184Articles
9Categories
2026-05-11Date
🚨 CISA KEV 1[−]
11 May KEVU.S. CISA adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in BerriAI LiteLLM, tracked as CVE-2026-42208 (CVSS score …SECURITYAFFAIRS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 75[−]
11 MayCVE-2026-31707 ksmbd: validate response sizes in ipc_validate_msg()Information published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43052 wifi: mac80211: check tdls flag in ieee80211_tdls_operInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43474 fs: init flags_valid before calling vfs_fileattr_getInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2025-71302 drm/panthor: fix for dma-fence safe access rulesInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43320 drm/amd/display: Fix dsc eDP issueInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43306 bpf: crypto: Use the correct destructor kfunc typeInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43311 soc/tegra: pmc: Fix unsafe generic_handle_irq() callInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-45186Information published.MSRC.MICROSOFT.COM
11 MayCVE-2026-7568 Signed integer overflow in metaphone()Information published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43053 xfs: close crash window in attr dabtree inactivationInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-31777 ALSA: ctxfi: Check the error for index mappingInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43284 xfrm: esp: avoid in-place decrypt on shared skb fragsInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43317 most: core: fix leak on early registration failureInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43321 bpf: Properly mark live registers for indirect jumpsInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43456 bonding: fix type confusion in bond_setup_by_slave()Information published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43298 drm/amdgpu: Skip vcn poison irq release on VFInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-43353 i3c: mipi-i3c-hci: Fix race in DMA ring dequeueInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-7258 Out-of-bounds read in urldecode() on NetBSDInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-6722 Use-After-Free in SOAP using Apache mapInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2026-6735 XSS within PHP-FPM status endpointInformation published.MSRC.MICROSOFT.COM
11 MayCVE-2025-21714 RDMA/mlx5: Fix implicit ODP use after freeInformation published.MSRC.MICROSOFT.COM
11 MayPoC Exploit Released for Android Zero-Click Flaw Enabling Remote Shell AccessPublic references indicate that a GitHub proof-of-concept is now circulating for CVE-2026-0073, the critical Android flaw documented in Google’s May 2026 security bulletin, raising the urgency for defenders with wireless ADB enabled on test or production devices. Google and multi…GBHACKERS.COM
11 May1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolutionWe find ourselves teetering upon a precipice of our own unwitting construction, and the vertiginous depth of our collective negligence ought to give every security practitioner profound pause. In our headlong rush to deploy AI agents across enterprise environments, we have erecte…CSOONLINE.COM
11 MayThe impact of Mythos and Florida Man, confidence gaps, phishing, & AI adoption - Erich... - ESW #458The Weekly Enterprise News This week, in the enterprise security news, 1. Copy Fail 2. The hits keep coming for CVE, NIST and NVD 3. Cyber attacks on breathalyzers 4. insurance carriers pulling support for AI 5. Florida Man pleads guilty 6. ignore the humanities at your own peril…YOUTUBE.COM
11 MaycPanel and WHM Servers Targeted in Attacks Exploiting CVE-2026-41940A critical authentication bypass vulnerability affecting cPanel and WHM servers, identified as CVE-2026-41940, is currently under active exploitation by a highly sophisticated and elusive cybercriminal syndicate known as Mr_Rot13. The vulnerability carries a maximum severity CVSS…GBHACKERS.COM
11 May KEVNew ‘Dirty Frag’ exploit targets Linux kernel for root accessA newly disclosed Linux privilege escalation issue dubbed “Dirty Frag” is giving attackers a cleaner path to post-compromise escalation to root privileges. According to Microsoft, a couple of vulnerabilities constituting the issue, affecting Linux kernel networking and memory-fra…CSOONLINE.COM
11 MayLinux developers weigh emergency “killswitch” for vulnerable kernel functionsLinux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnerable kernel functions at runtime. The proposal, submitted by Linux kernel developer/maintainer Sasha Levin, arri…HELPNETSECURITY.COM
11 MayVU#937808: Casdoor contains Arbitrary File Write vulnerabilityOverview Casdoor contains an arbitrary file write vulnerability in the implementation of its "Local File System" storage provider. Due to insufficient sanitization of user-supplied paths, an authenticated user with file upload permissions can escape the intended storage directory…KB.CERT.ORG
11 MayVU#471747: dnsmasq contains several vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulationOverview dnsmasq is affected by multiple memory safety and input validation vulnerabilities, including heap buffer overflows, heap corruption, and code execution flaws. Collectively, these vulnerabilities enable attackers to poison cached DNS records, bypass security controls, cr…KB.CERT.ORG
11 MaycPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager BackdoorA threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments. The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager (WHM…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 44[−]
11 MayCanvas Breach Exposes 275M Accounts | AI Targets Water Systems | GM OnStar SettlementA massive cybersecurity week. On this episode of Cybersecurity Today, David Shipley breaks down the reported breach of Instructure's Canvas learning platform, where attacks linked to the ShinyHunters extortion group may have exposed data tied to up to 275 million user accounts ac…CYBERSECURITYTODAY.LIBSYN.COM
11 MayNew cPanel and WHM Vulnerabilities Expose Servers to Code Execution and DoS AttackscPanel and WebHost Manager (WHM) are critical administrative control panels used by hosting providers globally to manage servers, websites, and databases. Due to their widespread deployment, vulnerabilities in these platforms immediately become high-value targets for threat actor…GBHACKERS.COM
11 MayJDownloader Hack Spreads New Python RATThe official JDownloader website fell victim to a sophisticated supply-chain attack, resulting in malicious installers being distributed to users worldwide. Attackers exploited an unpatched vulnerability in the site’s content management system to redirect specific download …GBHACKERS.COM
11 MaySecurity teams are turning to AI to survive alert overloadThe World Economic Forum white paper “Empowering Defenders: AI for Cybersecurity” identified AI as the biggest driver of change in cybersecurity for 94% of survey respondents. The paper found that 77% of organizations already use AI in cybersecurity, with much of the activity foc…HELPNETSECURITY.COM
11 MaymacOS Malware Abuses Google Ads and Claude Shared Chats to Deliver PayloadsThreat actors are deploying a sophisticated malvertising campaign targeting macOS users by exploiting Google Ads and legitimate Anthropic Claude shared chats. Security researcher Berk Albayrak uncovered this novel attack chain on May 10, which distributes a variant of the MacSync…GBHACKERS.COM
11 MayODINI Malware Uses CPU Magnetic Signals to Exfiltrate Data from Air-Gapped SystemsAir-gapped systems and Faraday cages have long represented the gold standard for protecting critical infrastructure and sensitive military networks. However, a groundbreaking threat known as ODINI demonstrates that even these extreme isolation measures can be compromised. Researc…GBHACKERS.COM
11 MayRustinel: Open-source endpoint detection for Windows and LinuxOpen-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burd…HELPNETSECURITY.COM
11 MayReview: Foundations of Cybersecurity, 2nd editionJason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security now extends past data center servers to cloud resources, mobile devices, the Internet of Things, and AI. About the author Jason Andress is an exper…HELPNETSECURITY.COM
11 MayWindows CreateFileW API Flaw Could Let Attackers Lock SMB Files at ScaleThe multi-billion-dollar ransomware defence industry operates on a fundamental assumption: to cause catastrophic operational damage, malicious actors must write corrupted data to a disk. However, a newly disclosed attack technique, GhostLock, completely invalidates this foundatio…GBHACKERS.COM
11 MayCrimenetwork Bust Reveals 22,000 Members and Over 100 Illicit VendorsLaw enforcement authorities have successfully dismantled the relaunched version of “Crimenetwork,” a prominent criminal online trading platform. A 35-year-old German citizen, suspected of operating the illicit platform, was apprehended at his residence in Mallorca, Sp…GBHACKERS.COM
11 MayShinyHunters Exploits Canvas LMS Free Teacher Accounts in New BreachIn early May 2026, ShinyHunters breached Instructure’s Canvas LMS by abusing the Free-For-Teacher (FFT) account program, triggering an active extortion campaign and exposing student and faculty data across thousands of schools worldwide. ShinyHunters claimed responsibility on 3 M…GBHACKERS.COM
11 MayMythos finds a curl vulnerabilitysubmitted by codeinabox to security 4 points | 1 comments https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-vulnerability/ My personal conclusion can however not end up with anything else than that the big hype around this model so far was primarily marketing. I see no e…PROGRAMMING.DEV
11 May8 guiding principles for reskilling the SOC for agentic AIAt DXC Technology, global CISO Mike Baker has established one of the largest agentic security operation centers (SOCs) in the world. To upskill the workforce as part of this journey, he embedded experts from agentic SOC vendor 7AI within his security teams. When Damon McDougald ,…CSOONLINE.COM
11 MayThe scam economy has found its AI upgradeScam attempts continue to reach consumers via email, text messages, social media, online advertising, and phone calls. The volume of exposure has remained stable over the past year, with more than half of consumers encountering scam attempts at least monthly, according to the F-S…HELPNETSECURITY.COM
11 MayMicrosoft 365 Copilot Flaws Could Let Attackers Access Sensitive DataMicrosoft has disclosed a trio of critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. Released on May 7, 2026, these security flaws pose a substantial risk to enterprise data privacy and corporate confidentiality. If…GBHACKERS.COM
11 MayAI security is repeating endpoint security’s biggest mistakeThe security industry is experiencing déjà vu, and most teams haven’t recognized it yet. If you were in the trenches during the early 2000s, you remember the antivirus arms race. IT teams buried under signature updates. Configuration baselines checked obsessively. Patch cycles tr…CSOONLINE.COM
11 MayInstructure confirms Canvas user data exposed in cyberattackInstructure has confirmed that attackers gained unauthorized access to parts of its environment and exploited a vulnerability tied to the company’s Free for Teacher support ticket system. The company says Canvas is now fully operational and that core learning data, including cour…CYBERINSIDER.COM
11 MayYour Purple Team Isn't Purple — It's Just Red and Blue in the Same RoomDefending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can use it. A patch waiting on a change-approval window that's longer than the exploitation window itself.…THEHACKERNEWS.COM
11 MayPHP SOAP Extension Flaw Could Let Attackers Execute Code RemotelyRecently disclosed vulnerabilities in PHP, particularly within its widely used SOAP extension, have raised significant alarms across the cybersecurity community. Among the newly identified flaws is a high-severity vulnerability that could permit attackers to achieve Remote Code E…GBHACKERS.COM
11 MayMalicious Hugging Face model masquerading as OpenAI release hits 244K downloadsA malicious Hugging Face repository posing as an OpenAI release delivered infostealer malware to Windows systems and logged 244,000 downloads before being removed, raising fresh concerns about how enterprises source and validate AI models from public repositories. The repository,…CSOONLINE.COM
11 MayHackers Observed Using AI to Develop Zero-Day for the First TimeGoogle Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day targeting open-source softwareINFOSECURITY-MAGAZINE.COM
11 MayHackers Use AI for Exploit Development, Attack AutomationCyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks.DARKREADING.COM
11 MayPolice take down relaunched criminal marketplace with 22,000 users, €3.6 million in revenueGerman authorities shut down a relaunched version of the criminal marketplace Crimenetwork and arrested its suspected operator. The domain seizure notice (Source: BKA) A special unit of the Spanish National Police arrested the suspected 35-year-old German operator at his residenc…HELPNETSECURITY.COM
11 Mayfsnotify Maintainer Access Change Sparks Supply Chain Security ConcernsA dispute over maintainer access in the widely used Go library fsnotify has triggered temporary supply chain concerns after contributors were removed from the project’s GitHub organization and recent releases came under scrutiny. While no evidence suggests that any version of fsn…GBHACKERS.COM
11 MayLyrie.ai Joins First Batch of Anthropic’s Cyber Verification ProgramDubai-founded OTT Cybersecurity LLC also unveils the Agent Trust Protocol (ATP), the first open cryptographic standard for AI agent identity, scope, and action verification — slated for IETF submission. OTT Cybersecurity LLC, the company behind Lyrie.ai, today announced two miles…CSOONLINE.COM
11 MayGoogle discovers weaponized zero-day exploits created with AIThe Google Threat Intelligence Group (GTIG) today released evidence of a zero-day exploit developed by a cybercriminal group with the help of AI. It marks the first time the security research group has identified what it believes to be an AI-crafted zero-day exploit in the wild. …CSOONLINE.COM
11 MayGTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial AccessExecutive Summary Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial work…CLOUD.GOOGLE.COM
11 MayGoogle spotted an AI-developed zero-day before attackers could use itResearchers found artifacts in the code that proved AI was heavily involved. A prominent cybercrime group planned to exploit the zero-day en masse for financial gain. The post Google spotted an AI-developed zero-day before attackers could use it appeared first on CyberScoop .CYBERSCOOP.COM
11 MayGoogle researchers uncover criminal zero-day exploit likely built with AIGoogle’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source web-based system administration tool. It allowed attackers to bypass two-factor authentication once they had va…HELPNETSECURITY.COM
11 MayWhy we use CAPTCHAs, (Mon, May 11th)A few months ago, I implemented Cloudflare&#;x26;#;39;s Turnstile CAPTCHA on some pages. The reason for implementing these CAPTCHAs is obvious: Bots make up a large percentage of traffic and affect site performance. ISC.SANS.EDU
11 MayAI used to develop working zero-day exploit, researchers warnA report by GTIG shows threat groups are increasingly leveraging AI to scale attacks. The exploitation attempt was disclosed and patched, preventing a mass incident.CYBERSECURITYDIVE.COM
11 MayGoogle warns artificial intelligence is accelerating cyberattacks and zero-day exploitsGoogle says hackers now use AI to create exploits, automate attacks, evade defenses, and target AI supply chains at scale. Artificial intelligence is rapidly changing the cyber threat landscape, and a new report from the Google Cloud Threat Intelligence team highlights how attack…SECURITYAFFAIRS.COM
11 May'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux DistrosThe privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.DARKREADING.COM
11 MayFinal Countdown: Last Chance to Join the Rapid7 Global Cybersecurity SummitThe Rapid7 2026 Global Cybersecurity Summit is just around the corner, and with it, a final opportunity to join the conversations shaping how security teams are adapting to a rapidly changing landscape. Over the past few weeks, we’ve shared a preview of what to expect, from the s…RAPID7.COM
11 MayHackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass ExploitationGoogle on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerabi…THEHACKERNEWS.COM
11 MayIAM for MSSPs: The Hidden Risk of Blind Trust - Dustin Sachs - CSP #224Identity and access management is often sold as a technical problem, but real-world deployments tell a different story. For MSSPs managing access across multiple client environments, IAM becomes a test of trust, accountability, decision fatigue, and human behavior. In this episod…YOUTUBE.COM
11 MayRed Hat extends open source technology into spaceRed Hat and Voyager Technologies announced the successful deployment of Red Hat Enterprise Linux 10.1 and Red Hat Universal Base Image (UBI) to Voyager’s LEOcloud Space Edge IaaS Micro Datacenter aboard the International Space Station (ISS). This collaboration extends a container…HELPNETSECURITY.COM
11 MayIdentity security firm SailPoint discloses GitHub repository breachSailPoint disclosed a GitHub repository breach on April 20. The company contained the incident and said no customer data was affected. SailPoint is a cybersecurity company that provides identity security and identity governance solutions for enterprises. Its products help organiz…SECURITYAFFAIRS.COM
11 MayFCC Robocall Crackdown Raises Privacy Concerns Over Mandatory ID ChecksThe FCC’s proposed robocall crackdown could force carriers to verify customer identities, raising privacy concerns over anonymous phone use. The post FCC Robocall Crackdown Raises Privacy Concerns Over Mandatory ID Checks appeared first on TechRepublic .TECHREPUBLIC.COM
11 MayAI Isn’t Replacing CybersecurityThe speakers argue that AI in cybersecurity functions primarily as a force multiplier rather than a replacement. Experienced professionals can significantly increase their effectiveness using AI tools, but the technology is not yet replacing core human expertise. While AI has bee…YOUTUBE.COM
11 MayCalifornia hits GM with record $12.75M fine for selling driver location dataCalifornia Attorney General Rob Bonta and a coalition of state prosecutors have secured a $12.75 million settlement with General Motors over the automaker’s collection and sale of drivers’ location and behavior data. This marks the largest California Consumer Privacy Act (CCPA) p…CYBERINSIDER.COM
11 MayGoogle says cybercriminals used AI to develop zero-day exploitGoogle Threat Intelligence Group (GTIG) says it has identified what it believes is the first known case of cybercriminals using artificial intelligence to help develop a zero-day exploit intended for mass exploitation. According to Google, the exploit targeted a popular open-sour…CYBERINSIDER.COM
11 MayForeign routers get a longer lifeline.The FCC eases restrictions on foreign-made routers. Shiny Hunters hit Canvas and Zara. SailPoint discloses unauthorized access to its GitHub repositories. TrickMo Android banking malware has more tricks up its sleeve. Polish officials warn of increased targeting of ICS and public…THECYBERWIRE.COM
11 MayInside AD CS Escalation: Unpacking Advanced Misuse Techniques and ToolsUnit 42 analyzes AD CS exploitation through template misconfigurations and shadow credential misuse while offering behavioral detection for defenders. The post Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
📋 SECURITY BULLETINS 2[−]
11 MayUS: FCC Relaxes Foreign-Made Router Ban to Allow for Security UpdatesThe same extension applies to security updates shipped to US-based users of foreign-made dronesINFOSECURITY-MAGAZINE.COM
11 MayFCC pushes ban on security updates for foreign-made routers, drones to 2029The router deadline, originally slated for March 1, 2027, has been pushed back to at least January 1, 2029, according to the announcement from the FCC’s Office of Engineering and Technology (OET).THERECORD.MEDIA
📢 SECURITY ADVISORIES 4[−]
11 MayPolice Shut Relaunched Crimenetwork Dark Web MarketplaceSpanish police have arrested the suspected administrator of German dark web marketplace CrimenetworkINFOSECURITY-MAGAZINE.COM
11 MayDirty Frag: Linux kernel hit by second major security flaw in two weeksThe issue was found in the same area of the Linux kernel that produced last month’s Copy Fail bug, and also allows anyone with a basic account on an affected computer to seize full administrative control.THERECORD.MEDIA
11 MayAlation AI Governance creates a system of record for AI oversightAlation has introduced Alation AI Governance, a new offering that gives enterprises the system of record they are missing for AI compliance. Enterprises are deploying AI models, agents, and tools faster than they can govern them. As a result, when a board or regulator asks about …HELPNETSECURITY.COM
11 MayWhen Ransomware Negotiators Flip SidesA ransomware negotiator pleaded guilty to conspiracy involving ransomware deployment and extortion against U.S. victims. The speaker also notes this is reportedly the third case involving someone connected to ransomware negotiations. Ransomware negotiators often sit in a uniquely…YOUTUBE.COM
🔥 INCIDENT REPORTING 12[−]
11 MayWelcoming the Costa Rican Government to Have I Been PwnedPresently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Today, we welcome the 42nd government onboarded to Have I Been Pwned’s free gov service: Costa Rica. The CSIRT of the Government…TROYHUNT.COM
11 MayWeaponized JPEG file Drops Trojanized ScreenConnect MalwareHackers are abusing a weaponized JPEG file to quietly install a trojanized version of the ConnectWise ScreenConnect remote‑access tool on Windows systems, enabling full surveillance, credential theft, and long‑term control over compromised networks. The campaign shows how a simpl…GBHACKERS.COM
11 MayZara Data Breach Impacts Nearly 200,000 CustomersShinyHunters gets away with emails and other data on 200,000 Zara customersINFOSECURITY-MAGAZINE.COM
11 MayThe State of Ransomware – Q1 2026Key Findings Ransomware in Q1 2026: Consolidation at Scale During the first quarter of 2026, we monitored more than 70 active data leak sites (DLS) that collectively listed 2,122 new victims. This figure represents a 12.2% decline from the Q4 2025 all-time record of 2,416 victims…RESEARCH.CHECKPOINT.COM
11 MayShinyHunters Escalates Canvas Extortion with School by School Ransom CampaignShinyHunters has escalated its Canvas extortion campaign, defacing hundreds of school login pages and threatening to leak stolen data unless institutions negotiateINFOSECURITY-MAGAZINE.COM
11 MayUK water company allowed hackers to lurk undetected for nearly two years, regulator findsThe Information Commissioner's Office (ICO) fined South Staffordshire Water £963,900 ($1.3 million) on Monday over an attack by the Cl0p ransomware group that led to the personal data of 633,887 customers and employees being published in August 2022.THERECORD.MEDIA
11 May11th May – Threat Intelligence ReportFor the latest discoveries in cyber research for the week of 11th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Instructure, the US education technology company behind the Canvas learning platform, has confirmed a major data breach affecting its …RESEARCH.CHECKPOINT.COM
11 MayCyber Espionage Group Targets Aviation Firms to Steal Map DataThe campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view.DARKREADING.COM
11 MayA 2nd Canvas data breach causes major disruptions for schools, collegesThe Instructure-owned learning management system went offline on May 7 after a threat actor once again gained unauthorized access.CYBERSECURITYDIVE.COM
11 MayPoor security left hackers inside water company network for nearly two yearsThe UK’s data protection regulator, the Information Commissioner’s Office (ICO), fined South Staffordshire Water’s parent company £963,900 over security failures linked to a cyberattack that exposed the personal data of 633,887 people. According to the ICO, the South Staffordshir…HELPNETSECURITY.COM
11 MayZimperium Mobile App Response Agent helps security teams counter mobile attacksZimperium launched Mobile App Response Agent, enabling security teams to respond faster than ever before to fraud and security threats. Leveraging Zimperium’s expertise in mobile security, Mobile App Response Agent is part of Zimperium’s Mobile App Protection Suite (MAPS), empowe…HELPNETSECURITY.COM
11 MayWelcoming the Bangladesh Government to Have I Been PwnedPresently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Today, we welcome the 43rd government onboarded to Have I Been Pwned's free gov service, Bangladesh. The BGD e-GOV CIRT department…TROYHUNT.COM
🕵️ THREAT INTELLIGENCE 30[−]
11 MayISC Stormcast For Monday, May 11th, 2026 https://isc.sans.edu/podcastdetail/9926, (Mon, May 11th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
11 MayTop 10 Best Secure Code Review Services For Developers in 2026In the rapidly evolving landscape of software development, where speed and agility often take precedence, the imperative for robust security cannot be overstated. With cyber threats becoming increasingly sophisticated and the attack surface expanding due to complex architectures …GBHACKERS.COM
11 MayTop 10 Best DevSecOps Companies For Secure SDLC 2026In the fast-paced world of software development, where agility and speed are paramount, security often struggles to keep pace. The traditional “bolt-on” security approach, where security checks are performed at the end of the Software Development Life Cycle (SDLC), is…GBHACKERS.COM
11 MayCheckmarx Jenkins Plugin Backdoored in New TeamPCP Supply Chain AttackCheckmarx Jenkins Plugin Backdoored in New TeamPCP Supply Chain Attack It hasn’t been long since TeamPCP made headlines for compromising Checkmarx’s GitHub Actions and OpenVSX extensions as part of a sprawling supply chain campaign. Now the same threat actor is back; and this tim…SOCRADAR.IO
11 MayOpenClaw Malware Targets Crypto Wallets and Bitwarden CredentialsOpenClaw users are being targeted in a fresh malware campaign that abuses a fake installer to steal credentials from popular crypto wallets and password managers, including MetaMask, Phantom, and Bitwarden. The archive contains a 130MB Rust executable padded with fake documentati…GBHACKERS.COM
11 MayThe missing cybersecurity leader in small businessAs AI and quantum threats target the backbone of the American economy, Washington must provide the guidance and incentives necessary for SMBs to access executive-level cyber expertise. The post The missing cybersecurity leader in small business appeared first on CyberScoop .CYBERSCOOP.COM
11 MayFake Claude Campaign Uses PlugX-Style DLL Sideloading ChainHackers are abusing a fake Claude AI download site to deliver a PlugX‑style DLL sideloading chain that ultimately deploys a new Windows backdoor dubbed “Beagle.” The campaign blends malvertising, a trojanized installer, and signed security software components to achieve stealthy …GBHACKERS.COM
11 MayTrending Hugging Face Repo With 200K Downloads Spreads Windows MalwareA malicious Hugging Face repository, Open-OSS/privacy-filter, that abused the platform’s trust and trending algorithm to deliver a sophisticated Rust-based infostealer to Windows users. The project briefly reached the #1 trending position with roughly 244,000 downloads and hundre…GBHACKERS.COM
11 MaySandboxie Escape Flaw Could Let Attackers Gain SYSTEM-Level PrivilegesSecurity researchers have exposed critical sandbox escape vulnerabilities in Sandboxie and Sandboxie-Plus that allow attackers to gain full SYSTEM-level privileges. We strongly urge users to update to version 1.17.5, which was recently patched, to mitigate these severe execution …GBHACKERS.COM
11 MayInstagram messaging encryption removed, and privacy advocates are pushing backAfter introducing optional end-to-end encrypted messaging in 2023, Instagram announced in March 2026 that encryption for direct messages would be discontinued, and the feature was removed on May 8. The change allows Instagram to access direct message content, including images, vi…HELPNETSECURITY.COM
11 MayThe questionnaire-based TPRM model is broken, and TrustCloud has a fixTrustCloud announced a new version of TrustLens, its third party risk management (TPRM) solution. The new TrustLens agentic AI capabilities focus on delivering four requirements every CISO wants in their TPRM program: speed, accuracy, coverage, and proactive risk mitigation. In t…HELPNETSECURITY.COM
11 MayLLMs and Text-in-Text SteganographyTurns out that LLMs are really good at hiding text messages in other text messages.SCHNEIER.COM
11 MayNew cybersecurity industry alliance aims to lead US critical infrastructure protectionThe new Alliance for Critical Infrastructure’s biggest goal: changing how the U.S. plans for a major cybersecurity crisis.CYBERSECURITYDIVE.COM
11 MayPython Infostealer Hides in GitHub Releases to Bypass DetectionA stealthy Python-based infostealer campaign that abuses GitHub Releases to host payloads and maintain long-term, low‑visibility access to victim systems. The operation, dubbed “Operation HumanitarianBait” in some reporting, appears designed for cyberespionage against Russian‑spe…GBHACKERS.COM
11 MaySailPoint Agentic Fabric expands identity governance to autonomous AI agentsSailPoint has introduced SailPoint Agentic Fabric, a new platform designed to help enterprises secure AI agents and other non-human identities at scale. As organizations deploy autonomous AI agents across cloud environments, applications, and endpoints, they face a growing govern…HELPNETSECURITY.COM
11 MayGoogle’s new reCAPTCHA system restricts access to the open webGoogle’s latest reCAPTCHA changes are drawing backlash from privacy advocates and developers of alternative mobile operating systems, who argue the system effectively locks users out of websites unless they use Google-approved devices and software. The controversy centers on Goog…CYBERINSIDER.COM
11 MayLyrie.ai Joins First Batch of Anthropic’s Cyber Verification ProgramDubai, UAE, May 11th, 2026, CyberNewswire Dubai-founded OTT Cybersecurity LLC also unveils the Agent Trust Protocol (ATP), the first open cryptographic standard for AI agent identity, scope, and action verification — slated for IETF submission. OTT Cybersecurity LLC, the company …GBHACKERS.COM
11 MayApple, Intel Reportedly Near Chip Deal That Could Reduce TSMC RelianceApple and Intel reportedly reached an early chip manufacturing agreement that could reduce Apple’s TSMC reliance and boost Intel’s foundry ambitions. The post Apple, Intel Reportedly Near Chip Deal That Could Reduce TSMC Reliance appeared first on TechRepublic .TECHREPUBLIC.COM
11 MayMicrosoft’s Voluntary Retirement Offer: New Details Reveal Who QualifiesMicrosoft is offering longtime US employees severance, healthcare, and stock vesting through its first voluntary retirement program. The post Microsoft’s Voluntary Retirement Offer: New Details Reveal Who Qualifies appeared first on TechRepublic .TECHREPUBLIC.COM
11 MayYour Team of 10 Gets This AI Project Management Platform for Just $99Lyra combines issue tracking, sprints, Kanban, Gantt charts, and AI assistance for teams of up to 10 users. The post Your Team of 10 Gets This AI Project Management Platform for Just $99 appeared first on TechRepublic .TECHREPUBLIC.COM
11 MaySS&C Intralinks FundCentre AI vs. Juniper Square: Which platform better supports modern private markets fund managers?As private markets firms expand beyond single-asset strategies, platform limitations become more visible. FundCentre AI and Juniper Square take different approaches to scale, reporting, and operational efficiency. The post SS&C Intralinks FundCentre AI vs. Juniper Square: Wh…TECHREPUBLIC.COM
11 MaymacOS 27 May Get a New Look: Here’s What Apple Could ChangeApple’s reported macOS 27 redesign may reveal how far the company is willing to adjust Liquid Glass after Tahoe’s rocky debut. The post macOS 27 May Get a New Look: Here’s What Apple Could Change appeared first on TechRepublic .TECHREPUBLIC.COM
11 MayEntries now open for the 2026 CSO30 Australia AwardsNominations are now open for the 2026 CSO30 Australia Awards , celebrating the country’s most effective and influential cybersecurity leaders. The CSO30 Awards will once again be held alongside the CIO50 Award s, bringing together Australia’s leading technology and security execu…CSOONLINE.COM
11 MayNews Alert: Lyrie.ai joins Anthropic verification program, unveils protocol for securing AI agentsDUBAI, United Arab Emirates, May 11, 2026, CyberNewswire—Dubai-founded OTT Cybersecurity LLC today announced acceptance into Anthropic’s Cyber Verification Program and unveiled the Agent Trust Protocol (ATP), an open cryptographic standard for AI agent identity, scope and action …LASTWATCHDOG.COM
11 MayTikTok Launches £3.99 Ad-Free Plan for UK UsersTikTok is rolling out a £3.99 ad-free subscription in the UK, giving adults a paid option while keeping its free ad-supported feed in place. The post TikTok Launches £3.99 Ad-Free Plan for UK Users appeared first on TechRepublic .TECHREPUBLIC.COM
11 MayMac Users Warned Over Fake Claude Install InstructionsHackers are using Google Ads and Claude shared chats to target Mac users with fake setup instructions that can install malware. The post Mac Users Warned Over Fake Claude Install Instructions appeared first on TechRepublic .TECHREPUBLIC.COM
11 May1.8 Billion Gmail Users May Want to Check This AI Privacy SettingGoogle’s new Gmail AI personalization features are raising privacy concerns. Here’s what users should know and how to review smart settings. The post 1.8 Billion Gmail Users May Want to Check This AI Privacy Setting appeared first on TechRepublic .TECHREPUBLIC.COM
11 MayFCC moves to impose “Know Your Customer” rules for VoIP providersThe Federal Communications Commission (FCC) has proposed stricter “Know Your Customer” (KYC) requirements for voice service providers as part of a broader effort to stop illegal robocalls before they enter US telecommunications networks. The proposal would require providers to pe…CYBERINSIDER.COM
11 MayiOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android usersApple is bringing long-awaited end-to-end encryption to Rich Communication Services (RCS) messaging between iPhone and Android users in iOS 26.5. The feature is launching in beta for iPhone users running iOS 26.5 on supported carriers and Android users using the latest version of…HELPNETSECURITY.COM
11 MayPressure mounts on Canvas as data leak extortion deadline loomsAttackers affiliated with The Com are threatening to leak data from more than 8,800 school systems if Instructure doesn’t pay a ransom. The post Pressure mounts on Canvas as data leak extortion deadline looms appeared first on CyberScoop .CYBERSCOOP.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
11 MayA week in security (May 4 – May 10)A list of topics we covered in the week of May 4 to May 10 of 2026MALWAREBYTES.COM
11 May⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and MoreRough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago — the same old holes, same lazy access paths, same “how the hell is this still op…THEHACKERNEWS.COM
11 MayTrickMo Variant Routes Android Trojan Traffic Through TONThreatFabric finds new TrickMo Android banking trojan variant routing C2 through The Open NetworkINFOSECURITY-MAGAZINE.COM
11 MayFCC eases restrictions on foreign-made routers.Police shutter German-language criminal marketplace. TrickMo Android malware uses TON blockchain for stealthy communications.THECYBERWIRE.COM
📡 INFOSEC NEWS 12[−]
11 MayInstagram removed end-to-end encryption for DMs. What should users do?Instagram removes direct messages (DM) end-to-end encryption May 8, 2026, letting Meta access chats. Users should download backups amid privacy concerns and U.S. law pressure. Starting May 8, 2026, Instagram users who previously enabled end-to-end encryption in direct messages wi…SECURITYAFFAIRS.COM
11 MayFake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K DownloadsA malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users. The project, named Open-OSS/privacy-filter, masqueraded as its legit…THEHACKERNEWS.COM
11 MayIdentity is the new perimeter as rapid NHI proliferation threatens visibility and controlNHIs are linked to diverse assets across the enterprise technology ecosystem, creating a highly fragmented architecture and making it challenging for security teams to maintain visibility and control.CYBERSECURITYDIVE.COM
11 MayCrimenetwork returns after takedown, dismantled again by German authoritiesGerman police shut down a revived Crimenetwork marketplace with 22,000 users and 100+ sellers months after the original takedown. German police dismantled a resurrected version of the German-language cybercrime marketplace Crimenetwork, just months after the original platform was…SECURITYAFFAIRS.COM
11 MayYarbo responds to robot flaws that could mow down their ownersA researcher found a host of vulnerabilities in Yarbo garden robots that could expose Wi-Fi passwords, hijack cameras, and run over their owners on command.MALWAREBYTES.COM
11 MayFake Claude Code Page Pushes PowerShell Stealer at DevsOntinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome's IElevator2INFOSECURITY-MAGAZINE.COM
11 MayRushed Patches Follow Broken Embargo on New Linux Kernel VulnerabilitiesTwo new high-severity vulnerabilities, dubbed ’Dirty Frag’ when chained, have been found in the Linux kernel, affecting most Linux distributionsINFOSECURITY-MAGAZINE.COM
11 MayComplimentary virtual training: Get hands-on with AWS Security ServicesIf you’re looking to strengthen your organization’s security posture on Amazon Web Services (AWS) but aren’t sure where to start, then we’re here to help. Security Activation Days are complimentary, virtual, hands-on workshops designed to help you get practical experience with AW…AWS.AMAZON.COM
11 MayTexas sues Netflix over alleged data practices that create ‘surveillance machinery’ without user consentIn addition to fines, Texas is asking a judge to prevent Netflix from illegally collecting and sharing user data and to mandate that the company no longer use autoplay by default on kids’ profiles.THERECORD.MEDIA
11 MayApple Patches Everything, (Mon, May 11th)Apple today released its typical feature update across it&#;x26;#;39;s operating systems (iOS, iPadOS, macOS, tvOS, watchOS, vision OS). With this update, Apple patched 84 different vulnerabilities. Updates are available for the "26" series of operatin…ISC.SANS.EDU
11 MayFCC Softens Ban on Foreign-Made RoutersThe Federal Communications Commission eased some restrictions and pushed back deadlines for foreign router manufacturers, but the ban is still in place.DARKREADING.COM
11 MayTech Can't Stop These Threats — Your People CanSecurity controls can do only so much. Here are four attacks where your employees are usually your first, and only, line of cyber defense.DARKREADING.COM