VulnHub

Real-time Cybersecurity News

Man sentenced for hacking U.S. Supreme Court and government systems

SCM feed for Latest
Critical

Overview

Nicholas Moore has been sentenced to one year of probation for hacking into the U.S. Supreme Court's electronic document filing system on multiple occasions over several months. This incident raises concerns about the security of sensitive government systems and the potential for unauthorized access to legal documents. Although the specific details of how Moore gained access haven't been disclosed, his actions demonstrate vulnerabilities in the digital infrastructure of key government institutions. This case serves as a reminder that cybersecurity is a critical issue for all branches of government, as breaches could lead to the exposure of confidential information and undermine public trust in the judicial system.

Key Takeaways

  • Affected Systems: U.S. Supreme Court electronic document filing system
  • Timeline: Ongoing since several months prior to sentencing

Original Article Summary

Nicholas Moore has been sentenced to one year of probation for hacking into the U.S. Supreme Court’s electronic document filing system multiple times over several months.

Impact

U.S. Supreme Court electronic document filing system

Exploitation Status

No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.

Timeline

Ongoing since several months prior to sentencing

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Critical.

Read Original Article

Related Coverage

Vercel Employee's AI Tool Access Led to Data Breach

darkreading

A data breach at Vercel was linked to an employee's AI tool that inadvertently exposed sensitive OAuth tokens. These tokens are key for securely accessing APIs and services, and their theft represents a new avenue for cyber attackers, allowing them to move laterally within networks. The incident raises concerns for organizations that rely on OAuth for authentication, as these tokens are crucial for maintaining security. As a result, companies need to reassess their security measures surrounding OAuth token management to prevent similar breaches in the future. This situation serves as a reminder of the vulnerabilities that can arise from integrating AI tools without stringent security protocols.

Apr 20, 2026

The FTC’s AI portfolio is about to get bigger

CyberScoop

The Federal Trade Commission (FTC) is gearing up to enforce new regulations aimed at combating sexual deepfakes and addressing AI-driven scams, particularly those using voice cloning technology. This move is part of a broader effort to protect consumers from increasingly sophisticated forms of fraud and manipulation in the digital space. By implementing these regulations, the FTC aims to hold accountable those who create or distribute harmful AI-generated content. This is significant as it reflects a growing recognition of the potential dangers posed by AI technologies and the need for regulatory frameworks to govern their use. The effectiveness of these measures will depend on how they are executed and enforced in real-world scenarios.

Apr 20, 2026

Serial-to-IP Devices Hide Thousands of Old and New Bugs

darkreading

Researchers have discovered that serial-to-IP devices, which are essential for converting machine language into internet-compatible formats, have thousands of vulnerabilities. These devices are increasingly attracting the attention of cyber attackers, raising concerns about the security of industrial systems that rely on them. The vulnerabilities range from old issues to more recent discoveries, putting various industries at risk. As these devices are widely used in operational technology (OT) environments, companies must take immediate steps to secure their systems. The situation emphasizes the need for regular security assessments and updates to protect against potential exploitation.

Apr 20, 2026

Vercel’s security breach started with malware disguised as Roblox cheats

CyberScoop

Vercel recently experienced a security breach that began with malware disguised as cheats for the popular game Roblox. This incident, which originated at Context.ai, highlights the risks associated with interconnected cloud applications and Software as a Service (SaaS) integrations that have excessive permissions. Attackers were able to exploit these vulnerabilities, raising concerns about the security practices in place at Vercel and similar companies. As more organizations rely on cloud services, ensuring that permissions are appropriately managed is crucial to prevent such breaches. This incident serves as a wake-up call for companies to review their security measures and strengthen their defenses against similar threats.

Apr 20, 2026

Seiko USA website defaced as hacker claims customer data theft

BleepingComputer

The Seiko USA website was hacked over the weekend, resulting in a defacement that included a message from the attackers claiming to have stolen customer data from its Shopify database. The hackers threatened to release this data unless a ransom is paid. This incident raises concerns for customers who may have shared their personal information with Seiko USA, as it could lead to identity theft or fraud if the data is leaked. The event highlights the ongoing risks that e-commerce platforms face from cybercriminals looking to exploit vulnerabilities for financial gain. As a reputable brand, Seiko USA's breach could also damage its reputation and customer trust if the claims are verified.

Apr 20, 2026

AI code reviewer fooled by spoofed developer identity

SCM feed for Latest

Manifold Security recently demonstrated a security flaw in AI code review systems, specifically one using the Claude model. They showed that the AI accepted harmful code changes after an attacker spoofed the identity of a trusted developer. This incident raises concerns about the reliability of AI in verifying code integrity, especially when human-like identifiers can be easily mimicked. If such vulnerabilities remain unaddressed, they could lead to significant security breaches in software development processes. Organizations that rely on AI for code reviews must reassess their safeguards to prevent similar attacks.

Apr 20, 2026