SC Staff

Non-human identities now center of enterprise risk

• aiml
• identity
• privileged-access-management

Non-human identities now center of enterprise risk

SC Staff April 20, 2026

Security Brief Australia reports that security leaders marking Identity Management Day are sounding an urgent alarm over...

Read More Read more about Non-human identities now center of enterprise risk

Executive order spurs push for stronger identity proofing

• identity

Executive order spurs push for stronger identity proofing

SC Staff April 20, 2026

Industry leaders are seizing upon the Trump administration's Executive Order 14390 to argue that the federal government's...

Read More Read more about Executive order spurs push for stronger identity proofing

Apple account notifications abused for iPhone purchase phishing scams

• phishing

Apple account notifications abused for iPhone purchase phishing scams

SC Staff April 20, 2026

The phishing campaign involves creating an Apple ID and strategically placing scam text within the first and...

Read More Read more about Apple account notifications abused for iPhone purchase phishing scams

Critical RCE vulnerability in protobuf.js; Exploit code published

• patchconfiguration-management
• supply-chain
• vulnerability-management

Critical RCE vulnerability in protobuf.js; Exploit code published

SC Staff April 20, 2026

The vulnerability, tracked as GHSA-xq3m-2v4x-88gg, stems from unsafe dynamic code generation within protobuf.js.

Read More Read more about Critical RCE vulnerability in protobuf.js; Exploit code published

AI code reviewer fooled by spoofed developer identity

• aiml
• devsecops
• identity

AI code reviewer fooled by spoofed developer identity

SC Staff April 20, 2026

Manifold Security showcased how an AI code reviewer, using Claude, accepted malicious code changes due to spoofing...

Read More Read more about AI code reviewer fooled by spoofed developer identity

Payouts King ransomware abuses QEMU for hidden VMs and backdoors

• data-security
• ransomware
• threat-intelligence

Payouts King ransomware abuses QEMU for hidden VMs and backdoors

SC Staff April 20, 2026

The Payouts King ransomware operation is leveraging the QEMU emulator to create hidden virtual machines and establish...

Read More Read more about Payouts King ransomware abuses QEMU for hidden VMs and backdoors

Express website vulnerability exposed customer order details

• data-security
• security-operations
• vulnerability-management

Express website vulnerability exposed customer order details

SC Staff April 20, 2026

The vulnerability allowed unauthorized access to order confirmation pages, revealing customer names, phone numbers, email addresses, postal...

Read More Read more about Express website vulnerability exposed customer order details

Fiverr faces scrutiny over exposed user files

• data-security
• security-operations

Fiverr faces scrutiny over exposed user files

SC Staff April 20, 2026

The data exposure occurred because Fiverr utilized Cloudinary for image and PDF storage, employing public URLs instead...

Read More Read more about Fiverr faces scrutiny over exposed user files

Man sentenced for hacking U.S. Supreme Court and government systems

• identity
• security-operations

Man sentenced for hacking U.S. Supreme Court and government systems

SC Staff April 20, 2026

Nicholas Moore has been sentenced to one year of probation for hacking into the U.S. Supreme Court’s...

Read More Read more about Man sentenced for hacking U.S. Supreme Court and government systems

US imposes extended jail time on North Korean laptop farm facilitators

• threat-intelligence

US imposes extended jail time on North Korean laptop farm facilitators

SC Staff April 17, 2026

The U.S. Department of Justice has announced that New Jersey residents Kejia Wang and Zhenxing Wang have...

Read More Read more about US imposes extended jail time on North Korean laptop farm facilitators