🐛 COMMON VULNERABILITIES AND EXPOSURES 39[−]
1 May‘Trivial’ exploit can give attackers root access to Linux kernelCSOs must ensure their Linux-based systems block unauthorized privilege escalation until distros release patches to plug a serious kernel vulnerability affecting all Linux distributions shipped since 2017. Until fixes are available for what’s been dubbed the Copy Fail logic bug (…CSOONLINE.COM
1 MayChromium: CVE-2026-7343 Use after free in ViewsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7363 Use after free in CanvasThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7359 Use after free in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7333 Use after free in GPUThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7360 Insufficient validation of untrusted input in CompositingThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7344 Use after free in AccessibilityThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7358 Use after free in AnimationThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7334 Use after free in ViewsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7357 Use after free in GPUThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7356 Use after free in NavigationThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7353 Heap buffer overflow in SkiaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7351 Race in MHTMLThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7354 Out of bounds read and write in AngleThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7349 Use after free in CastThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7348 Use after free in CodecsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7335 Use after free in mediaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7336 Use after free in WebRTCThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7350 Use after free in WebMIDIThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7345 Insufficient validation of untrusted input in FeedbackThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7347 Use after free in ChromotingThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7346 Inappropriate implementation in TintThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7337 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7338 Use after free in CastThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7341 Use after free in WebRTCThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7340 Integer overflow in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7339 Heap buffer overflow in WebRTCThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayChromium: CVE-2026-7355 Use after free in MediaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
1 MayWhatsApp Encryption Under Fire After Probe Shut DownA U.S. federal investigation into WhatsApp encryption was shut down before reaching a conclusion — after an internal claim suggested Meta systems may access message content in ways that conflict with public descriptions. In this episode of Cybersecurity Today, Jim Love breaks dow…CYBERSECURITYTODAY.LIBSYN.COM
1 MayCVE-2026-31533 net/tls: fix use-after-free in -EBUSY error path of tls_do_encryptionInformation published.MSRC.MICROSOFT.COM
1 MayCVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPsInformation published.MSRC.MICROSOFT.COM
1 MayCVE-2026-31692 rtnetlink: add missing netlink_ns_capable() check for peer netnsInformation published.MSRC.MICROSOFT.COM
1 MayFederal agencies must patch cPanel bug by Sunday, CISA saysIncident responders at Rapid7 said successful exploitation of CVE-2026-41940 “grants an attacker control over the cPanel host system, its configurations and databases, and websites it manages.”THERECORD.MEDIA
1 May KEVWindows shell spoofing vulnerability puts sensitive data at riskMicrosoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a Windows shell spoofing vulnerability that is already being exploited by attackers. It is not clear by whom as yet, but the main suspects are hackers in Russia. CISA has man…CSOONLINE.COM
1 MayDangerous New Linux Exploit Gives Attackers Root Access to Countless ComputersThe exploit, dubbed CopyFail and tracked as CVE-2026-31431, allows hackers to take over PCs and data center servers. The Linux vulnerabilities have been patched—but many machines remain at risk.WIRED.COM
1 MayMetasploit Wrap-Up 05/01/2026MCP server This release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server (msfmcpd), bringing Model Context Protocol support to Metasploit Framework. MCP lets AI applications like Claude, Cursor, or your own custom agents query Metasploit data. Think of …RAPID7.COM
⚠️ VULNERABILITY DISCLOSURE 32[−]
1 MaySnake Oilers: Ent AI, Spacewalk and MondooIn this edition of the Snake Oilers podcast three vendors stop by to pitch the audience on their products: Ent AI: Co-founder Brandon Dixon pitched Ent, an intent-aware, AI-powered endpoint security control. Spacewalk AI: Founders Chris Fuller and Tim Wenzlau pitch Spacewalk, an …RISKY.BIZ
1 MayNew infosec products of the month: April 2026Here’s a look at the most interesting products from the past month, featuring releases from Advenica, Aptori, Axonius, Broadcom, GlobalSign, Intruder, IP Fabric, Mallory, Secureframe, Siemens, Sitehop, and Virtue AI. Mallory brings contextual threat intelligence to security opera…HELPNETSECURITY.COM
1 MayFake CAPTCHA Scam Uses SMS Pumping to Inflate Phone BillsA newly uncovered cyber fraud campaign is abusing fake CAPTCHA pages to trick mobile users into sending large volumes of international SMS messages, resulting in unexpected phone bills and illicit profits for attackers. Unlike traditional malware campaigns, this operation does no…GBHACKERS.COM
1 MayAman - 215,563 breached accountsIn April 2026, the ultra-luxury hotel brand Aman was named by ShinyHunters as the target of a "pay or leak" extortion campaign , with the data allegedly obtained from their Salesforce CRM. The data was subsequently leaked publicly and contained over 200k unique email addresses. W…HAVEIBEENPWNED.COM
1 MayAI traffic is getting bigger, louder, and less predictableAI workflows need storage that supports repeated movement across the model lifecycle. Large datasets are ingested, transformed, exported for training, pulled back for evaluation, and refreshed as models evolve. Backblaze’s Q1 2026 Network Stats report says this creates a shift fr…HELPNETSECURITY.COM
1 MayClaude Security Enters Public Beta for Enterprise CustomersAnthropic has officially launched the public beta of Claude Security, an advanced vulnerability detection and remediation tool now available to Claude Enterprise customers. Powered by the highly capable Claude Opus 4.7 model, this platform shifts application security testing from…GBHACKERS.COM
1 MayOpen-source privacy proxy masks PII before prompts reach external AI servicesEnterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has released Kiji Privacy Proxy, an…HELPNETSECURITY.COM
1 MayShadow AI risks deepen as 31% of users get no employer trainingBetween one-fifth and one-third of workers use AI outside the influence and governance of the IT function, according to a global survey of 6,000 full-time employees at enterprise organizations. Researchers found a widening gap between employee AI adoption and the controls organiz…HELPNETSECURITY.COM
1 MayChina-Aligned Hackers Deploy ShadowPad in Multi-Stage Espionage CampaignChina-aligned threat actors tracked as SHADOW-EARTH-053 are exploiting old but unpatched Microsoft Exchange and IIS vulnerabilities to run a stealthy, multi-stage espionage campaign across Asian governments, critical infrastructure, and one NATO member state. The group primarily …GBHACKERS.COM
1 MayMultiple Wireshark Vulnerabilities Allow Arbitrary Code Execution via Malformed PacketsThe Wireshark Foundation has released version 4.6.5 of its widely used network protocol analyzer, addressing a massive wave of security vulnerabilities. This urgent update patches over 40 distinct security flaws, driven by a recent surge in AI-assisted vulnerability reports. The …GBHACKERS.COM
1 MayAI-Powered Ransomware Surge Hits 7,831 Victims WorldwideRansomware attacks surged dramatically in 2025, with global victims reaching 7,831. The sharp rise highlights how cybercrime has evolved into a highly organized, AI-driven ecosystem in which attackers operate at speed, with automation and scale. This surge is largely fueled by th…GBHACKERS.COM
1 MayDDoS Malware Targets Jenkins to Hit Valve Game ServersA new DDoS botnet that abuses exposed Jenkins servers to launch powerful attacks against Valve Source Engine game infrastructure, including servers hosting titles like Counter‑Strike and Team Fortress 2. The campaign shows how a single misconfigured CI server can be turned into a…GBHACKERS.COM
1 MayPoisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential TheftA new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence. The activity has been attributed to the GitHub account "BufferZo…THEHACKERNEWS.COM
1 MayJust 34% of cyber pros plan to stick with their current employerDeclining job satisfaction means that only one in three (34%) cybersecurity professionals plan to stay with their current employer, increasing the pressure on CISOs’ talent retention strategies. And according to a survey of 500 cybersecurity professionals by IANS and Artico Searc…CSOONLINE.COM
1 MayManaging OT risk at scale: Why OT cyber decisions are leadership decisionsThe first time I approached an OT environment, I assumed that the strategies effective in IT cybersecurity would be equally applicable. I was wrong. The experience revealed a fundamental difference, highlighting the need for a distinct approach to OT cyber risk management. The mi…CSOONLINE.COM
1 MayHuman-centric failures: Why BEC continues to work despite MFABusiness email compromise (BEC) is still thriving even in organizations that have implemented multi-factor authentication (MFA). As security professionals, we often assume that MFA is the silver bullet for email security, but real-world incidents suggest otherwise. Attackers expl…CSOONLINE.COM
1 May KEVActively exploited cPanel bug exposes millions of websites to takeoverA vulnerability in the cPanel/WHM admin interface lets attackers access websites without a username and password.MALWAREBYTES.COM
1 MayNine-Year-Old Zero-Day Flaw in Linux Kernel Discovered by AI-Equipped Security ResearcherA researcher from offensive security firm Theori has found a nine-year-old flaw in the Linux kernel with the help of AIINFOSECURITY-MAGAZINE.COM
1 MayAnthropic launches Claude Security to counter rapid AI-Powered exploitsAnthropic launched Claude Security to counter faster AI-driven cyberattacks, as tools like Mythos enable near-instant exploitation by threat actors. Anthropic introduced Claude Security to help defenders keep up with a surge in AI-powered cyberattacks. As models like Mythos drast…SECURITYAFFAIRS.COM
1 MayUtah becomes first US state to require age verification for VPN useUtah is set to implement a first-of-its-kind law targeting VPN use to enforce online age verification, raising concerns about privacy, free speech, and technical feasibility. The measure, which takes effect on May 6, 2026, shifts liability onto websites and restricts how they can…CYBERINSIDER.COM
1 MayMozilla warns Chrome’s Prompt API threatens web neutralityMozilla has reiterated strong opposition to Google’s proposed Prompt API for Chrome, warning that it could fragment the web, lock developers into model-specific behavior, and introduce problematic policy enforcement at the browser level. The Prompt API aims to provide web develop…CYBERINSIDER.COM
1 MayAnthropic Rolls Out Claude Security for AI Vulnerability ScanningClaude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents requiredINFOSECURITY-MAGAZINE.COM
1 MayVulnerability remediation: Match CVEs to asset owners in seconds with Tenable Hexa AIDetecting a vulnerability is easy. Finding the person responsible for fixing it is where remediation programs often break down. See how Tenable Hexa AI uses MCP to connect your exposure data to your identity provider — automating the hunt for asset owners in seconds. Key takeaway…TENABLE.COM
1 MayBritish cyber agency warns of looming ‘patch wave’ as AI speeds flaw discoveryBritain’s cyber agency warned that organizations should prepare for a surge of urgent software updates as artificial intelligence accelerates the discovery of security flaws, raising the risk of widespread exploitation.THERECORD.MEDIA
1 MayChina-Linked Hackers Target Asian Governments, NATO State, Journalists, and ActivistsCybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO. Trend Micro has attributed the activity to a threat ac…THEHACKERNEWS.COM
1 MayA Medicare database leaked Social Security numbers.FISA Section 702 gets another stopgap extension. "Mini Shai Hulud" campaign spreads through the open-source supply chain.THECYBERWIRE.COM
1 MayTCP Packet Walks Into a BarHacker culture often uses humor rooted in programming, networking, and system behavior—like TCP reliability, source code access, and deployment frustrations. These jokes aren’t just comedy; they reflect shared experiences in software and infrastructure work. Concepts like packet …YOUTUBE.COM
1 MayYour KnowBe4 Fresh Content Updates from April 2026John N Just, Ed.D. - Chief Learning Officer What's New: Celebrating World Password Day and Beyond Happy May! This month, we are putting a major spotlight on World Password Day (May 7) . While the "traditional" password might be evolving into passkeys and biometrics, the human ele…KNOWBE4.COM
1 MayThink before you deploy the agent.Five Eyes agencies issue agentic AI guidance. A federal database leaks Social Security numbers. A stealthy worm poisons open source packages. OT firms are sidelined from frontier cyber models. The FBI warns of a surge in cyber-enabled cargo theft. Officials flag likely election i…THECYBERWIRE.COM
1 MayHidden Risk QR Code PhishingQR code phishing attacks more than doubled in early 2026, making them one of the fastest-growing email-based attack vectors. Attackers exploit a simple trust gap: users are trained to inspect links, but QR codes hide the destination entirely. This removes visibility and makes tra…YOUTUBE.COM
1 MayAI agents can bypass guardrails and put credentials at risk, Okta study findsAn AI agent that revealed sensitive data without being asked. An agent that overruled its own guardrails. Another that sent credentials to an attacker via Telegram, because it forgot it wasn’t supposed to do so after a reset. It’s no secret that AI agents have huge potential, bal…CSOONLINE.COM
1 MayEssential Data Sources for Detection Beyond the EndpointUnit 42 highlights the need for a comprehensive security strategy that spans every IT zone. Explore the full details here. The post Essential Data Sources for Detection Beyond the Endpoint appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
📋 SECURITY BULLETINS 2[−]
1 MayMicrosoft Windows 11 April 2026 Security Update Disrupts Third-Party Backup ToolsThe April 2026 security update for Windows 11, designated as KB5083769, is causing severe disruptions for users relying on third-party backup solutions. Deployed for Windows 11 versions 24H2 and 25H2, this patch introduces a critical flaw that breaks the Microsoft Volume Shadow C…GBHACKERS.COM
1 MaySonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. Patch them nowSonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. The company released firmware updates to block bypass attacks and unauthorized access. SonicWall released urgent firmware updates to fix three SonicOS vulnerabilities affecting Gen 6, Gen 7, and Gen 8 firewalls. T…SECURITYAFFAIRS.COM
📢 SECURITY ADVISORIES 6[−]
1 MayMultiple Exim Mail Server Vulnerabilities Could Trigger Crashes via Malicious DNS DataThe developers of the Exim mail server have officially rolled out version 4.99.2 to address four newly discovered security vulnerabilities. This critical update patches multiple software flaws that could allow attackers to crash server connections, corrupt memory heaps, or potent…GBHACKERS.COM
1 MayEtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise AdminsA newly uncovered cyber campaign dubbed “EtherRAT” is raising concerns across enterprise environments, as attackers combine SEO poisoning, GitHub abuse, and blockchain-based infrastructure to target high-privilege IT professionals. Instead of broadly targeting users, the attacker…GBHACKERS.COM
1 MayNearly every Linux system built since 2017 vulnerable to ‘Copy Fail’ flawSecurity researchers and European cybersecurity officials are urging administrators to address the risk posed by a newly discovered security flaw that has been hiding in the Linux operating system for nearly a decade.THERECORD.MEDIA
1 MayUK Tech Ministers Opposing Government Plans to Align with EU AI RulesUK technology ministers are briefing against government plans to adopt EU regulations, arguing that it could restrict the growth of Britain’s tech and AI sector. The post UK Tech Ministers Opposing Government Plans to Align with EU AI Rules appeared first on TechRepublic .TECHREPUBLIC.COM
1 MayUS government, allies publish guidance on how to safely deploy AI agentsThe guidance warns that agents capable of taking real-world actions on networks are already inside critical infrastructure, and most organizations are granting them far more access than they can safely monitor or control. The post US government, allies publish guidance on how to …CYBERSCOOP.COM
1 MayAnnouncing the ISO 31000:2018 Risk Management on AWS Compliance GuideAWS Security Assurance Services is announcing the release of our latest compliance guide, ISO 31000:2018 Risk Management on AWS, which provides practical guidance for organizations establishing and operating a risk management program in AWS environments using ISO 31000:2018 princ…AWS.AMAZON.COM
🔥 INCIDENT REPORTING 6[−]
1 MayA Ransomware Negotiator Was Working for a Ransomware GangSomeone pleaded guilty to secretly working for a ransomware gang as he negotiated ransomware payments for clients.SCHNEIER.COM
1 May KEVTwo Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware AttacksThe U.S. Department of Justice (DoJ) on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accuse…THEHACKERNEWS.COM
1 MayTwo American Cybersecurity Workers Jailed for BlackCat Ransomware AttacksThe cybersecurity workers used their knowledge and skills to conduct ransomware attacks for notorious gang, rather than protect victims against themINFOSECURITY-MAGAZINE.COM
1 MayCyber incident responders who carried out ransomware attacks given 4-year sentencesTwo cybersecurity incident responders who abused their positions to carry out covert ransomware attacks were sentenced to four years in prison.THERECORD.MEDIA
1 May30,000 Facebook Accounts Hacked via Google AppSheet Phishing CampaignA newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails with an aim to compromise Facebook accounts. The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen…THEHACKERNEWS.COM
1 MayThe new speed of cyber defense with Andrew Carr from Booz AllenAndrew Carr, Managing Director and head of Threat Detection and Response at Booz Allen, joins Dave Bittner on the CyberWire Daily podcast for a sponsored Industry Voices. Drawing on years of incident response and ransomware negotiation experience, he explains how AI is compressin…THECYBERWIRE.COMHTTPS:
🕵️ THREAT INTELLIGENCE 23[−]
1 MayISC Stormcast For Friday, May 1st, 2026 https://isc.sans.edu/podcastdetail/9914, (Fri, May 1st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
1 MayIdentity is the control plane for distributed infrastructureTeleport CEO Ev Kontsevoy makes the case that distributed infrastructure, across cloud, Kubernetes, databases, and servers, can’t be secured by layering more tools on top of fragmented identity systems. He argues for fewer credentials, fewer entry points, and a single ident…HELPNETSECURITY.COM
1 MayRuby Gems and Go Modules Used in Campaign Targeting GitHub ActionsA sophisticated software supply chain attack originating from the GitHub account BufferZoneCorp has been uncovered, targeting developers and continuous integration environments through malicious Ruby gems and Go modules. The campaign deployed sleeper packages that impersonated le…GBHACKERS.COM
1 MayDeep#Door Stealer Targets Passwords, Tokens, SSH Keys, and Wi-Fi CredentialsDeep#Door is a stealthy Python-based Remote Access Trojan (RAT) that uses an obfuscated batch loader to deploy a persistent surveillance and credential-stealing implant on Windows systems. It aggressively turns off security controls, hides its traffic behind the bore.]pub tunneli…GBHACKERS.COM
1 MayFBI Warns Logistics Sector of Fake Business Identity Cargo ScamsThe FBI issued a public service announcement warning the transportation and logistics sectors about a massive increase in cyber-enabled strategic cargo theft. Threat actors are increasingly using sophisticated tactics to impersonate legitimate businesses, hijack freight, and stea…GBHACKERS.COM
1 MayCAPTCHA and ClickFix Abuse Fuels Credential Theft SurgeAttackers are increasingly combining QR codes, fake CAPTCHA gates, and ClickFix-style tricks to steal credentials at scale, even as major phishing-as-a-service (PhaaS) platforms face disruption. These tactics shift risk from traditional malware attachments to highly convincing, h…GBHACKERS.COM
1 MayNew Android Spyware Platform Enables Rebranding and ResaleA newly discovered Android spyware platform is raising concerns among cybersecurity researchers by introducing a business model that allows buyers to rebrand and resell surveillance malware as their own product. Buyers can subscribe to the service, customize branding, and launch …GBHACKERS.COM
1 MayName That Toon: Mark of (Security) ProgressFeeling creative? Have something to say about the last 20 years of cybersecurity? Our editors will award the best cybersecurity-related caption with a $20 gift card.DARKREADING.COM
1 MayDownload: Automating Pentest Delivery GuidePentesting remains one of the most effective ways to identify real-world weaknesses, but the method for delivering results hasn’t evolved. Manual workflows involving static documents and email threads introduce delays, create inefficiencies, and diminish the value of the work. Th…HELPNETSECURITY.COM
1 MayCyber spies target Russian aviation firms to steal satellite and GPS dataA cyber-espionage group has been targeting Russian government agencies and companies in the aviation industry to steal sensitive geospatial data.THERECORD.MEDIA
1 MaySamsung’s Next Galaxy Book Could Run Android Instead of WindowsSamsung is reportedly developing Android-powered Galaxy Book laptops with One UI 9 and Google’s upcoming Aluminium OS platform. The post Samsung’s Next Galaxy Book Could Run Android Instead of Windows appeared first on TechRepublic .TECHREPUBLIC.COM
1 MayUS and allies urge ‘careful adoption’ of AI agentsNew guidance from a coalition of Western governments underscores the difficult-to-predict risks of still-evolving agentic tools.CYBERSECURITYDIVE.COM
1 MayGerman MPs advised to drop Signal in favor of Wire over security concernsGermany’s Bundestag is moving to standardize on the Wire messaging platform following a wave of phishing attacks targeting politicians, with President Julia Klöckner urging lawmakers to abandon less controlled apps like Signal. In a letter dated April 24, 2026, Bundestag Presiden…CYBERINSIDER.COM
1 MayAs email phishing evolves, malicious attachments decline and QR codes surgeA new Microsoft report also describes the collapse of a once-dominant tool for generating phishing websites with fake CAPTCHAs.CYBERSECURITYDIVE.COM
1 MayOpenAI Introduces Password-Free Login for Millions of ChatGPT UsersOpenAI’s Advanced Account Security lets ChatGPT and Codex users replace passwords with passkeys or security keys, but recovery is limited. The post OpenAI Introduces Password-Free Login for Millions of ChatGPT Users appeared first on TechRepublic .TECHREPUBLIC.COM
1 MayMicrosoft Flagged 8.3B Phishing Emails in Q1 as QR Codes, CAPTCHAs RiseMicrosoft flagged 8.3 billion phishing emails as attackers turned to QR codes, fake CAPTCHAs, PhaaS kits, and file-based payloads. The post Microsoft Flagged 8.3B Phishing Emails in Q1 as QR Codes, CAPTCHAs Rise appeared first on TechRepublic .TECHREPUBLIC.COM
1 MayAlert: Payroll-Hijacking Attacks Are Targeting Canadian EmployeesMicrosoft warns that a new criminal threat actor dubbed “Storm-2755” is launching payroll-pirate attacks against Canadian users. These attacks use social engineering to compromise employee accounts and divert salary payments to attacker-controlled bank accounts.KNOWBE4.COM
1 MayCriminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence OperationsTorrance, United States / California, May 1st, 2026, CyberNewswire Criminal IP partners with Securonix to integrate Criminal IP’s Threat Intelligence into ThreatQ, allowing organizations to incorporate external IP intelligence into their existing workflows, helping security teams…GBHACKERS.COM
1 MayDOS, Seneca the Younger, Outlook, CopyFail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet - SWN #577DOS, 0x1A4, Seneca the Younger, Outlook, Copy/Fail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-577YOUTUBE.COM
1 MayWhite House questions tech industry on defensive AI use, cybersecurity resilienceCompanies may be reluctant to answer some of the government’s questions, given the sensitive topics they address.CYBERSECURITYDIVE.COM
1 MayApple Sales Jump as ‘Most Popular’ iPhone Fuels GrowthApple reported strong quarterly revenue as iPhone demand surged, but questions remain around AI strategy, rising costs, and leadership changes. The post Apple Sales Jump as ‘Most Popular’ iPhone Fuels Growth appeared first on TechRepublic .TECHREPUBLIC.COM
1 MayBreaking encryption with quantum computing — Interview with Chris PeikertThe idea that quantum computers could one day break today’s encryption has moved from theory into serious discussion. In practical terms, it means that the mathematical problems protecting everything from secure websites and messaging apps to cryptocurrencies could become solvabl…CYBERINSIDER.COM
1 May76% of All Crypto Stolen in 2026 Is Now in North KoreaNorth Korean threat actors are pulling off historic cryptocurrency heists on a yearly, sometimes weekly basis now. AI might be helping them.DARKREADING.COM
📡 INFOSEC NEWS 12[−]
1 MayEnterprise Spotlight: Transforming software development with AIArtificial intelligence has had an immediate and profound impact on software development. Coding practices, coding tools, developer roles, and the software development process itself are all being reimagined as AI agents advance on every stage of the software development life cyc…US.RESOURCES.CSOONLINE.COM
1 MayTop Five Sales Challenges Costing MSPs Cybersecurity RevenueThe managed security services market is projected to grow from $38.31 billion in 2025 to $69.16 billion by 2030[1], with cybersecurity being the fastest-growing sector[2]. Despite this opportunity, many MSPs leave revenue on the table because their go-to-market strategy fails to …THEHACKERNEWS.COM
1 May20 Years in Cyber: Dark Reading Marks Milestone With Month of Special CoverageOn this day in 2006, Dark Reading went live. We have a celebration planned that spans our two decades of covering the industry, and you, dear readers, are invited.DARKREADING.COM
1 MayCybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion AttacksCybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid, high-impact attacks" operating almost within the confines of SaaS environments, while leaving minimal traces of their actions. The clusters, Cordial Spider (aka BlackFile, CL-CRI-1116, O-…THEHACKERNEWS.COM
1 MayCarding service Jerry’s Store leak exposes 345,000 stolen payment cardsJerry’s Store, a card-checking service used by cybercriminals, exposed 345,000 stolen payment cards after leaving its server open, revealing sensitive data. A cybercriminal operation known as Jerry’s Store has reportedly exposed a large cache of stolen payment card data after lea…SECURITYAFFAIRS.COM
1 MayUbuntu services hit by outages after DDoS attackA group of hacktivists have claimed responsibility for a distributed denial-of-service attack, which has affected several Ubuntu and Canonical websites, and prevented users from updating the Linux-based operating system.TECHCRUNCH.COM
1 MayIf AI's So Smart, Why Does It Keep Deleting Production Databases?The issue isn't artificial intelligence, but rather an industry adding AI agent integrations into production environments before proper security testing.DARKREADING.COM
1 MaySenate Judiciary advances bill that would bar minors from interacting with AI companionsThe bill, known as the GUARD Act, also requires that AI companions advise users of all ages that they are not human and lack professional credentials. It also makes it a crime for AI companions to knowingly ask kids for sexual content or to produce it.THERECORD.MEDIA
1 MayDigital attacks drive a new wave of cargo theft, FBI saysThe FBI warns of rising cyber cargo theft, with hackers targeting brokers and carriers. Experts say digital attacks are replacing traditional cargo theft. The FBI has issued a Public Service Announcement (PSA) about a surge in cyber-enabled cargo theft, with hackers increasingly …SECURITYAFFAIRS.COM
1 MaySecurity posture improvement in the AI eraIt’s only been a few weeks since Anthropic announced the Claude Mythos Preview model and launched Project Glasswing with AWS and other leading organizations. This has generated a lot of discussion about the future of cybersecurity and what the ever-increasing capabilities of foun…AWS.AMAZON.COM
1 MaySocial Engineering Leveled Up. Has Your Security Program?Social engineering has evolved. Device code phishing and AI lures bypass MFA and blend in. Build a cyber resilience strategy before the next attack lands.HUNTRESS.COM