Latest news as of 4/26/2026, 12:52:28 AM
The Register
Voice phishing is second most common initial access method across all IR probes, and top in cloud break-ins Voice phishing surged last year to become the second most common method used by cybercriminals to gain initial access to their victims' IT estate – and the No. 1 tactic used when breaking into cloud environments.…
Bleeping Computer
AI agents can access data directly, making data security the foundation of AI security. Learn more about how Varonis Atlas helps orgs see, secure, and control AI systems and the data they can reach. [...]
The Hacker News
Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many still ignore basic advisories. This edition covers a mix of issues: supply chain attacks hitting CI/CD setups, long-abused IoT devices being shut down, and exploits moving quickly from disclosure to real attacks. There are also new malware tricks
Dark Reading
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.
Check Point Research
For the latest discoveries in cyber research for the week of 23rd March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Navia Benefit Solutions, a United States-based employee benefits administrator, has disclosed a breach affecting more than 2.6 million individuals after unauthorized access and potential data exfiltration occurred between December 22, 2025 and […] The post appeared first on . 23rd March – Threat Intelligence Report Check Point Research
The Hacker News
AWS Bedrock is Amazon's platform for building AI-powered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That connectivity is what makes it powerful – but it’s also what makes Bedrock a target. When an AI agent can query your Salesforce instance, trigger a Lambda function, or pull from a SharePoint
The Register
Trio-Tech International initially said hack wasn’t 'material,' but then stolen data was published Trio-Tech International initially shrugged off a ransomware attack at a Singapore subsidiary as immaterial, only to reverse course days later after discovering stolen data had been disclosed.…
The Register
Infosec pros descend on San Francisco When El Reg cybersecurity editor Jessica Lyons joins infosec industry colleagues in San Francisco for RSAC 2026 this week, she's expecting agentic AI to be on everyone's lips - at least those who aren't busy gossiping about the lack of presence from any representatives of the US federal government.… kettle
Bleeping Computer
Microsoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clients since Thursday. [...]
The Hacker News
Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware. The email campaigns take advantage of the urgency and time-sensitive nature of emails to send phishing messages masquerading as refund notices, payroll forms, filing reminders, and requests from tax professionals to deceive recipients into opening