Security AffairsResearchers uncover YellowKey and GreenPlasma Windows Zero-DaysFri, 15 May 2026 06:46:59 +0000 Researchers disclosed two new Windows zero-days named YellowKey and GreenPlasma affecting BitLocker and the CTFMON framework. A security researcher known as Chaotic Eclipse, also called Nightmare-Eclipse, disclosed two new Windows zero-day vulnerabilities named YellowKey and GreenPlasma. The flaws affect BitLocker and the Windows Collaborative Translation Framework (CTFMON). YellowKey could allow attackers to bypass BitLocker protections, […] Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fallFri, 15 May 2026 05:20:06 +0000 Pwn2Own Berlin 2026 day one saw 22 entries and 24 zero-days across major software, with researchers earning $523,000 in total rewards. Day one of Pwn2Own Berlin 2026 featured 22 entries targeting widely used technologies, including browsers, operating systems, AI platforms, and NVIDIA infrastructure. By the end of the day, researchers demonstrated 24 unique zero-day vulnerabilities […] U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalogThu, 14 May 2026 18:35:43 +0000 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Catalyst SD-WAN, tracked as CVE-2026-20182 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Cisco fixed CVE-2026-20182, a flaw in SD-WAN control […] Linux Kernel bug Fragnesia allows local root access attacksThu, 14 May 2026 17:57:14 +0000 Fragnesia, a new Linux kernel flaw tracked as CVE-2026-46300, could let local attackers gain root access through page cache corruption. Researchers disclosed a new Linux kernel privilege escalation vulnerability named Fragnesia, tracked as CVE-2026-46300 (CVSS score of 7.8). The flaw affects the XFRM ESP-in-TCP subsystem and could allow local attackers to gain full root access […] Broadcom releases VMware Fusion security update for root access bugThu, 14 May 2026 15:46:09 +0000 Broadcom patched a high-severity VMware Fusion flaw, CVE-2026-41702, that could let local attackers gain root privileges. Broadcom released a security update for VMware Fusion to address a high-severity vulnerability, tracked as CVE-2026-41702, that could allow local attackers to escalate privileges to root on affected systems. The flaw is a time-of-check time-of-use (TOCTOU) vulnerability affecting operations […] NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to lightThu, 14 May 2026 13:30:44 +0000 Researchers found a critical 18-year-old buffer overflow flaw in NGINX, tracked as CVE-2026-42945 and named NGINX Rift. If you run NGINX, and statistically speaking, there is a very good chance you do, this week brought news worth stopping for. Security researchers at depthfirst disclosed a critical heap buffer overflow vulnerability in both NGINX Plus and […] FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaignThu, 14 May 2026 08:17:42 +0000 Chinese-linked FamousSparrow repeatedly targeted an Azerbaijani oil and gas company, reusing the same entry point in three intrusions from Dec 2025 to Feb 2026. Chinese-linked threat actor FamousSparrow has conducted a sustained intrusion campaign against an Azerbaijani oil and gas company, returning to the same compromised entry point three separate times between late December 2025 […] Nitrogen Ransomware claims massive data theft from FoxconnThu, 14 May 2026 06:14:24 +0000 Foxconn confirmed a cyberattack on some North American factories. The Nitrogen ransomware group claims it stole 8TB of data from the firm. Foxconn confirmed that several of its North American factories were affected by a cyberattack. The manufacturer confirmed it was targeted by threat actors after the Nitrogen ransomware group listed it on its Tor […] Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarmingWed, 13 May 2026 19:28:12 +0000 Microsoft’s May 2026 Patch Tuesday fixed 138 flaws, including 30 critical bugs, across Windows, Office, Azure, Edge, SQL Server, and more. Microsoft’s May 2026 Patch Tuesday patched 138 vulnerabilities in a single release. That is a number that gives pause even for people accustomed to these cycles. The affected products span virtually the entire Microsoft […] OpenLoop Health confirms January 2026 Data breach affecting 716,000Wed, 13 May 2026 18:45:13 +0000 In January 2026, telehealth infrastructure firm OpenLoop Health suffered a security breach that exposed information of 716,000 people. OpenLoop Health confirmed a January 2026 cyberattack that exposed personal information of 716,000 individuals using its telehealth services. The breach was reported to authorities in March, but the full scope was only recently determined. Threat actors exfiltrated […] |
The Hacker NewsOn-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted EmailFri, 15 May 2026 11:49:04 +0530 Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the issue. " CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access ExploitsFri, 15 May 2026 10:58:03 +0530 The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026. The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It's Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin AccessThu, 14 May 2026 23:15:20 +0530 Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. "A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer SecretsThu, 14 May 2026 22:52:43 +0530 Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious - node-ipc@9.1.6 node-ipc@9.2.3 node-ipc@12.0.1 "Early analysis indicates that node-ipc@9.1.6, node-ipc@9.2.3, and node-ipc@12.0.1 ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ StoriesThu, 14 May 2026 21:37:46 +0530 Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years ago. The mess keeps getting louder: users get tricked, boxes get popped, tools meant for normal work Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt StrikeThu, 14 May 2026 19:30:37 +0530 The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It's also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC‑0057 PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of DisclosureThu, 14 May 2026 17:10:14 +0530 Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure. The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke the How AI Hallucinations Are Creating Real Security RisksThu, 14 May 2026 17:00:00 +0530 AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks certainty, it doesn’t have a mechanism to recognize that. Instead, it generates the most probable response based on patterns in its training data, even if that response is inaccurate. These outputs Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege EscalationThu, 14 May 2026 14:55:50 +0530 An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON). The security defects have been codenamed YellowKey and GreenPlasma, respectively, by the researcher, who goes by the online aliases Chaotic Eclipse New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache CorruptionThu, 14 May 2026 12:36:15 +0530 Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia, the security vulnerability is tracked as CVE-2026-46300 (CVSS score: 7.8) and is rooted in the Linux kernel's XFRM 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCEThu, 14 May 2026 11:30:09 +0530 Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, discovered by depthfirst, is a heap buffer overflow issue impacting ngx_http_rewrite_module (CVE-2026-42945, CVSS v4 score: 9.2) that could allow an attacker to achieve remote code execution or cause a Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch TuesdayWed, 13 May 2026 19:16:02 +0530 Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview. MDASH, short for multi-model agentic scanning harness, is designed as a model-agnostic system that uses bespoke AI agents for different vulnerability Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange ExploitationWed, 13 May 2026 18:30:00 +0530 A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its targeting. The activity has been attributed by Bitdefender with moderate-to-high confidence to a hacking group known as FamousSparrow (aka UAT-9244), which shares some level of [Webinar] How Modern Attack Paths Cross Code, Pipelines, and CloudWed, 13 May 2026 17:22:43 +0530 TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register for the Strategic Briefing Here. Most security tools work like a smoke alarm that goes off every time you burn a piece of toast. You get so many alerts that you eventually start to ignore them. The real danger? While Most Remediation Programs Never Confirm the Fix Actually WorkedWed, 13 May 2026 17:00:00 +0530 Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean time to exploit at an estimated negative seven days. The Verizon 2025 DBIR puts median time to remediate edge device vulnerabilities at 32 days. These numbers have understandably driven the industry toward a clear Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE FlawsWed, 13 May 2026 16:06:10 +0530 Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 flaws, 30 are rated Critical, 104 are rated Important, three are rated Moderate, and one is rated Low in severity. As many as 61 vulnerabilities are classified as privilege escalation bugs, followed by GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal DataWed, 13 May 2026 13:38:54 +0530 Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that use the registry as a data exfiltration channel rather than for malware distribution. "The packages do not appear designed for mass developer compromise," Socket said. "Many have little or no download activity, and the payloads are repetitive, Android Adds Intrusion Logging for Sophisticated Spyware ForensicsWed, 13 May 2026 12:25:42 +0530 Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, available as part of Advanced Protection Mode, enables "persistent and privacy-preserving forensics logging to allow for investigation of devices in the event of a suspected compromise," the company said. The feature, it New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code ExecutionTue, 12 May 2026 22:14:00 +0530 Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and deliver email. The vulnerability, tracked as CVE-2026-45185 (CVSS score: 9.8), aka Dead.Letter, has been described as a RubyGems Suspends New Signups After Hundreds of Malicious Packages Are UploadedTue, 12 May 2026 20:17:00 +0530 RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on RubyGems right now," Maciej Mensfeld, senior product manager for software supply chain security at Mend.io, said in a post on X. "Signups are paused for the time being. New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network PivotsTue, 12 May 2026 18:20:00 +0530 Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet users in France, Italy, and Austria. "TrickMo relies on a runtime-loaded APK (dex.module), Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can HelpTue, 12 May 2026 17:28:00 +0530 Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn't always alert volume; it's the blind spots. The most dangerous alerts are the ones no one is investigating. A recent report from The Hacker News examined why certain high-risk alert categories - WAF, DLP, OT/IoT, dark web intelligence, and supply chain signals- consistently Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More PackagesTue, 12 May 2026 17:16:00 +0530 TeamPCP, the threat actor behind the recentsupply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file ("router_init.js") that's designed to profile the execution Why Agentic AI Is Security's Next Blind SpotTue, 12 May 2026 16:00:00 +0530 Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful involvement from the security team. The industry conversation has largely framed this as a question of policy: allow it, restrict it, or monitor it? However, that framing misses the point. The more urgent Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas LeakTue, 12 May 2026 13:07:00 +0530 American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities. In an update shared on Monday, the Utah-based firm said it "reached an agreement with the unauthorized actor involved in OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch ValidationTue, 12 May 2026 12:25:00 +0530 OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues. "Daybreak combines the intelligence of OpenAI models, the extensibility of Codex as an agentic harness, and our partners across iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and AndroidTue, 12 May 2026 10:48:00 +0530 Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Communication Services (RCS) in beta as part of a "cross-industry effort" to replace traditional SMS with a more secure alternative. To that end, E2EE RCS messaging is rolling out to iPhone users running iOS 26.5 with supported carriers and Android users on the latest version of Google Messages. TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain AttackTue, 12 May 2026 00:00:00 +0530 Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. "If you are using Checkmarx Jenkins AST plugin, you need to ensure that you are using the version 2.0.13-829.vc72453fa_1c16 that was published on December 17, 2025 or previously," the cybersecurity company said in a statement over the weekend. As of writing, Checkmarx has released cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager BackdoorMon, 11 May 2026 23:24:00 +0530 A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments. The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager (WHM) that could result in an authentication bypass and allow remote attackers to gain elevated control of the control Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass ExploitationMon, 11 May 2026 21:15:00 +0530 Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerability discovery and exploit generation. The activity is said to be the work of cybercrime threat actors who appear to ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and MoreMon, 11 May 2026 18:06:00 +0530 Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago — the same old holes, same lazy access paths, same “how the hell is this still open” feeling. One report this week basically reads like a guy tripped over root access by accident and decided to stay Your Purple Team Isn't Purple — It's Just Red and Blue in the Same RoomMon, 11 May 2026 17:00:00 +0530 Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can use it. A patch waiting on a change-approval window that's longer than the exploitation window itself. Nobody in that chain is incompetent. Every human is doing their job correctly. The problem is the system, its Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K DownloadsMon, 11 May 2026 12:35:00 +0530 A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users. The project, named Open-OSS/privacy-filter, masqueraded as its legitimate counterpart released by OpenAI late last month (openai/privacy-filter), including copying the entire description Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory LeakSun, 10 May 2026 18:11:00 +0530 Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could allow a remote, unauthenticated attacker to leak its entire process memory. The out-of-bounds read flaw, which likely impacts over 300,000 servers globally, is tracked as CVE-2026-7482 (CVSS score: 9.1). It has been codenamed Bleeding Llama by Cyera. Ollama is a cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch NowSat, 09 May 2026 12:46:00 +0530 cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 (CVSS score: 4.3) - An insufficient input validation of the feature file name in the "feature::LOADFEATUREFILE" adminbin call that could result TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook WormsFri, 08 May 2026 23:42:00 +0530 Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a major update of the Maverick family, which is known to leverage a worm called SORVEPOTEL to Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store DownloadsFri, 08 May 2026 20:38:00 +0530 Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users into joining a subscription that provided fake data and incurred financial loss. The 28 apps have collectively racked up more than 7.3 million downloads, with one of them alone accounting for over One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth BreachesFri, 08 May 2026 19:31:00 +0530 The hardest part of cybersecurity isn't the technology, it’s the people. Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one "Patient Zero" infection. In 2026, hackers are using AI to make these "first clicks" nearly impossible to spot. If a single laptop gets compromised on your watch, do you have a plan to stop it from taking down Quasar Linux RAT Steals Developer Credentials for Software Supply Chain CompromiseFri, 08 May 2026 16:30:00 +0530 A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers' systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network tunneling. "QLNX targets developers and DevOps credentials across the software supply chain," One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity RiskFri, 08 May 2026 16:00:00 +0530 The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and low-severity, across live enterprise environments. The dataset behind these findings includes 10 million monitored New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH CredentialsFri, 08 May 2026 14:11:00 +0530 Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that's being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called "darkworm." The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination. Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major DistributionsFri, 08 May 2026 10:42:00 +0530 Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel. Dubbed Dirty Frag, it has been described as a successor to Copy Fail (CVE-2026-31431, CVSS score: 7.8), a recently disclosed LPE flaw impacting the Linux kernel that has since come under active exploitation in the wild. The vulnerability was reported to Linux kernel maintainers Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level AccessThu, 07 May 2026 23:25:00 +0530 Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1. It allows "a remotely authenticated user with administrative access to achieve remote code PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud SystemsThu, 07 May 2026 23:15:00 +0530 Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments. "The toolset harvests credentials from cloud, container, developer, productivity, and financial services, then exfiltrates the data through attacker-controlled infrastructure while attempting PAN-OS RCE Exploit Under Active Use Enabling Root Access and EspionageThu, 07 May 2026 19:04:00 +0530 Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026. The vulnerability in question is CVE-2026-0300 (CVSS score: 9.3/8.7), a buffer overflow vulnerability in the User-ID Authentication Portal service of Palo Alto Networks PAN-OS software that could allow an unauthenticated attacker ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New StoriesThu, 07 May 2026 17:03:00 +0530 Bad week. Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels like it’s normal. Some of these attack chains don’t even feel sophisticated anymore. More like some tired guy with a Telegram account and too much free time. The worst part is how often this stuff Day Zero Readiness: The Operational Gaps That Break Incident ResponseThu, 07 May 2026 16:24:00 +0530 Having an incident response retainer, or even a pre-approved external incident response firm, is not the same as being ready for an incident. A retainer means someone will answer the phone. Operational readiness determines whether that team can do meaningful work the moment they do. That distinction matters far more than many organizations realize. In the first hours of a security incident PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and LinuxThu, 07 May 2026 14:50:00 +0530 Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems. "While these wheel packages do implement the features described on their PyPI web pages, their true purpose is to covertly deliver malicious files," Kaspersky vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code ExecutionThu, 07 May 2026 09:45:00 +0530 A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems. vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS AttacksThu, 07 May 2026 01:51:00 +0530 Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug Bridge (ADB) to enlist them in a network capable of carrying out distributed denial-of-service (DDoS) attacks. Hunt.io, which detailed the malware, said it made the discovery after identifying an exposed directory on a Netherlands-hosted |
darkreadingTaiwan Incident Highlights Cybersecurity Gaps in Rail SystemsFri, 15 May 2026 01:00:00 GMT A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism response. SecurityScorecard Snags Driftnet to Level Up Threat IntelligenceThu, 14 May 2026 20:57:27 GMT The acquisition looks to boost visibility into third-party ecosystems, which are becoming a bigger concern as vectors for supply chain attacks. Maximum Severity Cisco SD-WAN Bug Exploited in the WildThu, 14 May 2026 20:25:31 GMT This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system. 'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, UkraineThu, 14 May 2026 16:59:25 GMT Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group. AI Drives Cybersecurity Investments, Widening 'Valley of Death'Thu, 14 May 2026 13:00:00 GMT In a role reversal, investment dollars in security startups exceeded the value of mergers and acquisitions in 1Q26 by more than $1 billion, a rare occurrence. Foxconn Attack Highlights Manufacturing's Cyber CrisisThu, 14 May 2026 12:00:00 GMT A Nitrogen ransomware attack on Foxconn's North American facilities is one of 600 hits on manufacturers this year, as gangs increasingly target the sector for its low tolerance for downtime. Checkbox Assessments Aren't Fit to Measure RiskWed, 13 May 2026 21:17:07 GMT Security governance needs to be more than an annual compliance exercise. New companies are emerging to address risk-management gaps in current audit tools. Attackers Weaponize RubyGems for Data Dead DropsWed, 13 May 2026 21:09:20 GMT Threat actors are publishing RubyGems packages that include scrapers targeting public-facing UK government servers, but with no clear objective. Tables Turn on 'The Gentlemen' RaaS Gang With Data LeakWed, 13 May 2026 20:47:46 GMT An OPSEC failure provides a window into what helped the ransomware group rise: a generous affiliate model, opportunistic TTPs, and an effective organizational structure. Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk LandscapeWed, 13 May 2026 18:52:50 GMT Informa TechTarget's flagship cybersecurity media brand launches a special content series to mark two decades as a trusted source for cybersecurity professionals. LatAm Vibe Hackers Generate Custom Hacking Tools on the FlyWed, 13 May 2026 13:00:00 GMT In the latest evolution of automated cyberattacks, threat actors heavily leveraged AI agents to support campaigns against entities in Mexico and Brazil. China's 'FamousSparrow' APT Nests in South Caucasus Energy FirmWed, 13 May 2026 13:00:00 GMT The cyberthreat group targets an Azerbaijani oil and gas firm with repeated attacks, as the China-linked actors extend targeting beyond hospitality, telecom, and government sectors. It's Patch Tuesday for Microsoft & Not a Zero-Day In SightTue, 12 May 2026 21:03:04 GMT It's the first time in two years with no zero-days. But with 137 flaws to patch, including nine critical ones, admins still have plenty of work to do. Hugging Face Packages Weaponized With a Single File TweakTue, 12 May 2026 14:00:00 GMT A tokenizer library file present in Hugging Face AI models can be manipulated to hijack the model's outputs and exfiltrate data. 20 Leaders Who Built the CISO Era: 2 Decades of ChangeTue, 12 May 2026 12:00:00 GMT As part of Dark Reading's 20th anniversary special coverage, we profile the CISOs, founders, researchers, criminals, and policymakers who rewrote the enterprise risk playbook. Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply ChainTue, 12 May 2026 11:07:43 GMT Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem. FCC Softens Ban on Foreign-Made RoutersMon, 11 May 2026 21:15:48 GMT The Federal Communications Commission eased some restrictions and pushed back deadlines for foreign router manufacturers, but the ban is still in place. Tech Can't Stop These Threats — Your People CanMon, 11 May 2026 19:50:20 GMT Security controls can do only so much. Here are four attacks where your employees are usually your first, and only, line of cyber defense. 'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux DistrosMon, 11 May 2026 15:05:45 GMT The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation. Hackers Use AI for Exploit Development, Attack AutomationMon, 11 May 2026 13:00:00 GMT Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks. Cyber Espionage Group Targets Aviation Firms to Steal Map DataMon, 11 May 2026 12:00:00 GMT The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view. ShinyHunters Claims Second Attack Against InstructureFri, 08 May 2026 20:08:06 GMT The edtech company is struggling to wrest control from its hackers. PII belonging to hundreds of millions of people is on the line. After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud SecretsThu, 07 May 2026 20:43:30 GMT PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud environments. Has CISA Finally Found Its New Leader in Tom Parker?Thu, 07 May 2026 19:07:17 GMT Dark Reading investigates rumors that Tom Parker, a board room "operator" and longtime cyber exec, could be next in line to take over CISA. AI-Driven Cyberattack on Mexico Couldn't Breach OT SystemsThu, 07 May 2026 13:00:00 GMT What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen. 'TrustFall' Convention Exposes Claude Code Execution RiskThu, 07 May 2026 13:00:00 GMT Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no user interaction, thanks to skimpy warning dialogs. VoidStealer Malware Darts Past Google Chrome's EncryptionWed, 06 May 2026 21:19:11 GMT Authors of the VoidStealer Trojan uncovered yet another way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers. Instructure Breach Exposes Schools' Vendor DependenceWed, 06 May 2026 21:02:57 GMT ShinyHunters' attack on Instructure, which owns the widely used Canvas learning management system (LMS), carries big questions about the trust educational institutions put into their vendors. From Stuxnet to ChatGPT: 20 News Events That Shaped CyberWed, 06 May 2026 12:00:00 GMT As part of its 20th anniversary celebration, Dark Reading looks back on 20 of the biggest newsmaking events from the past two decades that influenced the risk landscape for today's cybersecurity teams. Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FAWed, 06 May 2026 10:30:27 GMT In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plug-in, Pheno, to hijack the Windows-based bridge between PCs and smartphones. Middle East Cyber Battle Field Broadens — Especially in UAEWed, 06 May 2026 05:30:00 GMT As the war with Iran continues, breach attempts targeting the United Arab Emirates tripled in a few weeks — many targeting critical infrastructure. Trellix Source Code Breach Highlights Growing Supply Chain ThreatsTue, 05 May 2026 20:40:11 GMT Info is scant, but such breaches can reveal where a security product's controls are located and how detections are designed, giving attackers a leg up. Research Hub Bridges Cybersecurity Gap for Under-Resourced OrganizationsTue, 05 May 2026 20:00:49 GMT The UC Berkeley Center for Long-Term Cybersecurity (CLTC) offers tools and support to schools, local governments, and non-profits as they defend themselves against a growing volume of cyberattacks. Why Security Leadership Makes or Breaks a Pen TestTue, 05 May 2026 18:36:34 GMT Well-run security drills go beyond checking audit boxes to identifying and addressing trouble spots. Effective leaders ensure proper scope, access, and follow-through, but it's not easy. Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise RiskTue, 05 May 2026 14:57:51 GMT A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and thus use them to engage in further malicious activity. How the Story of a USB Penetration Test Went ViralTue, 05 May 2026 11:56:15 GMT Two decades ago, pen tester Steve Stasiukonis caused a sensation by sprinkling rigged thumb drives around a credit union parking lot and following what curious employees did next. This episode looks back at the history-making event. Physical Cargo Theft Gets a Boost From CybercriminalsMon, 04 May 2026 21:38:06 GMT Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain systems to reroute goods. RMM Tools Fuel Stealthy Phishing CampaignMon, 04 May 2026 20:56:34 GMT Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far. Exploit Cyber-Frenzy Threatens Millions via Critical cPanel VulnerabilityMon, 04 May 2026 19:14:14 GMT Shortly after the authentication-bypass flaw was disclosed multiple proof-of-concept exploits appeared, and one researcher claims there's been zero-day activity for at least a month. Silver Fox Springs Tax-Themed Attacks on Orgs in India, RussiaMon, 04 May 2026 14:39:26 GMT More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware. How Dark Reading Lifted Off the Launchpad in 2006Mon, 04 May 2026 11:15:08 GMT Twenty years ago, this media brand didn't have a print edition to attract eyeballs and sponsors. Top-notch content and editorial talent did the heavy lifting. 76% of All Crypto Stolen in 2026 Is Now in North KoreaFri, 01 May 2026 20:34:27 GMT North Korean threat actors are pulling off historic cryptocurrency heists on a yearly, sometimes weekly basis now. AI might be helping them. If AI's So Smart, Why Does It Keep Deleting Production Databases?Fri, 01 May 2026 14:39:55 GMT The issue isn't artificial intelligence, but rather an industry adding AI agent integrations into production environments before proper security testing. Name That Toon: Mark of (Security) ProgressFri, 01 May 2026 12:00:55 GMT Feeling creative? Have something to say about the last 20 years of cybersecurity? Our editors will award the best cybersecurity-related caption with a $20 gift card. 20 Years in Cyber: Dark Reading Marks Milestone With Month of Special CoverageFri, 01 May 2026 12:00:00 GMT On this day in 2006, Dark Reading went live. We have a celebration planned that spans our two decades of covering the industry, and you, dear readers, are invited. TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' AttackThu, 30 Apr 2026 21:01:18 GMT Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain attacks broaden. Another AI-Assisted Software Scan Yields 9-Year-Old Linux BugThu, 30 Apr 2026 20:41:18 GMT The proof-of-concept exploit code runs only 10 lines long, but luckily, a patch is already available. Anthropic's Mythos Has Landed: Here's What Comes Next for CyberThu, 30 Apr 2026 19:09:21 GMT In this latest installment of the Reporters' Notebook video series, we discuss how the new AI model threatens to completely upend cybersecurity, and what industry leaders are telling the press. Oracle Red Bull Racing Team Revs Up Automation to Boost SecurityThu, 30 Apr 2026 13:45:58 GMT While drivers race to shave off seconds on the track, the team's IT and engineering staff are speeding up how they deliver security. Claude Mythos Fears Startle Japan's Financial Services SectorThu, 30 Apr 2026 00:00:00 GMT Global financial institutions are panicked over Anthropic's new superhacker AI model. Cyber experts aren't quite as worried. |
Krebs on SecurityPatch Tuesday, May 2026 EditionTue, 12 May 2026 21:46:45 +0000 Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers -- including Apple, Google, Microsoft, Mozilla and Oracle -- fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases. Canvas Breach Disrupts Schools & Colleges NationwideFri, 08 May 2026 02:58:46 +0000 An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service's login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions. Anti-DDoS Firm Heaped Attacks on Brazilian ISPsThu, 30 Apr 2026 14:04:26 +0000 A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm's chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company's public image. ‘Scattered Spider’ Member ‘Tylerb’ Pleads GuiltyTue, 21 Apr 2026 14:53:59 +0000 A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of dollars worth of cryptocurrency from investors. Patch Tuesday, April 2026 EditionTue, 14 Apr 2026 21:47:59 +0000 Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution. Russia Hacked Routers to Steal Microsoft Office TokensTue, 07 Apr 2026 17:02:44 +0000 Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code. Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrabMon, 06 Apr 2026 02:07:17 +0000 An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021. ‘CanisterWorm’ Springs Wiper Attack Targeting IranMon, 23 Mar 2026 15:43:04 +0000 A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language. Feds Disrupt IoT Botnets Behind Huge DDoS AttacksFri, 20 Mar 2026 00:49:19 +0000 The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets -- named Aisuru, Kimwolf, JackSkid and Mossad -- are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline. Iran-Backed Hackers Claim Wiper Attack on Medtech Firm StrykerWed, 11 Mar 2026 16:20:13 +0000 A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency. |
Hackread – Cybersecurity News, Data Breaches, AI and MoreFake Job Interview Apps Drop JobStealer Malware on Windows and macOSThu, 14 May 2026 17:25:10 +0000 Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords. How Fintech APIs Are Modernizing Business Cash Flow ManagementThu, 14 May 2026 15:21:32 +0000 Business cash flow is often harder to manage than revenue. A company can have strong sales and still… FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server ExploitThu, 14 May 2026 12:20:02 +0000 Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,… China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for EspionageThu, 14 May 2026 10:32:00 +0000 A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations. TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack (Updated)Thu, 14 May 2026 00:37:05 +0000 TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems. Instructure Reaches Deal with ShinyHunters to Prevent Canvas Data LeakWed, 13 May 2026 21:10:04 +0000 Instructure has reached an agreement with the ShinyHunters group to return and destroy stolen Canvas data, protecting millions of student records from a public leak. TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI PackagesWed, 13 May 2026 15:18:47 +0000 Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm. Slovakian Admin of Dark Web Kingdom Market Jailed for 16 Years in USWed, 13 May 2026 12:24:46 +0000 A Slovakian administrator tied to the dark web Kingdom Market received a 16 year US prison sentence for drug trafficking and cybercrime activity. Why Canadian Telecom Providers Are Prime Targets for CyberattacksWed, 13 May 2026 10:06:33 +0000 Canadian telecom providers face mounting cyber threats from ransomware, SIM swapping, data breaches, and nation-state attacks targeting critical infrastructure. Canvas Hackers ShinyHunters Say Their Official Domain Was SuspendedTue, 12 May 2026 21:18:09 +0000 ShinyHunters says its shinyhunte.rs domain was suspended after the Canvas LMS attacks, forcing the group to move fully to its dark web (.onion) site. |
Hacker CombatSnowflake Data Breach: What Happened and How to Prevent ItTue, 05 Aug 2025 18:00:42 +0000 In 2024, the cybersecurity landscape was shaken by an unexpected and widespread incident—the Snowflake data breach. Despite being a leading provider of cloud-based data warehousing solutions, Snowflake found itself at... The post Snowflake Data Breach: What Happened and How to Prevent It appeared first on Hacker Combat. Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk ManagementFri, 13 Dec 2024 12:04:08 +0000 Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat. Zero Trust ArchitectureMon, 02 Dec 2024 10:43:16 +0000 Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and... The post Zero Trust Architecture appeared first on Hacker Combat. What Is a Security Operations Center (SOC)?Mon, 02 Dec 2024 07:51:03 +0000 A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat. XDR vs SIEM Security Information and Event ManagementFri, 29 Nov 2024 12:53:23 +0000 The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to... The post XDR vs SIEM Security Information and Event Management appeared first on Hacker Combat. Best Free EDR for Windows PCFri, 29 Nov 2024 11:19:32 +0000 Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),... The post Best Free EDR for Windows PC appeared first on Hacker Combat. Free EDR Solutions for Home Users in 2025Tue, 26 Nov 2024 07:46:59 +0000 EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go... The post Free EDR Solutions for Home Users in 2025 appeared first on Hacker Combat. Cloud Security EssentialsMon, 28 Oct 2024 04:57:20 +0000 Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –... The post Cloud Security Essentials appeared first on Hacker Combat. Antivirus SoftwareMon, 28 Oct 2024 02:43:18 +0000 Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity... The post Antivirus Software appeared first on Hacker Combat. How to Protect Against Ransomware Attacks?Fri, 25 Oct 2024 03:57:42 +0000 Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat. |
Flipboard.com CybercriminalitéL'IA Mythos d'Anthropic est devenue plus puissante en un mois à peine, les experts s'inquiètentThu, 14 May 2026 19:45:00 GMT Mythos, l'IA d'Anthropic, inquiète les experts en cybersécurité. Le 6 mai 2026, l'AI Security Institute (AISI) a publié un rapport qui confirme que … Mise à jour Windows : Microsoft corrige 120 failles, dont 3 vulnérabilités qui risquent de faire des dégâtsWed, 13 May 2026 06:48:20 GMT Microsoft vient de publier son Patch Tuesday de mai 2026. L’éditeur colmate pas moins de 120 failles de sécurité, dont 17 critiques, mais aucune zero … Le parquet de Paris ouvre une enquête sur le plus vieux forum pédophile en libre accèsThu, 14 May 2026 06:54:07 GMT Une enquête est ouverte, depuis mardi, par le parquet de Paris, sur le plus vieux site pédophile français. Ouvert en 1999, il abrite un forum en … Des hackers russes espionnent l'Ukraine avec une faille WinRAR depuis des mois, des Français documentent l'attaqueFri, 15 May 2026 06:38:00 GMT Le groupe de hackers liés à la Russie, Gamaredon, mène une campagne de cyberespionnage active contre l'Ukraine depuis septembre dernier. Le Français … Un faux gestionnaire de mots de passe a piégé ses utilisateurs pendant 8 moisThu, 14 May 2026 06:00:31 GMT Pendant plus de huit mois, des cybercriminels ont diffusé en toute discrétion une version piégée de KeePass, l’un des gestionnaires de mots de passe … VRAI OU FAUX. "C'est juste du sensationnel et du mensonge" : les appels silencieux ont-ils vraiment pour objectif de cloner votre voix ?Wed, 13 May 2026 03:52:43 GMT Vous recevez l'appel d'un numéro inconnu, mais lorsque vous décrochez, personne ne répond. Selon des articles de presse, cette opération permettrait … Des hackers affirment détenir 450 dépôts privés de Mistral AI et menacent de tout publierFri, 15 May 2026 04:45:00 GMT Le groupe TeamPCP revendique sur un forum cybercriminel la mainmise sur 5 Go d'archives internes de Mistral AI. Les attaquants réclament 25 000 … À 23 ans, le prince liégeois de l'informatique s'implante aux États-Unis et au JaponWed, 13 May 2026 11:50:29 GMT Andrew Willems a fondé sa société en 2022 et a connu une forte croissance depuis lors. Les missions économiques sont parfois l'occasion de faire des … Piratage confirmé : si vous avez “installé” ce célèbre logiciel de téléchargement entre le 6 et le 7 mai, vous êtes une victime potentielleMon, 11 May 2026 10:31:18 GMT Le site web du gestionnaire de téléchargement JDownloader a été victime d’un piratage, ce mois de mai. Les hackers ont remplacé certains liens qui … Mistral AI dément le piratage de son code source : « les attaquants n’ont pas accédé à nos données »Thu, 14 May 2026 09:40:00 GMT Contacté par Numerama, Mistral AI dément le piratage massif de 5 Go de code source revendiqué sur un forum cybercriminel. L’entreprise française … Cyberattaque chez Foxconn : des fichiers secrets Apple auraient fuitéWed, 13 May 2026 13:16:13 GMT Mauvaise nouvelle pour Apple. L’un de ses principaux fournisseurs, Foxconn, a confirmé avoir subi une cyberattaque sur plusieurs de ses sites … Cybersécurité à Genève: des données sensibles du personnel de l’Ifage dérobées lors d’un piratageFri, 15 May 2026 04:38:53 GMT • Des données sensibles de collaborateurs de l’Ifage ont été volées lors d’une cyberattaque en avril. • L’intrusion n’a affecté ni les systèmes … Je me suis encore fait pirater mon compte PlayStation (et il y a eu un rebondissement inattendu)Thu, 14 May 2026 14:50:48 GMT Cinq mois après un piratage qui avait fait le tour du monde en révélant une faille de sécurité importante dans le service-client de Sony, j’ai eu la … Exportation des outils de surveillance : l’Europe « détourne le regard »Tue, 12 May 2026 12:06:15 GMT Coup de pokerL’ONG Human Rights Watch pointe le laisser-faire de l’Europe concernant la vente des technologies de surveillance à des pays bien connus … Pédocriminalité : une enquête ouverte sur le forum legarçon.netWed, 13 May 2026 11:13:25 GMT La section de lutte contre la cybercriminalité du parquet de Paris soupçonne le forum « d’être destiné aux hommes attirés par les mineurs », après … Sénégal : le Trésor public visé par une cyber-attaqueThu, 14 May 2026 09:40:52 GMT Le Trésor public sénégalais victime d'une cyber-attaque. Un incident informatique affecte une partie des systèmes d'information de l'établissement, qui l'a fait savoir à travers un communiqué. Ce type d'attaque est devenu récurrent au Sénégal. Plusieurs autres services de l'État ont été touchés ces … Le géant français de l’intelligence artificielle Mistral AI ciblé par une cyberattaqueThu, 14 May 2026 15:56:48 GMT Un cybercriminel a mis en vente 5 Go de fichiers internes sur un forum de hackers. L’entreprise confirme l’attaque mais réfute la compromission de … Le cauchemar des militants de La France Insoumise : leurs adresses personnelles exposéesMon, 11 May 2026 08:38:06 GMT La vague de cyberattaques continue en France. Cette fois, ce n’est pas un opérateur ou une boutique qui est touchée, mais un groupe politique : La … Cybersécurité : Nathalie Goulet veut placer l’État face à ses responsabilités et demande une commission d’enquêteThu, 14 May 2026 11:36:17 GMT La sénatrice Nathalie Goulet demande une commission d’enquête sur les cyberattaques. Face à la « France passoire », elle veut protéger la … La loi et vous: suis-je responsable de la cybersécurité lors du télétravail?Wed, 13 May 2026 08:00:00 GMT Si un travailleur cause un dommage à son employeur, intentionnellement ou par négligence, il est responsable. IMAGO/YAY Images Même lors du … "Cette entreprise est leader en Europe sur un secteur très stratégique", visite à Montpellier de la ministre déléguée à l'IA et au numériqueTue, 12 May 2026 10:31:00 GMT Lundi 11 mai, la ministre déléguée à l'IA et au numérique s'est déplacée dans l'Hérault. Elle s'est rendue dans trois entreprises dont Septeo. Une … ENQUETE FRANCEINFO. "Ce ne sont pas des génies de l'informatique" : derrière les vols de données, des jeunes hackers motivés par la notoriété et l'appât du gainFri, 15 May 2026 03:56:48 GMT Formés sur des groupes de discussion, ils utilisent leurs compétences techniques, souvent limitées, dans l'espoir de gagner de l'argent et une forme … Bouygues Telecom : nouvelle fuite confirmée, vos informations personnelles sont encore dans la natureMon, 11 May 2026 10:29:00 GMT Nouvelle fuite de données de la base clients de Bouygues Telecom confirmée. Vos informations personnelles sont encore une fois connues de tous. Au … Ingérence : mise en garde européenne contre la RussieSun, 10 May 2026 18:36:14 GMT Cet avertissement intervient alors que l'attention mondiale se concentre de plus en plus sur les menaces pesant sur l'Arctique. La manière dont les … Des modèles d'IA piratent des ordinateurs et se répliquent, selon une nouvelle étudeSat, 09 May 2026 07:28:39 GMT Des chercheurs observent des chatbots d’IA se répliquer et lancer des cyberattaques : l’auto-réplication autonome n’est plus théorique. Des modèles d'intelligence artificielle peuvent s'introduire dans des ordinateurs, se copier eux-mêmes et utiliser les nouvelles copies pour continuer à attaquer … « C’est France passoire ! » : une commission d’enquête sur les fuites de données demandée au SénatWed, 13 May 2026 10:34:32 GMT Vos données et vos mots de passe ont peut-être été compromis. L’avertissement est devenu une ritournelle un peu lassante dans nos courriels. Pas une … OpenAI touché par une "faille de sécurité": des hackers ont accédé à des données internes, l'entreprise recommande une mise à jour pour les utilisateurs MacFri, 15 May 2026 07:16:17 GMT Des appareils d’employés d’OpenAI ont été compromis lors d’une cyberattaque, entraînant un accès limité à certaines données internes. L’entreprise … Editorial : Cyberattaque - L'Œil de la Photographie MagazineTue, 12 May 2026 07:00:01 GMT Chers lecteurs, chers abonnés, Vous avez peut-être rencontré des difficultés d’accès à L’Œil de la Photographie ce week-end. Nous tenions à vous … « Allo ? C’est qui ? » : attention aux appels silencieux qui cherchent à cloner votre voixThu, 14 May 2026 15:15:40 GMT Depuis quelques mois, les progrès de l’intelligence artificielle permettent de cloner une voix en s’appuyant sur seulement quelques phrases, voire … OpenAI offre à l’Union européenne un accès à son IA la plus avancéeMon, 11 May 2026 15:53:14 GMT Ces dernières semaines, les autorités européennes chargées de la cybersécurité n’avaient pas réussi à accéder à plusieurs modèles avancés, ce qui … |
CyberScoopPentagon cyber official calls advanced AI ‘revolutionary warfare’Thu, 14 May 2026 20:35:59 +0000 Paul Lyons, principal deputy assistant secretary for cyber policy, also discussed the importance of cyber offense. The post Pentagon cyber official calls advanced AI ‘revolutionary warfare’ appeared first on CyberScoop. White House cyber official: identity security matters more than ever in the age of AIThu, 14 May 2026 20:15:21 +0000 While AI tools present unique cybersecurity threats, they still rely on poor identity security by organizations to do the most damage, a White House official said Thursday. The post White House cyber official: identity security matters more than ever in the age of AI appeared first on CyberScoop. Major tech manufacturer Foxconn confirms cyberattack hit North American factoriesThu, 14 May 2026 14:23:05 +0000 The ransomware group Nitrogen claimed responsibility for the attack and said it stole 8 terabytes of data spanning more than 11 million files belonging to the company’s top customers. The post Major tech manufacturer Foxconn confirms cyberattack hit North American factories appeared first on CyberScoop. Researchers say AI just broke every benchmark for autonomous cyber capabilityWed, 13 May 2026 22:29:19 +0000 Two independent studies found that Anthropic's Claude Mythos Preview and OpenAI's GPT-5.5 have outpaced every trend line researchers were tracking. No one is sure if this is a one-time leap or the new normal. The post Researchers say AI just broke every benchmark for autonomous cyber capability appeared first on CyberScoop. Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risksWed, 13 May 2026 22:10:00 +0000 The committee held a closed briefing Wednesday with company reps, and more oversight is in the works. The post Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks appeared first on CyberScoop. DOJ releases legal rationale for nationwide voter data collectionWed, 13 May 2026 20:10:21 +0000 The memo claims a robust executive branch role vetting voter eligibility. One Secretary of State called it a “fantasy” that “isn’t worth the paper it’s printed on.” The post DOJ releases legal rationale for nationwide voter data collection appeared first on CyberScoop. Weaponized AI: The new frontier of fraud and identity spoofingWed, 13 May 2026 18:30:00 +0000 As fake identity fraud is projected to cause $40 billion in losses next year, leaders must abandon static security in favor of rapid-iteration, AI-enabled defenses that adapt in days, not months. The post Weaponized AI: The new frontier of fraud and identity spoofing appeared first on CyberScoop. Daybreak is OpenAI’s answer to the AI arms race in cybersecurityWed, 13 May 2026 14:30:10 +0000 With Daybreak, OpenAI is taking direct aim at Anthropic's tightly restricted Mythos model, offering a more open — but still carefully gated — path to AI-powered cyber defense. The post Daybreak is OpenAI’s answer to the AI arms race in cybersecurity appeared first on CyberScoop. ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attackTue, 12 May 2026 21:38:44 +0000 The campaign hit major registries and hid behind legitimate-looking release signatures, showing how attackers can weaponize the software update process itself. The post ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack appeared first on CyberScoop. Major world economies spell out key elements of AI ‘ingredients list’Tue, 12 May 2026 21:09:36 +0000 Experts on the topic say the G7 guidance is good, but could still use some improvements. The post Major world economies spell out key elements of AI ‘ingredients list’ appeared first on CyberScoop. |