” said Wendy Chang, an analyst at the Mercator Institute for China St...

You know that feeling when you open your feed on a Thursday morning and it's just… a lot? Yeah. This week delivered. We've got hackers getting creative in ways...

!https://www.bleepstatic.com/content/hl-images/2025/03/04/Cisco-headpic.jpg Cisco has released security updates to patch four critical vulnerabilities, includin...

!https://www.bleepstatic.com/content/hl-images/2026/04/16/McGraw_Hill.jpg The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user ac...

A 'novel' social engineering campaign has been observed abusing Obsidian, a cross‑platform note‑taking application, as an initial access vector to distribute a...

Overview The Computer Emergencies Response Team of Ukraine CERT‑UA has disclosed details of a new campaign that targeted governments and municipal healthcare i...

Interview with Fox News Ford CEO Jim Farley warned that allowing Chinese vehicle imports could put nearly a million U.S. jobs at risk. He said China’s heavily...

Overview Researchers from the University of Surrey and the University of Birmingham demonstrated an iPhone exploit that can steal money from a locked device us...

Background Cal’s flagship scheduling software is being moved from an open‑source license to a proprietary one. The company argues that AI‑driven coding tools n...

!https://9to5mac.com/wp-content/uploads/sites/6/2026/04/iphone-nfc-payment-terminal.jpg?quality=82&strip=all A new videohttps://youtu.be/PPJ6NJkmDAo?si=svppI45w...

Chinese drone companies DJI, the market‑share leader, and its smaller rival Autel have yet to receive exemptions. “If the router Conditional Approval process fo...

!Aerial view of an industrial building in winter with sun lit smoke / steam rising up from the chimneys.https://techcrunch.com/wp-content/uploads/2026/04/sweden...

!36M Xfinity customers had their data exposed – here's how to claim your payout | Stock photo shows silhouetted person against screenfuls of datahttps://9to5mac...

Background When Microsoft tried to launch Recall, an AI‑powered Windows feature that screenshots most of what you do on your PC, it was labeled a “disaster” fo...

The UK designated Xinbi Guarantee as an enabler of crypto scammers and human trafficking weeks ago. Telegram is still hosting it in plain sight....

!A stylized WordPress logo.https://techcrunch.com/wp-content/uploads/2024/09/wordpress-v2.jpg?w=1024 Image Credits: Bryce Durbin / TechCrunch Backdoor discovere...

Incident Overview Rockstar confirmed on Saturday that some of its data was compromised in a breach of a third‑party provider. The hacking group ShinyHunters cl...

Overview Unknown threat actors compromised CPUID cpuid.com, a website that hosts popular hardware monitoring tools such as CPU‑Z, HWMonitor, HWMonitor Pro, and...

Background Rockstar Games appears to have been hacked again, this time by the well‑known group ShinyHunters, which has previously compromised other large compa...

Breach Details An experienced hacking group has claimed to have infiltrated Rockstar Games' cloud servers, while the game publisher has confirmed that there wa...