"Ransomware negotiator caught secretly assisting BlackCat extortion scheme."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 22 April 2026, 0212 UTC.

Content and Source provided by email subscription from https://feedly.com.

 feedly.com/i/subscription/content/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed.

Please check subscription link or scroll down to read your selection.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

79K followers32 articles per week

#security#tech

10

Today

Ransomware negotiator caught secretly assisting BlackCat extortion scheme

Florida man pleads guilty ransomware conspiracy

•

by Pierluigi Paganini / 5h

Angelo Martino pleaded guilty to helping BlackCat ransomware group while acting as a ransomware negotiator. Another U.S. cybersecurity expert, Angelo Martino, admitted helping the BlackCat ransomware group while working as a ransomware negotiator. Angelo Martino (41) admitted helping the BlackCat ransomware group while working for a U.S. incident response firm. “A Florida man, formerly employed a

North Korea’s Lazarus APT stole $290M from Kelp DAO

3 TTPs

•

by Pierluigi Paganini / 7h

•

Kelp and LayerZero blame each other

North Korea-linked Lazarus Group stole $290M from Kelp DAO by abusing LayerZero. A second $95M attempt was stopped. Hackers tied to the North-Korea linked group Lazarus APT carried out a $290M crypto theft targeting Kelp DAO. Earlier today we identified suspicious cross-chain activity involving rsETH. We have paused rsETH contracts across mainnet and several L2s while we investigate. We are worki

The US NSA is using Anthropic’s Claude Mythos despite supply chain risk

NSA uses Anthropic's Mythos AI

•

by Pierluigi Paganini / 15h

Axios reports the National Security Agency uses Anthropic Mythos model despite Department of Defense concerns, blurring AI risk vs defense lines. The reported use of Anthropic’s Mythos model by the U.S. National Security Agency is a reminder that the line between AI as a defensive tool and AI as a security risk is getting harder to draw. According to Axios, the NSA is already using Mythos Preview

Yesterday

U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

5 TTPs

•

by Pierluigi Paganini / 16h

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity fl

Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

4 TTPs

•

by Pierluigi Paganini / 18h

•

Bluesky experiences widespread feed outage

Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its services for about 24 hours, starting on April 15. Bluesky is a decentralized, open-source microblogging social media platform similar to X (formerly Twitter). It allows users to post short messages, image

France’s ANTS ID System website hit by cyberattack, possible data breach

Impact (Enterprise TA0040)

•

by Pierluigi Paganini / 1d

A cyberattack hit France’s ANTS website, possibly exposing personal data from users applying for IDs, passports, and driver’s licenses. A cyberattack targeted France’s ANTS platform, which handles applications for passports, ID cards, residence permits, and driver’s licenses. Authorities detected the incident on April 15 and warned it may have exposed personal data from both individuals and profe

Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft

8 TTPs

•

by Pierluigi Paganini / 1d

•

Scattered Spider hacker pleads guilty

Tyler Buchanan, linked to Scattered Spider, pleaded guilty in the US to hacking companies and stealing millions in cryptocurrency. Tyler Buchanan , a 24-year-old from Scotland linked to the Scattered Spider group, admitted in a US court that he hacked dozens of companies, committed fraud, and stole millions in cryptocurrency. Spanish police arrested the British national who was suspected of being

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

IoC > 1 IP

•

by Pierluigi Paganini / 1d

•

3 TTPs

•

CVE-2023-33538

Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw, tracked as CVE-2023-33538 (CVSS score of 8.8), in outdated TP-Link routers, but so far without success. The vulnerability is a command injection vulnerability in the /userRpm/WlanNetworkRpm component t

Third-party AI hack triggers Vercel breach, internal environments accessed

2 TTPs

•

by Pierluigi Paganini / 1d

•

Vercel confirms security breach incident

Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems and non-sensitive data. Vercel reported a security breach caused by the compromise of a third-party AI tool, Context.ai, used by one of its employees. The attacker took over the employee’s Google Workspace account and used it to access parts of Vercel’s internal s

Apr 19, 2026

AI Model Claude Opus turns bugs into exploits for just $2,283

Claude Opus develops Chrome exploits

•

by Pierluigi Paganini / 1d

Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome exploit for just $2,283, raising concerns about how easily AI can be used to find and exploit vulnerabilities. Below is the cost of the experiment: Model Tokens Cost Claude Opus 4.6 (high) 2,140M $2,014

End of feed