Search

theverge.com › tech › 914723 › …

Cloud development platform Vercel was hacked

…Vercel confirmed in a post on X that a “security incident” had occurred, and that it impacted a “limited subset” of its customers. Vercel said that a compromised third-party AI tool…

Apr 19, 2026 · Terrence O'Brien

Top stories

theverge.com

Cybersecurity

6d ago

bleepingcomputer.com

OpenAI confirms security breach in TanStack supply chain attack

1w ago

techcrunch.com

US bank discloses security lapse after sharing customer data with AI app | TechCrunch

1w ago

bleepingcomputer.com

Signal adds security warnings for social engineering, phishing attacks

1w ago

nextplatform.com › control › 2026 › …

Imagine An Army Of AI Minions Handling Incident Response

…Driving Adoption Aside from trust, removing security friction and deployment constraints is critical for this technology. For AI systems to handle production incidents, they need bulletproof security. NeuBird AI processes telemetry in…

Apr 21, 2026 · Robin Birtstone

techcrunch.com › 2026 › 05 › …

A hotel check-in system left a million passports and driver's licenses open for anyone to see | TechCrunch

…Aside from a recent buzz of AI-discovered vulnerabilities and new cybersecurity capabilities , oftentimes sizable security incidents stem from human error, misconfigurations, or failing to adhere to cybersecurity best practices. In an…

May 15, 2026 · Zack Whittaker

theregister.com › software › 2026 › …

Amazon insists AI coding isn't source of outages

…access controls – not AI." In the wake of that February incident, an Amazon spokesperson told The Register that "While security incidents involving misconfigured access controls can occur with any developer tool – AI…

Mar 10, 2026 · Thomas Claburn

Discussions and forums

r/sysadmin · u/xendr0me · 1w ago

What a bunch of idiots... Canvas

https://www.reddit.com/r/canvas/comments/1taj9mk/instructure_just_confirmed_they_paid_the_ransom/ "We received assurances that it will not be further shared on the dark web or elsewhere, and we received proof that any co…

Hacker News · u/introvertmac · Dec 3, 2025

Tell HN: Compliance is not equal to Security

For over a decade, I’ve been doing bug bounty, security audits, and security consulting. And if there’s one thing I’ve seen repeatedly, it’s this:Most startups call a security engineer or hire a security agency only when…

1 1

r/netsec · u/unknownhad · 2w ago

The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice.

The traditional vulnerability disclosure timeline relies on a fundamental assumption: exploit development and vulnerability discovery take time. Over the last 12 months the integration of LLMs into offensive tooling has …

r/selfhosted · u/ldkv · 1w ago

Accidentally exposed publicly my entire LAN for 2 weeks

Posting this as a PSA / confession because I almost had a heart attack last night and I figure if I got bit, someone else will too. TL;DR: Replaced pangolin + NPMplus with a double-Caddy + WireGuard setup. Put a "clever"…

appleinsider.com › articles › 26 › …

Another OpenAI hack puts ChatGPT Mac users on an update deadline

…The company found no evidence that customer data, production systems, or intellectual property were compromised during the incident. Apple's macOS security protections will block apps signed with the older certificates…

May 14, 2026 · Andrew Orr

techradar.com › pro

AI agents create new risks requiring continuous monitoring and oversight

…As a result, Meta gave the incident a “Sev 1” rating, the second-highest incident response identifier used internally. This incident came hot on the heels of another example of an AI…

May 4, 2026 · Nik Kairinos

bleepingcomputer.com › news › security

Zara data breach exposed personal information of 197,000 people

…provider. "Inditex has immediately applied its security protocols and has started notifying the relevant authorities of this unauthorized access, that stems from a security incident that affected a former technology provider and…

May 8, 2026 · Sergiu Gatlan

theregister.com › special-features › 2026 › …

Voice phishing skyrockets as smooth crims talk their way in

…Remember Brickstorm? Mandiant investigated "numerous" incidents in 2025 in which a suspected Chinese government spy crew tracked as UNC6201 broke into edge devices that didn't support endpoint security products, deployed a…

Mar 23, 2026 · Jessica Lyons

cnet.com › tech › services-and-software › …

Canvas Hack Aftermath: Congress Wants Instructure to Answer Questions

…alongside the Cybersecurity and Infrastructure Security Agency. CISA has been working with Instructure as one of the "outside forensics experts" the company refers to in its incident FAQs , helping to "contain the…

May 13, 2026 · See full bio

github.blog › security

Investigating unauthorized access to GitHub-owned repositories

…Written by Alexis Wales is the Chief Information Security Officer of GitHub. She leads a team of security experts focused on safeguarding the GitHub platform, products and the open source community, empowering…

May 20, 2026 · Alexis Wales