April 2026

AI-assisted intruders pwned Vercel via OAuth abuse and a pilfered employee account 2026-04-21 at 15:29 By Carly Page CEO suspects silicon sidekick behind ‘surprising velocity’ breach – cyber crims shop stolen data for $2M Vercel’s CEO reckons the crooks behind its recent breach likely had a helping hand from AI, saying the attackers moved with […]

Crook claims to leak ‘video surveillance footage’ of companies 2026-04-21 at 15:29 By Connor Jones Mexican IT services firm admits it was hacked, but says client operations weren’t affected A Mexican IT infrastructure and digital transformation biz is on clean-up duty after a criminal posted screenshots of what they claimed was company video surveillance footage

When Metal Theft Becomes a Life Safety Crisis 2026-04-21 at 15:29 By Lessons from telecommunications infrastructure attacks.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks 2026-04-21 at 15:29 By The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn’t changed: stolen credentials. Identity-based attacks remain a dominant

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs 2026-04-21 at 15:29 By Cybersecurity researchers have discovered a new iteration of an Android malware family calledNGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. “The threat actors took the app, which is used to relay NFC data,

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution 2026-04-21 at 15:29 By Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines Antigravity’s permitted file-creation capabilities with an insufficient input sanitization in Antigravity’s native file-searching tool,

How AI Increases the Load on Security Teams 2026-04-21 at 14:08 By Paul Ionescu And why automation may be the only way to keep up This article is an excerpt from SECURITY.COM View Original Source

Met police trials snoop tech platform in push to cuff more London shoplifters 2026-04-21 at 14:08 By Connor Jones No facial recognition privacy intrusions either! Well, maybe a little London’s Metropolitan Police is trialing new retail technology to help curtail the city’s pervasive shoplifting problem… and it doesn’t rely on live facial recognition (LFR).… This

England’s school phone ban gets teeth, just in time to bite no one 2026-04-21 at 14:08 By Carly Page 90% of schools already compliant, but at least now there’s paperwork Ministers are moving to turn England’s patchwork of school phone bans into law, after peers backed fresh changes to the Children’s Wellbeing and Schools Bill

Panasonic creates device-locked QR codes to speed facial biometric capture 2026-04-21 at 12:56 By Simon Sharwood Admins are tired of taking photos, so this enables secure on-site unattended enrolment Japanese industrial giant Panasonic has created a new form of QR code it says will only work on designated devices and environments.… This article is an

Iran claims US used backdoors to knock out networking equipment during war 2026-04-21 at 12:56 By Simon Sharwood And China is loving it Iranian media is claiming that the US used backdoors and/or botnets to disable networking equipment during the current war, and Chinese state media is dining out on the allegations.… This article is