# Archive
Browse past daily curated stories
Monday, April 20, 2026
-
1The Hacker News generalVercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
Vercel disclosed a security breach where attackers compromised Context.ai, a third-party AI tool used by a Vercel employee, then leveraged that access to take over the employee's Google Workspace account and gain unauthorized access to internal Vercel systems. The incident demonstrates supply chain risk through third-party AI services and highlights how employee account compromise can lead to broader organizational exposure.
-
2BleepingComputer generalVercel confirms breach as hackers claim to be selling stolen data
Cloud development platform Vercel confirmed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data on underground markets. This represents a significant breach of a major cloud infrastructure provider used by developers worldwide, potentially exposing customer credentials and sensitive development data.
-
3BleepingComputer generalApple account change alerts abused to send phishing emails
Attackers are exploiting Apple's legitimate account notification system to send phishing emails that appear to come directly from Apple's servers, bypassing spam filters with fake iPhone purchase alerts. This novel technique abuses Apple's own infrastructure to increase the credibility of phishing attacks, making detection more difficult for both users and email security systems.
-
4BleepingComputer generalNIST to stop rating non-priority flaws due to volume increase
NIST announced it will stop assigning CVSS severity scores to lower-priority vulnerabilities due to overwhelming submission volumes that exceed their capacity for analysis. This policy change will impact how organizations prioritize patching for non-critical vulnerabilities, potentially leaving some flaws without standardized severity ratings that security teams rely on for risk assessment.
-
5SecurityWeek generalTycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks
Following the disruption of the Tycoon 2FA phishing platform, threat actors are repurposing Tycoon's tools and techniques across other phishing kits, leading to a surge in related attacks. The platform's takedown has fragmented rather than eliminated the threat, with attackers adapting existing Tycoon components into new phishing operations.
-
6BleepingComputer generalMicrosoft Teams right-click paste broken by Edge update bug
Microsoft identified a bug in a recent Edge browser update that breaks right-click paste functionality in Microsoft Teams desktop client chats. While seemingly minor, this bug affects a core workflow for millions of Teams users and demonstrates how browser updates can unexpectedly impact enterprise collaboration tools.
-
7BleepingComputer generalNAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support
NAKIVO released Backup & Replication v11.2 with new ransomware defense capabilities, faster replication, and support for vSphere 9 and Proxmox VE 9.0. The update focuses on proactive data protection features specifically designed to counter ransomware threats in virtualized environments.
-
8Ars Technica Security generalBlue Origin's rocket reuse achievement marred by errant satellite deployment
Blue Origin's New Glenn rocket successfully reused its first stage but experienced issues with satellite deployment from the upper stage during its mission. While primarily a space industry story, this highlights potential supply chain and reliability concerns for satellite-based security infrastructure.
-
9Ars Technica Security generalI’ve fired one of America’s most powerful lasers—here’s what a shot day looks like
An article describes operating one of America's most powerful lasers used for studying stellar physics and fusion energy research. This content is not directly relevant to cybersecurity practitioners and appears to be scientific research rather than security-related news.
-
10Ars Technica Security generalGreat white sharks are overheating
Research indicates great white sharks are experiencing overheating due to warming ocean temperatures and may be physiologically vulnerable to climate change. This environmental science content lacks relevance to cybersecurity operations or threat landscape analysis.