matlock.ca // THREAT INTELLIGENCE

124Articles

10Categories

2026-05-05Date

🚨

CISA mulls new three-day remediation deadline for critical flawsExperts have mixed reactions to a report that the US Cybersecurity and Infrastructure Security Agency (CISA) is considering reducing the timeline in which government agencies must address critical vulnerabilities from two weeks to only three days. The current 14-day window applie…

KEVCSOONLINE.COM — 05 May 2026

🐛

Apache HTTP Server Vulnerability Exposes Millions to Remote Code Execution Threats

GBHACKERS.COM — 05 May 2026

🐛

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

KEVTHEHACKERNEWS.COM — 05 May 2026

🐛

CVE-2026-42798

MSRC.MICROSOFT.COM — 05 May 2026

🐛

CVE-2026-40170 ngtcp2 has a qlog transport parameter serialization stack buffer overflow

MSRC.MICROSOFT.COM — 05 May 2026

🐛

CVE-2026-37457

MSRC.MICROSOFT.COM — 05 May 2026

🐛

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

THEHACKERNEWS.COM — 05 May 2026

🐛

Critical Weaver E-cology RCE Exploit Raises Alarm for Enterprise Systems

KEVGBHACKERS.COM — 05 May 2026

🐛

AI finds 20-year-old bugs in PostgreSQL and MariaDB

CSOONLINE.COM — 05 May 2026

🐛

Five ways to use Kiro and Amazon Q to strengthen your security posture

AWS.AMAZON.COM — 05 May 2026

🐛

Critical Android vulnerability CVE-2026-0073 fixed by Google

SECURITYAFFAIRS.COM — 05 May 2026

🐛

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

THEHACKERNEWS.COM — 05 May 2026

🐛

Unpatched flaws turn Ollama’s auto-updater into a persistent RCE vector, researchers say

HELPNETSECURITY.COM — 05 May 2026

🐛

Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years

UNIT42.PALOALTONETWORKS.COM — 05 May 2026

⚠️

Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models

CSOONLINE.COM — 05 May 2026

⚠️

Mythbehavior under investigation.

THECYBERWIRE.COM — 05 May 2026

⚠️

174: Pacific Rim

DARKNETDIARIES.COM — 05 May 2026

⚠️

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

THEHACKERNEWS.COM — 05 May 2026

⚠️

The Terrorist Designation: A New Red Line for Ransomware with Cynthia Kaiser

THECYBERWIRE.COM — 05 May 2026

⚠️

Qualcomm Chipset Vulnerabilities Raise Alarm Over Remote Code Execution Risk

GBHACKERS.COM — 05 May 2026

⚠️

Attackers Exploit Amazon SES to Send Authenticated Phishing Emails

GBHACKERS.COM — 05 May 2026

⚠️

Critical Android Zero-Click Vulnerability Enables Remote Shell Access

GBHACKERS.COM — 05 May 2026

⚠️

Trellix Reveals Unauthorized Access to Source Code

INFOSECURITY-MAGAZINE.COM — 05 May 2026

⚠️

CISOs step up to the security workforce challenge

CSOONLINE.COM — 05 May 2026

⚠️

Keeping Up With the OWASP GenAI Project - Scott Clinton - ASW #381

YOUTUBE.COM — 2026-05-05

⚠️

NCSC Warns of an AI-Fuelled “Vulnerability Patch Wave”

INFOSECURITY-MAGAZINE.COM — 05 May 2026

⚠️

DarkSword Malware

SCHNEIER.COM — 2026-05-05

⚠️

WhatsApp Security Flaw Enables Malicious URL Execution Through Instagram Reels

GBHACKERS.COM — 05 May 2026

⚠️

Education Sector Hit by Espionage, Phishing, and Supply Chain Attacks

GBHACKERS.COM — 05 May 2026

⚠️

Microsoft warns of global campaign stealing auth tokens from 35K users

SECURITYAFFAIRS.COM — 05 May 2026

⚠️

CloudZ malware hijacks Microsoft Phone Link to intercept SMS and OTPs

CYBERINSIDER.COM — 05 May 2026

⚠️

We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is

THEHACKERNEWS.COM — 05 May 2026

⚠️

Silver Fox Uses Fake Tax Notices to Drop ValleyRAT and ABCDoor Backdoor

GBHACKERS.COM — 05 May 2026

⚠️

Cisco Acquisition of Astrix Security Signals to Strengthen on Non-Human Identity Security

GBHACKERS.COM — 05 May 2026

⚠️

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

CSOONLINE.COM — 05 May 2026

⚠️

C/C++ checklist challenges, solved

TRAILOFBITS.COM — 05 May 2026

⚠️

US-Targeted Phishing Campaign Exposes Credential and Remote Access Risks for CISOs

ANY.RUN — 05 May 2026

⚠️

How Far the US Went to Rescue Hostage Bowe Bergdahl

THECYBERWIRE.COM — 05 May 2026

⚠️

PoC tool extracts cleartext passwords from Microsoft Edge memory

CYBERINSIDER.COM — 05 May 2026

⚠️

A Walkthrough of the 2026 Global Cybersecurity Summit Agenda

RAPID7.COM — 05 May 2026

⚠️

Fake SSA Emails Drive Venomous#Helper Phishing Campaign

INFOSECURITY-MAGAZINE.COM — 05 May 2026

⚠️

Google to pay up to $1.5 million for zero-click Pixel Titan M exploits

HELPNETSECURITY.COM — 05 May 2026

⚠️

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

THEHACKERNEWS.COM — 05 May 2026

⚠️

Oracle will patch more often to counter AI cybersecurity threat

CSOONLINE.COM — 05 May 2026

⚠️

Trellix investigating breach of source code repository

CYBERSECURITYDIVE.COM — 05 May 2026

⚠️

Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk

DARKREADING.COM — 05 May 2026

⚠️

UK's NCSC warns of AI-driven "patch wave."

THECYBERWIRE.COM — 05 May 2026

⚠️

Apple brings end-to-end encryption to RCS messaging in iOS 26.5

CYBERINSIDER.COM — 05 May 2026

⚠️

Tanium Atlas aims to accelerate threat response in the AI era

HELPNETSECURITY.COM — 05 May 2026

⚠️

CISA pushes critical infrastructure operators to prepare to work in isolation

CSOONLINE.COM — 05 May 2026

⚠️

Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts

TECHREPUBLIC.COM — 05 May 2026

⚠️

Google Update: Android Flaw Could Put Billions of Devices at Risk

TECHREPUBLIC.COM — 05 May 2026

⚠️

Edge browser leaves passwords exposed in plain text, says researcher

CSOONLINE.COM — 05 May 2026

⚠️

CVE Disclosures Become AI Prompts

YOUTUBE.COM — 2026-05-05

⚠️

Strengthening cyber defense through policy and people.

THECYBERWIRE.COMHTTPS: — 05 May 2026

⚠️

The fixes keep coming.

THECYBERWIRE.COM — 05 May 2026

⚠️

Trellix Source Code Breach Highlights Growing Supply Chain Threats

DARKREADING.COM — 05 May 2026

⚠️

Patch in 3 Days or Break

KEVYOUTUBE.COM — 2026-05-05

⚠️

SN 1077: A Browser AI API? - End of Bug Bounties?

TWIT.TV — 05 May 2026

📋

Oracle rolls out monthly security patch updates

HELPNETSECURITY.COM — 05 May 2026

📢

Download: Secure Foundations for AI Workloads on AWS

HELPNETSECURITY.COM — 05 May 2026

📢

Microsoft: Phishing campaign used fake compliance notices to compromise employee accounts

HELPNETSECURITY.COM — 05 May 2026

📢

LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations

GBHACKERS.COM — 05 May 2026

📢

CISA urges critical infrastructure firms to ‘fortify’ now before it’s too late

CYBERSECURITYDIVE.COM — 05 May 2026

📢

Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails

INFOSECURITY-MAGAZINE.COM — 05 May 2026

📢

CISA boasts AI automation improvements to threat analysis, mission support

CYBERSCOOP.COM — 05 May 2026

📢

Supply-chain attacks take aim at your AI coding agents

CSOONLINE.COM — 05 May 2026

📢

Zino, 0auth, VSS, Mental Health Hackers, 3 Days of KEV, Copy/Fail, AI, Aaran Leyland - SWN #578

KEVYOUTUBE.COM — 2026-05-05

📢

CISA wants critical infrastructure to operate ‘weeks to months’ in isolation during conflict

CYBERSCOOP.COM — 05 May 2026

🔥

Vimeo - 119,167 breached accounts

HAVEIBEENPWNED.COM — 05 May 2026

🔥

DigiCert Hacked in Screensaver-Based Attack to Fraudulently Obtain EV Code Signing Certificates

GBHACKERS.COM — 05 May 2026

🔥

Educational tech firm Instructure data breach may have impacted 9,000 schools

SECURITYAFFAIRS.COM — 05 May 2026

🔥

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

THEHACKERNEWS.COM — 05 May 2026

🔥

APT37 hacks gaming platform to spread new BirdCall Android spyware

CYBERINSIDER.COM — 05 May 2026

🔥

Australia launches cyber review board modeled on version disbanded in US

THERECORD.MEDIA — 05 May 2026

🔥

Conti ransomware gang member sentenced to 102 months in prison

HELPNETSECURITY.COM — 05 May 2026

🔥

Introducing the New AI-Native KnowBe4 SAT

KNOWBE4.COM — 05 May 2026

🔥

ScarCruft Targets Gaming Platform With Windows, Android Backdoors

GBHACKERS.COM — 05 May 2026

🔥

Hackers Abuse DAEMON Tools Distribution Channel to Deliver Malicious Payloads

GBHACKERS.COM — 05 May 2026

🔥

Hackers steal students’ data during breach at education tech giant Instructure

TECHCRUNCH.COM — 05 May 2026

🔥

North Korean APT Targets Yanbian Gamers via Trojanized Platform

INFOSECURITY-MAGAZINE.COM — 05 May 2026

🔥

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

THEHACKERNEWS.COM — 05 May 2026

🔥

Latvian national sentenced for ransomware attacks run by former Conti leaders

CYBERSCOOP.COM — 05 May 2026

🔥

Conti, Akira ransomware affiliate given 8-year sentence

THERECORD.MEDIA — 05 May 2026

🔥

Vimeo confirms breach via third-party vendor impacts 119K users

SECURITYAFFAIRS.COM — 05 May 2026

🔥

U.S. court sentences Karakurt ransomware negotiator to 8.5 years

SECURITYAFFAIRS.COM — 05 May 2026

🕵️

ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th)

ISC.SANS.EDU — 05 May 2026

🕵️

Microsoft Edge Found Storing Saved Passwords in Cleartext Memory at Startup

GBHACKERS.COM — 05 May 2026

🕵️

pnpm 11 Enables Default Release-Age Guard to Curb npm Supply Chain Attacks

GBHACKERS.COM — 05 May 2026

🕵️

Fake “Notepad++ for Mac” Site May Pose Malware Risk for Mac Users

GBHACKERS.COM — 05 May 2026

🕵️

New Attribution Framework Links APT Campaigns Across Key Layers

GBHACKERS.COM — 05 May 2026

🕵️

North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China

HELPNETSECURITY.COM — 05 May 2026

🕵️

Meta adds proof-based security to encrypted backups

HELPNETSECURITY.COM — 05 May 2026

🕵️

Code of Conduct Phish Hits 35,000 Users in Multi-Stage AiTM Attack

GBHACKERS.COM — 05 May 2026

🕵️

FTC orders Kochava to stop selling people’s location data

CYBERINSIDER.COM — 05 May 2026

🕵️

Anomali ThreatStream Next-Gen speeds threat response across workflows

HELPNETSECURITY.COM — 05 May 2026

🕵️

Cerberus Stalkerware Hits Google Play, Abuses Accessibility and Firebase for Remote Control

GBHACKERS.COM — 05 May 2026

🕵️

UAT-8302 and its box full of malware

TALOSINTELLIGENCE.COM — 05 May 2026

🕵️

VIAVI CyberFlood CF1000 pushes 400G validation for multi-terabit AI data centers

HELPNETSECURITY.COM — 05 May 2026

🕵️

OWASP AI Security Summit May 27

YOUTUBE.COM — 2026-05-05

🕵️

Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack

TECHCRUNCH.COM — 05 May 2026

🕵️

Samsung Display Reveals Screens That Measure Health, Stretch, and Fight Glare

TECHREPUBLIC.COM — 05 May 2026

🕵️

iOS 26.5 to Introduce Encrypted RCS, Maps Changes, and New EU Features

TECHREPUBLIC.COM — 05 May 2026

🕵️

Enhance Your Expertise Anytime with Unlimited Online Courses — Now $19.97

TECHREPUBLIC.COM — 05 May 2026

🕵️

What If Your Digital Footprint Could Shrink?

TECHREPUBLIC.COM — 05 May 2026

🕵️

Power Through Projects with the Microsoft Office 2024 Home & Business

TECHREPUBLIC.COM — 05 May 2026

🕵️

Apple Wallet May Get ‘Create a Pass’ Tool for Event Tickets, Gift Cards

TECHREPUBLIC.COM — 05 May 2026

🕵️

Proton Mail rolls out quantum-resistant encryption for all users

CYBERINSIDER.COM — 05 May 2026

🕵️

Brave sees 100% Linux growth as browser reaches 115M monthly users

CYBERINSIDER.COM — 05 May 2026

🕵️

LastPass Mobile Smart Scanner improves password security

HELPNETSECURITY.COM — 05 May 2026

🕵️

New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch

TECHREPUBLIC.COM — 05 May 2026

🕵️

News alert: LuxSci launches HIPAA-compliant email platform for mid-size healthcare market

LASTWATCHDOG.COM — 05 May 2026

🌐

Supply chain attack via DAEMON Tools | Kaspersky official blog

KASPERSKY.COM — 05 May 2026

🌐

Update WhatsApp now: Two new flaws could expose you to malicious files

MALWAREBYTES.COM — 05 May 2026

🌐

FTC bans data broker Kochava from selling sensitive location info

THERECORD.MEDIA — 05 May 2026

🎙️

How the Story of a USB Penetration Test Went Viral

DARKREADING.COM — 05 May 2026

📡

Elastic Workflows GA: automation where your security data already lives

ELASTIC.CO — 05 May 2026

📡

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

THEHACKERNEWS.COM — 05 May 2026

📡

Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th)

ISC.SANS.EDU — 05 May 2026

📡

SSL.com rotates their root certificate today, (Tue, May 5th)

ISC.SANS.EDU — 05 May 2026

📡

CloudZ RAT potentially steals OTP messages using Pheno plugin

TALOSINTELLIGENCE.COM — 05 May 2026

📡

AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk

INFOSECURITY-MAGAZINE.COM — 05 May 2026

📡

4 days left: Get 50% off a second TechCrunch Disrupt 2026 pass to make more deals faster

TECHCRUNCH.COM — 05 May 2026

📡

Introducing AI traffic analysis dashboards for AWS WAF

AWS.AMAZON.COM — 05 May 2026