Latest news as of 4/25/2026, 10:03:51 PM
The Hacker News
Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application. The vulnerabilities are listed below - CVE-2026-3055 (CVSS score: 9.3) - Insufficient input validation leading to memory overread CVE-2026-4368 (CVSS score: 7.7) - Race condition leading to user
The Hacker News
A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations. According to the U.S. Department of Justice (DoJ), Aleksei Olegovich Volkov facilitated dozens of ransomware attacks across the
Dark Reading
Threat actors bypass security tools and use AI to launch faster ransomware attacks that exploit valid credentials and target data
Bleeping Computer
OpenAI is rolling out a new feature called 'Library' for ChatGPT, which allows you to store your personal files or images on OpenAI's cloud storage, so you can reference those items in a future chat. [...]
Have I Been Pwned
In around 2011, the RuneScape Boards forum (also known as RSBoards) suffered a data breach . The vBulletin-based service exposed 223k unique email addresses along with usernames, IP addresses and salted MD5 password hashes. that was later redistributed as part of a larger corpus of data
The Register
'It freakin' worked' says Rob Joyce - and shows how relentless AI agents can find holes humans miss The now-infamous abusing Claude AI to automate cyberattacks was a Rorschach test for the infosec community, according to former NSA cyber boss Rob Joyce.… RSAC 2026 Anthropic report about Chinese cyberspies
Bleeping Computer
Mazda Motor Corporation (Mazda) announced that information belonging to its employees and business partners had been exposed in a security incident detected last December. [...]
Dark Reading
Two cybersecurity leaders tested out AI in their respective SOCs for six months — and here's what they learned.
Dark Reading
A threat actor used the open source security tool to deploy an infostealer into CI/CD workflows and steal cloud credentials, SSH keys, tokens, and other sensitive secrets.
The Register
Washington content to be represented by actual empty chairs Back in the day (circa 2023) when cybercrime group Scattered Spider and its help-desk voice-phishing calls were a relatively new threat, the feds considered pulling the government's top cyber-threat hunters and their private-sector counterparts into one room to share information, in real time, about this loosely knit extortion ring that was terrorizing enterprises.… RSA 2026