⚠️ VULNERABILITY DISCLOSURE 7[−]
10 MayCritical Azure and Power Apps Vulnerabilities Allow Attackers to Exploit RCEMicrosoft has patched four critical security vulnerabilities affecting its Azure cloud services and Power Apps platform that could allow attackers to escalate privileges, perform spoofing attacks, or access sensitive information. Security researchers discovered these high-severit…GBHACKERS.COM
10 MaySecuring Windows Endpoints Using Group Policy Objects (GPOs): A Configuration GuideSecuring Windows endpoints is a top priority for organizations seeking to protect sensitive data and maintain operational integrity. Group Policy Objects (GPOs) are among the most effective tools for IT administrators to manage and enforce security settings across all domain-join…GBHACKERS.COM
10 MayChrome 137 Integrates Gemini Nano AI to Combat Tech Support ScamsGoogle has unveiled a groundbreaking defense mechanism in Chrome 137, integrating its on-device Gemini Nano large language model (LLM) to detect and block these malicious campaigns in real time. This update marks a significant leap in combating evolving cyber threats by leveragin…GBHACKERS.COM
10 MayMY TAKE: Beyond agentic AI mediocrity — the real disruption is empowering the disenfranchisedIs agentic AI accelerating mediocrity? Plenty of folks on LinkedIn seem to think so. Related: The 400th journalist A growing chorus of academics, tech workers, and digital culture watchers are pointing out the obvious: the more we prompt, the more … (more…) The post MY TAKE…LASTWATCHDOG.COM
10 MayPatch THIS, Not That: Cybersecurity Edition 💻Most teams race to patch the highest-rated vulnerabilities first... but what if that’s not actually what matters? In this eye-opening short, cybersecurity experts Jeff Man, Doug White, and Bill Swearingen break down why focusing on where a threat lives in your network can be way …YOUTUBE.COM
10 MayThey Built a Cyber Crystal Ball… And It Works!Securin has built what feels like a cyber crystal ball – and it actually works! 🔮🚀 Unlike traditional security solutions that react to threats after they happen, Securin’s technology predicts them before they strike. With collaborations from DARPA, Naval Intelligence, and ASU, th…YOUTUBE.COM
10 MayDid We Just Break AI with a Tag? 🤯 #securityflawAn AI model was told not to drop tables or run certain SQL commands. But with one clever XML tag, cybersecurity experts bypassed the system's safety filters—completely rewriting the model's behavior. This isn't your typical SQL injection. It's a full policy override. Think your A…YOUTUBE.COM
📢 SECURITY ADVISORIES 14[−]
🔥 INCIDENT REPORTING 5[−]
10 MayExposing a Government Data Breach: Whistleblower Tells All - Cybersecurity Today Special ReportIn this gripping episode of Cybersecurity Today, host Jim Love interviews Daniel Berulis, a self-described whistleblower who recently made a significant disclosure to the U.S. Congress. Berulis reveals the shocking details of tenant admin abuse within a governmental cloud environ…CYBERSECURITYTODAY.LIBSYN.COM
10 MayHow to Detecting Backdoors in Enterprise NetworksIn today’s rapidly evolving cybersecurity landscape, enterprise networks face a particularly insidious threat: backdoors, making detecting backdoors crucial. These clandestine entry points allow attackers to bypass standard authentication procedures, gain unauthorized access to s…GBHACKERS.COM
10 MayDOGE Employee Computer Infected with Malware and Leaked Data Found Info-Stealer LogsKyle Schutt, a 37-year-old DOGE employee identified in federal payroll records, has had his personal email address and associated passwords exposed in at least four distinct “stealer log” datasets published between late 2023 and early 2024. The revelations follow earl…GBHACKERS.COM
10 MayTextbook and testing giant Pearson hit by cyberattack, customer data leakedsubmitted by cm0002 to cybersecurity 9 points | 2 comments https://www.techradar.com/pro/security/textbook-and-testing-giant-pearson-hit-by-cyberattack-customer-data-leakedINFOSEC.PUB
10 MayWhen Physical Access ISN’T Game Over 👀Everyone thinks physical access to a server means instant game over—but not in this setup. In this jaw-dropping moment, a machine is plugged in… and sees absolutely nothing. No servers, no endpoints, no lateral movement possible. Rob Allen and Doug White break down how endpoint p…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 8[−]
10 MayMicrosoft Teams will soon block screen capture during meetingsMicrosoft is working on adding a new Teams feature that will prevent users from capturing screenshots of sensitive information shared during meetings. [...]BLEEPINGCOMPUTER.COM
10 MaySteganography Challenge: My Solution, (Sat, May 10th)When I tried to solve " Steganography Challenge " with the same method as I used in " Steganography Analysis With pngdump.py: Bitstreams ", I couldn&#;x26;#;39;t recover the text message.
ISC.SANS.EDU
10 MaySophisticated PhaaS Phish Toolkits are Now Genetrating Realistic Fake Phishing PagesCybersecurity experts are raising alarms over the proliferation of increasingly sophisticated phishing techniques that leverage dedicated Phishing-as-a-Service (PhaaS) toolkits to create authentic-looking pages. These advanced tools allow even technically inexperienced attackers …GBHACKERS.COM
10 MayBluetooth Core 6.1 Released – What’s New!Bluetooth SIG’s decision to transition to a bi-annual release cadence marks a strategic pivot toward fostering rapid iteration and market responsiveness. The organization seeks to empower developers to integrate enhancements more efficiently by streamlining the delivery of comple…GBHACKERS.COM
10 MayWhy CISOs Must Prioritize Cybersecurity Culture in Remote WorkIn the era of remote and hybrid work, Chief Information Security Officers (CISOs) are now tasked with cultivating a strong cybersecurity culture in remote work, extending far beyond traditional responsibilities like managing firewalls and monitoring networks. The shift to distrib…GBHACKERS.COM
10 MayGoogle Chrome Uses Advanced AI to Combat Sophisticated Online ScamsGoogle has integrated artificial intelligence into its cybersecurity toolkit to shield users from financial and data theft scams. On Friday, May 09, 2025, the company unveiled a comprehensive report detailing its latest AI-driven initiatives across Search, Chrome, and Android, ma…GBHACKERS.COM
10 MayNorth Korea’s OtterCookie Malware Added a New Feature to Attack Windows, Linux, and macOSA North Korea-linked attack group, known as WaterPlum (also referred to as Famous Chollima or PurpleBravo), has been actively targeting financial institutions, cryptocurrency operators, and FinTech companies globally. Since 2023, their infamous Contagious Interview campaign has u…GBHACKERS.COM
10 MayWeekly Update 451Presently sponsored by: Join Snyk's May 15th event to discover how to establish a Security Champions program, bridging security and development The Have I Been Pwned Alpine Grand Tour is upon us! I've often joked that work is always either sitting at my desk at home in isola…TROYHUNT.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
10 MayFake AI video generators drop new Noodlophile infostealer malwareFake AI-powered video generation tools are being used to distribute a new information-stealing malware family called 'Noodlophile,' under the guise of generated media content. [...]BLEEPINGCOMPUTER.COM
10 MayFive things we learned from WhatsApp vs. NSO Group spyware lawsuitThe landmark trial between WhatsApp and NSO Group unearthed several new revelations. We recap some of them here.TECHCRUNCH.COM
📡 INFOSEC NEWS 8[−]
10 MayGoogle Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data CollectionGoogle has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition data without consent. The $1.375 billion payment dwarfs the fines the tech giant has …THEHACKERNEWS.COM
10 MayGermany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of DataGermany's Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform. The operation was carried out on Ap…THEHACKERNEWS.COM
10 MayYou Can’t Use AI If Your Data Isn’t Secure! 🔐Most companies rush to adopt AI without securing their data first—and that’s a massive mistake! 🔐 Jason reveals why 90% of organizations haven’t done a proper data inventory, classified their information, or enabled unified labeling. Before businesses can modernize and innovate, …YOUTUBE.COM
10 MayNot Firewalls. Not Patches. THIS Stops Hackers Cold!Pen testers reveal the real reason some companies are nearly impossible to hack — and it's not their firewalls or patches. It's something way more human. In this short, Paul and Joshua expose how elite teamwork and communication can shut down even the most skilled attackers. This…YOUTUBE.COM
10 MayImagine Getting Therapy from MS-DOSWhat if your therapist sounded like MS-DOS? 😳 This hilarious retro throwback dives into Eliza — an old-school AI program that pretended to be a therapist, running on ancient systems like MS-DOS or maybe even CP/M. Joshua and Lee share laughs over how this digital rubber ducky use…YOUTUBE.COM
10 MayHe Just Called C# “Java, But Microsoft”… Is He Right?A cybersecurity expert just dropped a wild take—he says C# is basically just Microsoft's version of Java! 😳🔥 Is he right, or is this the most controversial programming opinion ever? Watch as he breaks down the history behind C# and Java in a way you’ve never heard before! #CyberS…YOUTUBE.COM
10 MayStop Lying to Yourself About Cyber GoalsMost cybersecurity teams fail not because of bad intentions—but because they don’t actually define what “done” looks like. In this clip, Summer Craze Fowler breaks down the hard truth about setting real success criteria. It’s not enough to say you’ll finish by Q3… if you can’t de…YOUTUBE.COM