Skip to content
Security News, Assessments & Alerts

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials

Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials

Ravie LakshmananApr 20, 2026Cloud Security / Data Breach Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to “certain” internal Vercel systems. The incident stemmed from the… 

.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims

$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims

Ravie LakshmananApr 18, 2026Money Laundering / Regulatory Compliance Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it’s suspending operations after it blamed Western intelligence agencies for a $13.74… 

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Ravie LakshmananApr 18, 2026IoT Security / Vulnerability Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard… 

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Ravie LakshmananApr 17, 2026Vulnerability / Endpoint Security Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of… 

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

Ravie LakshmananApr 17, 2026Vulnerability Management The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it… 

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

Ravie LakshmananApr 17, 2026DDoS / Cybercrime An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000… 

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

Ravie LakshmananApr 17, 2026Vulnerability / Enterprise Security A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end,… 

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

Ravie LakshmananApr 16, 2026Botnet / Cryptomining Cybersecurity researchers have warned of an active malicious campaign that’s targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. “PowMix employs… 

Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

Ravie LakshmananApr 16, 2026Hacking News / Cybersecurity News You know that feeling when you open your feed on a Thursday morning and it’s just… a lot? Yeah. This week delivered. We’ve got hackers getting creative in ways that…