CyberScoop | Breaking Cybersecurity News, Public Sector Threats

Vercel’s security breach started with malware disguised as Roblox cheats

The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.

By Matt Kapko

UNITED STATES – APRIL 14: Federal Trade Commission Chairman Andrew Ferguson, left, and Commissioner Mark Meador, testify during the Senate Commerce, Science and Transportation Committee hearing titled titled “Oversight of the Federal Trade Commission,” in Russell building on Wednesday, April 15, 2026. (Tom Williams/CQ-Roll Call, Inc via Getty Images)

The FTC’s AI portfolio is about to get bigger

AI

By Derek B. Johnson

CANADA – 2026/04/08: In this photo illustration, the Google Antigravity logo is seen displayed on a smartphone screen. (Photo Illustration by Thomas Fuller/SOPA Images/LightRocket via Getty Images)

Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution

AI

By Derek B. Johnson

Featured on CyberScoop

Mythos can find the vulnerability. It can’t tell you what to do about it.

By Alex Thaman
Why the Axios attack proves AI is mandatory for supply chain security

By Mike Nichols
Network ‘background noise’ may predict the next big edge-device vulnerability

By Matt Kapko
The surveillance law Congress can’t quit — and can’t explain

By Tim Starks
US nationals sentenced for aiding North Korea’s tech worker scheme

By Matt Kapko

Popular Stories

(Getty Images)

Security leaders say the next two years are going to be ‘insane’

Kevin Mandia, Morgan Adamski, and Alex Stamos tell CyberScoop that AI is finding bugs faster than anyone can fix them, exploit development is accelerating, and most organizations…

By Greg Otto

(Graphic by Shanima Parker / Scoop News Group)

Across party lines and industry, the verdict is the same: CISA is in trouble

The agency lost a third of its people in a year. Now industry and lawmakers on both sides say it's unprepared for a potential crisis.

By Tim Starks

AI-powered health apps are flooding the market. But their data security policy is more of a pinky promise than a legal mandate. (Source: Getty Images)

Your AI doctor doesn’t have to follow the same privacy rules as your real one

AI apps are making their way into healthcare. It’s not clear that rigorous data security or privacy practices will be part of the package.

By Derek B. Johnson

Nauval Wildani, iStock/Getty Images Plus

Cyber scholarship-for-service students say government has pulled rug on them, potentially burdening them with debt

Hiring freezes, budget cuts and more are raising questions about the future of CyberCorps.

By Tim Starks

A house full of open windows: Why telecoms may never purge their networks of Salt Typhoon

By Derek B. Johnson

‘Whatever we did was not enough’: How Salt Typhoon slipped through the government’s blind spots

By Tim Starks

Prolific Russian ransomware operator living in California enjoys rare leniency awaiting trial

By Matt Kapko

Trump and others want to ramp up cyber offense, but there’s plenty of doubt about the idea

By Tim Starks Mark Pomerleau

Who is sending those scammy text messages about unpaid tolls?

By Matt Kapko

Insights

Abstract art of data security — Image: Giannina Vera, Scoop News Group

Why cyber modernization requires partners with technical plus acquisition expertise

By Katie Baxter

Image of US Capitol evoking data flow — Image: Scoop News Group

Why identity is the definitive cyber defense for federal agencies

By Daniel Wilbricht

Agencies push for digital transformation amid security challenges

By Scoop News Group

Photo illustration of AI and security.

Want to scale cyber defenders? Focus on AI-enabled security and organization-wide training

By Jay Bhalodia

Videos

T-Mobile’s Eric Jensen on the challenge of securing vast supply chains

By CyberScoop Staff

Datadog’s Emilio Escobar on compliance-first AI

By Scoop News Group

Cohesity’s Marlin McFate on risks tied to growing cloud dependence

By Scoop News Group

ThreatLocker’s Rob Allen on the dual impact of AI

By Scoop News Group

Podcasts

The federal government’s most underrated cybersecurity tool

By CyberScoop Staff

What does industry think of the White House’s cybersecurity strategy?

By CyberScoop Staff

When iPhone exploits turn into commodities

By CyberScoop Staff

Behind the scenes of the Socksescort takedown

By CyberScoop Staff

The Latest

Europol, the European Union’s law enforcement agency, is pictured at its headquarters building on June 24, 2020 in The Hague, Netherlands. (Photo by Yuriko Nakao/Getty Images)

Officials seize 53 DDoS-for-hire domains in ongoing crackdown

(Getty Images)

Ghost breaches: How AI-mediated narratives have become a new threat vector

(Getty Images)

NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities

Sean Cairncross, April 15, 2026 at the Semafor World Economy event in Washington, D.C. (Tim Starks/ CyberScoop)

Executive orders likely ahead in next steps for national cyber strategy

Illustration shows the ChatGPT logo on a smartphone in Washington, DC, on March 15. (Photo by Olivier Douliery/AFP via Getty Images)

OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model

Nvidia CEO Jensen Huang participates in a Q&A at the company’s annual GTC developers conference in San Jose, California, on March 17, 2026. Huang on Monday said the leading artificial intelligence chip maker is heading for space with a goal of powering orbiting data centers. (Photo by JOSH EDELSON / AFP via Getty Images)

We’re only seeing the tip of the chip-smuggling iceberg

CISA, DHS, Department of Homeland Security, RSA 2019, DHS patching — (Scoop News Group)

CISA cancels summer internships for cyber scholarship students amid DHS funding lapse

(Photo by John Smith/VIEWpress/Getty Images)

Microsoft drops its second-largest monthly batch of defects on record

Space Force official touts AI’s impact on cyber compliance

Phishing concept — (Getty Images)

Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign

Sean Plankey, of Pennsylvania, responds to questioning during Senate Committee on Homeland Security and Governmental Affairs hearings to examine his nomination to be Director of the Cybersecurity and Infrastructure Security Agency, of the Department of Homeland Security, in the Dirksen Senate office building, in Washington, DC, on Wednesday July 24, 2025. (Mattie Neretin/CNP/Sipa USA)

Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey

Anthropic’s Project Glasswing website is displayed on a smartphone screen in this photo illustration in Brussels, Belgium, on April 12, 2026. Governments and financial institutions are reviewing potential cybersecurity risks from the company’s advanced AI model, which has identified thousands of software vulnerabilities but is restricted over misuse concerns. (Photo Illustration by Jonathan Raa/NurPhoto via Getty Images)

Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos

OpenAI — (Getty Images)

OpenAI’s Mac apps need updates thanks to the Axios hack

Upcoming Events

Apr 23 2026

Box Federal Summit

Ritz-Carlton, Pentagon City

Apr 28 2026

Workday Federal Forum

Waldorf Astoria, Washington, D.C.

May 5 2026

UiPath FUSION Public Sector

Waldorf Astoria, Washington, D.C.

May 14 2026

Federal Cyber Resilience Breakfast

Hotel Washington

May 19 2026

Cybersecurity Modernization Summit

Virtual Event