96Articles
9Categories
2026-05-26Date
🚨 CISA KEV 1[−]
26 May KEVVulnerabilities have become cyber attackers’ No. 1 door to the enterprisePatching practices are coming under intense pressure of late, as time-to-exploit windows accelerate — a new reality likely to worsen as AI assistance in attack chains rises. Now cyber defenders have another cause for flaw alarm: Vulnerability exploitation has significantly pulled…CSOONLINE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
26 MayKnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt StrikeA now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon. The vulnera…THEHACKERNEWS.COM
26 MayCVE-2025-3198 GNU Binutils objdump bucomm.c display_info memory leakInformation published.MSRC.MICROSOFT.COM
26 MayHigh-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)Microsoft has released patches for a high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint that may be exploited in low-complexity attacks. It affects the SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2…HELPNETSECURITY.COM
26 MayMicrosoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server VersionsMicrosoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met. The vulnerability, tracked as CVE-2026-45659, carries a CVSS score of 8.8. I…THEHACKERNEWS.COM
26 May KEVActively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)A relative directory path traversal vulnerability (CVE-2026-34926) in Trend Micro’s Apex One platform has been exploited in zero-day attacks, the company confirmed. “TrendAI has observed at least one attempt to exploit this vulnerability in the wild,” Trend Micr…HELPNETSECURITY.COM
26 MayCVE-2026-45495 Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityCWE added. Informational change only.MSRC.MICROSOFT.COM
26 MayCVE-2026-45498 Microsoft Defender Denial of Service VulnerabilityCWE added. Informational change only.MSRC.MICROSOFT.COM
26 MayCVE-2026-41091 Microsoft Defender Elevation of Privilege VulnerabilityIn the Security Updates table, added links to the Release Notes. This is an informational change only.MSRC.MICROSOFT.COM
26 MayCVE-2026-45584 Microsoft Defender Remote Code Execution VulnerabilityIn the Security Updates table, added links to the Release Notes. This is an informational change only.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 35[−]
26 MayProject Glasswing has uncovered 10,000 vulnerabilities: AnthropicAnthropic says it and upwards of 50 partners involved in Project Glasswing have uncovered an estimated 10,000 critical or high-severity vulnerabilities in their software offerings. The company launched the cybersecurity initiative, which is built around Claude Mythos Preview , in…CSOONLINE.COM
26 MaySecurity experts caution MFA alone can no longer stop threat actorsCybersecurity experts are warning enterprise admins about an increasing number of phishing campaigns aimed at stealing Microsoft 365 (M365) access tokens to bypass multifactor authentication login protection. Phishing kits aimed at capturing M365 tokens aren’t new; some reports s…CSOONLINE.COM
26 MayCybersecurity jobs available right now: May 26, 2026Application Security Engineer IG Group | India | Hybrid – View job details As an Application Security Engineer, you will assess the security of web, mobile, and cloud applications through penetration testing, secure code reviews, threat modeling, and architecture …HELPNETSECURITY.COM
26 May KEVCISA orders feds to patch actively exploited Drupal vulnerabilityCISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. [...]BLEEPINGCOMPUTER.COM
26 MayCERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted AttacksThe Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential threats stemming from th…THEHACKERNEWS.COM
26 MayStop treating AI governance as a review layer. Make it release infrastructureI’ve spent years building compliance into security products. FedRAMP and Department of War Impact Level authorizations, vulnerability management pipelines: They all follow the same pattern. Build the product, then prove it meets requirements. The compliance layer sits outside the…CSOONLINE.COM
26 MayAppSec Conversations on Agents, LLMs, and OWASP from RSAC - ASW #384We showcase recordings from this year's RSAC. At RSAC Conference 2026, Scott Clinton, Co-Chair and co-founder of the OWASP GenAI Security Project, shares insights from the project’s latest research, including new landscape guides and evolving approaches to securing generative and…YOUTUBE.COM
26 MayUS Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred GrowsAs Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the feds are raising the alarm about a new category of threat, documents obtained by WIRED show.WIRED.COM
26 MayWhat happens when security teams inherit identityAt the Span Cyber Security Arena conference, I sat down with Eric Woodruff, Chief Identity Architect at Semperis, to talk about how organizations perceive identity and the challenges those perceptions create for security. He shared his perspective on where organizations struggle …HELPNETSECURITY.COM
26 MayIndia's CERT-In Sets 12-Hour Patch Deadline for Exposed FlawsCERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelinesINFOSECURITY-MAGAZINE.COM
26 MayAI Threat Landscape Digest March-April 2026Executive Summary During the March–April 2026 reporting period, AI use in offensive operations advanced from development and planning to real-time operational deployment. Multiple independent cases, involving individual criminal actors, mass exploitation platforms, ransomware gro…RESEARCH.CHECKPOINT.COM
26 MayOpen Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker ImagesDockSec, an OWASP incubator project, correlates findings from multiple container security scanners and uses AI to generate plain-English remediation guidance and exact Dockerfile fixes. The post Open Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker Images appea…SECURITYWEEK.COM
26 MayMFA Prompt Bombing: Why Your Second Factor Isn't Saving YouMulti-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credentials, they couldn't log in without the second factor. While that logic was sound, attackers have now figured out that they …THEHACKERNEWS.COM
26 MayTrapDoor malware campaign puts developer workstations in CISO spotlightA malicious package campaign across npm, PyPI, and Crates.io has put developer workstations back under scrutiny, after researchers said it targeted developer workflows and AI coding assistant files. Researchers at Socket said the campaign, which they are tracking as TrapDoor, “sp…CSOONLINE.COM
26 MayHackers Exploited KnowledgeDeliver Zero-Day for Web Shell DeploymentHardcoded machineKey values in a configuration file enabled ViewState deserialization attacks leading to remote code execution. The post Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment appeared first on SecurityWeek .SECURITYWEEK.COM
26 MayTamnoon introduces skill-based AI orchestration for autonomous cloud defenseTamnoon has expanded its AI engine, Tami, into a skill-based orchestrator that generates customer-specific remediation skills tailored to each enterprise environment. Trained on more than 6 million real cloud fixes across 800+ accounts, Tami coordinates specialized AI skills to s…HELPNETSECURITY.COM
26 MayFake software on GitHub and SourceForge distribute Deno RATWe found fake installers and plugins for ChatGPT, Claude, AutoTune, and other popular software that can give attackers full control over your device.MALWAREBYTES.COM
26 MayHow Security Leaders Cut Through Complexity to Drive Better OutcomesSecurity leaders are operating in an environment that is only getting more complex. Expanding attack surfaces, rapid AI adoption, growing toolsets, and increasing pressure to respond faster have made it harder to maintain a clear view of risk and priorities. At the Rapid7 Global …RAPID7.COM
26 MayGitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 reposA large-scale automated GitHub backdooring campaign was caught pushing thousands of malicious commits into public repositories while posing as routine CI/CD upkeep. Researchers at SafeDep observed the campaign, Megalodon, touching more than five thousand repositories over a six-h…CSOONLINE.COM
26 MayEXPOSURE 2026 prepares cybersecurity professionals for the AI eraCybersecurity leaders and practitioners brought their burning AI cybersecurity questions to EXPOSURE 2026. They left with clear answers and a blueprint for building an exposure management program. Get a recap and see highlights from the event in words and pictures.  Key take…TENABLE.COM
26 MayChinese Threat Actors Ditch Static Phishing Pages for Live Credential InterceptionAlmost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators deliberately avoid domestic targetsINFOSECURITY-MAGAZINE.COM
26 MayAnthropic: Claude Mythos identified 10,000+ software flawsAnthropic and its Project Glasswing partners have identified more than 10,000 high- or critical-severity vulnerabilities in critical software systems, the company announced in an update on the project’s progress. Mythos identifies thousands of high-severity vulnerabilities …HELPNETSECURITY.COM
26 MayChinese phishing gangs grow into a force to be reckoned withChinese-language phishing-as-a-service (PhaaS) communities are expanding in an area historically dominated by Russian-speaking cybercriminal groups. The Google Threat Intelligence Group (GTIG) analyzed a dozen active PhaaS offerings operating in Chinese-language underground commu…HELPNETSECURITY.COM
26 MayDetectify brings AppSec automation to AI agents with MCP Server and continuous testingDetectify has unveiled the Detectify MCP (Model Context Protocol) Server, a new integration layer that brings Detectify’s security testing engines directly into AI-driven development workflows, helping coding agents find and validate exploitable vulnerabilities and interpret atta…HELPNETSECURITY.COM
26 May7-Eleven data breach exposes personal information of 185,000 applicantsConvenience store giant 7-Eleven is notifying more than 185,000 individuals that their personal information was exposed in a cybersecurity incident linked to the ShinyHunters extortion group. The company disclosed the breach in filings with multiple US state attorneys general, st…CYBERINSIDER.COM
26 MayNew phishing kit targets Microsoft 365 accounts.Anthropic says Mythos has found over 23,000 flaws in open-source software. Dutch police arrest two alleged bulletproof hosting admins.THECYBERWIRE.COM
26 MayWell-architected best practices for software supply chain securityThere have been multiple notable supply chain attacks using the npm Registry since September: Shai-Hulud, Chalk/Debug, one abusing tea.xyz tokens, and recently axios. Thanks to community efforts involving the Amazon Inspector team, the Open Source Security Foundation, and others,…AWS.AMAZON.COM
26 MayWelcoming the AWS Customer Incident Response TeamMay 26, 2026: This post was originally published in July 2022. It has been updated to reflect current engagement options, new threat intelligence resources such as the Threat Technique Catalog for AWS (TTC), additional open-source tools, and the distinction between AWS CIRT suppo…AWS.AMAZON.COM
26 MayApple open-sources quantum-resistant encryption codeThe release includes implementations of two quantum-secure algorithms and demonstrates how formal verification caught bugs that traditional testing would have missed. The post Apple open-sources quantum-resistant encryption code appeared first on CyberScoop .CYBERSCOOP.COM
26 MayThe Hackers Behind Shai-Hulud: Lucky or Skilled?TeamPCP, the hackers behind the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it's not necessarily due to skill alone.DARKREADING.COM
26 MayAttackers found a new way around MFA.The FBI warns attackers are abusing Microsoft OAuth authentication. India pushes faster patching as AI speeds up cyberattacks. Iranian hackers blend phishing with SEO poisoning. Anthropic’s AI finds thousands of open source flaws, while AI also reshapes bug bounties and fuels sup…THECYBERWIRE.COM
26 MayFake GTA 6 pre-orders and beta scams spread malware ahead of game launchCybercriminals are exploiting excitement around Grand Theft Auto 6 to spread malware, phishing pages, and fake pre-order scams ahead of the game’s official release, according to new research from NordVPN. Researchers at NordVPN’s Threat Protection team said they identified dozens…CYBERINSIDER.COM
26 MayKnowledgeDeliver flaw exploited as a zero-day to install web shellsHackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. [...]BLEEPINGCOMPUTER.COM
26 MayAI Isn’t Creating Better HackersAaran describes a wartime-style cyber environment where experienced developers and reviewers may be unavailable, overwhelmed, or gone entirely. In that situation, junior operators end up shipping malware and attack variants rapidly using public resources, copied code, and LLM ass…YOUTUBE.COM
26 MayAmeriprise - 502,597 breached accountsIn March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign . The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environment and internal SharePo…HAVEIBEENPWNED.COM
📋 SECURITY BULLETINS 1[−]
26 MayMicrosoft: Domain Controller lookup may fail on Windows Server 2016Microsoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail after installing the KB5087537 May 2026 security update. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 3[−]
26 MayHow Varonis Atlas integrates Claude Compliance API for AI governanceAI governance requires visibility into how AI tools interact with enterprise data. Varonis explains how its Atlas platform uses Claude Compliance API data to help monitor usage, investigate risk, and support compliance. [...]BLEEPINGCOMPUTER.COM
26 MayFBI warns of Kali365 phishing kit targeting Microsoft 365 accountsThe FBI has issued a warning about a phishing-as-a-service (PhaaS) platform known as “Kali365” that is being used to compromise Microsoft 365 accounts through sophisticated phishing and adversary-in-the-middle (AiTM) attacks. According to a public advisory published by the FBI’s …CYBERINSIDER.COM
26 MayWhite House charts new course for federal agencies and cybersecurity loggingA Trump administration memo published last week replaces one from its predecessor, with at least one analyst fearful of potential harmful results. The post White House charts new course for federal agencies and cybersecurity logging appeared first on CyberScoop .CYBERSCOOP.COM
🔥 INCIDENT REPORTING 12[−]
26 MayProduct showcase: F-Secure Internet Security blocks phishing sites, fake stores, and SMS scamsF-Secure Internet Security protects against viruses, ransomware, spyware, infected email attachments, and other cyber threats. It focuses on securing devices and online activity through malware protection, scam prevention, safe browsing, and banking safeguards. The platform suppo…HELPNETSECURITY.COM
26 May7-Eleven data breach exposes personal information of 185,000 peopleThe ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach notification service Have I Been Pwned. [...]BLEEPINGCOMPUTER.COM
26 MayWatch on Demand: Threat Detection & Incident Response Summit – All Sessions AvailableRegister to enjoy free access and explore the tools, strategies, and frameworks needed to build a resilient security program for a world where every minute counts. The post Watch on Demand: Threat Detection & Incident Response Summit – All Sessions Available appeared fi…SECURITYWEEK.COM
26 May185,000 Likely Impacted by 7-Eleven Data BreachThe allegedly stolen information leaked by ShinyHunters contains email addresses, names, addresses, and dates of birth. The post 185,000 Likely Impacted by 7-Eleven Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
26 MayPersonal information of 185,000 people exposed after cyberattack on 7-ElevenData belonging to about 185,000 people was exposed following a cyberattack on convenience store chain 7-Eleven that was later claimed by the ShinyHunters extortion gang, according to Have I Been Pwned. The exposed information includes email addresses, names, physical addresses, d…HELPNETSECURITY.COM
26 MayMicrosoft Defender can now automatically isolate hacked endpointsMicrosoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart attackers' attempts to move laterally across the network. [...]BLEEPINGCOMPUTER.COM
26 MayWebinar: Too many tools are slowing network incident responseIT teams often need to jump between monitoring dashboards, infrastructure tools, ticketing systems, and communication platforms during network incidents. This webinar explores how automation and AI-assisted workflows can help reduce manual coordination and improve incident respon…BLEEPINGCOMPUTER.COM
26 May7-Eleven data breach affects over 185,000 people’s personal dataThe data breach included names, dates-of-birth, postal addresses, and Social Security numbers, according to a state government listing.TECHCRUNCH.COM
26 MayLithuania investigates theft of 600,000 state registry records by foreign actorThe Lithuanian Prosecutor General’s Office said Friday that attackers gained unauthorized access to more than 600,000 records managed by the Centre of Registers, the state agency responsible for handling property and legal entity records.THERECORD.MEDIA
26 MayIranian hackers blamed for breach of Los Angeles transit system that took weeks to recoverAn Israeli cybersecurity firm said Iran’s government is behind Ababil of Minab, a fake hacktivist persona that has claimed a series of data breaches after the start of the war in Iran.TECHCRUNCH.COM
26 MayIranian government, not hacktivist group, breached LA Metro system, security firm saysA report by Israel-based Gambit Security dismisses the hackers’ claims of being patriotic but unaffiliated activists.CYBERSECURITYDIVE.COM
26 MayCharter confirms data breach after ShinyHunters extortion threatU.S. telecommunications giant Charter Communications has confirmed it suffered a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 18[−]
26 MayISC Stormcast For Tuesday, May 26th, 2026 https://isc.sans.edu/podcastdetail/9944, (Tue, May 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 MayManage machine identities: The hidden privileged access layer you need to manageWhy are machine identities becoming the majority of “things with access”? Every automation, integration, and workload needs a way to authenticate and the right permissions to act. That quiet requirement has created a massive population of machine identities, also called non-human…HELPNETSECURITY.COM
26 MayRunning the Inverted Offensive Campaign with Adam KarcherHost Caleb Tolin sits down with Adam Karcher, FBI Supervisory Special Agent, Cyber Division, to discuss the urgent shift from reactive defense to a long-term operational campaign mindset. As threats evolve into a blended ecosystem of state and criminal actors, defenders must adap…THECYBERWIRE.COM
26 MayIranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO PoisoningThe Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the j…THEHACKERNEWS.COM
26 MayAdmins of Bulletproof Hosting Service Used by Russian Hackers Arrested in NetherlandsThe two own Dutch companies that allegedly provided bulletproof hosting services to Russia-aligned threat actors. The post Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands appeared first on SecurityWeek .SECURITYWEEK.COM
26 MayLithuania Suspects Foreign Involvement in Data Leak of Over 600,000 National Register EntriesLithuanian authorities are on high alert after a massive data leak involving more than 600,000 entries from national data registers. The post Lithuania Suspects Foreign Involvement in Data Leak of Over 600,000 National Register Entries appeared first on SecurityWeek .SECURITYWEEK.COM
26 MayAnthropic Expands Claude’s Enterprise Security Governance With 28 New IntegrationsNotable integrations include CrowdStrike, Palo Alto Networks, Microsoft, Okta, Zscaler, Netskope, Cloudflare, Fortinet, and Wiz. The post Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations appeared first on SecurityWeek .SECURITYWEEK.COM
26 MayAppOmni’s Marlin AI Brings Autonomous Investigation to SaaS SecurityMarlin AI automatically analyzes SaaS misconfigurations, investigates related activity across enterprise environments, and recommends remediation steps — while stopping short of fully autonomous corrective action. The post AppOmni’s Marlin AI Brings Autonomous Investigation to Sa…SECURITYWEEK.COM
26 MayIranian APT Targets Aviation, Software Companies With Updated ToolsNimbus Manticore has continued its operations during and after the US military campaign against Iran. The post Iranian APT Targets Aviation, Software Companies With Updated Tools appeared first on SecurityWeek .SECURITYWEEK.COM
26 MayConifers rolls out AI-powered SOC for unified security operations and automated responseConifers has announced the launch of its agentic SOC, a unified AI platform designed to help security operations centers defend against cyber adversaries operating at machine speed. Built on the company’s CognitiveSOC platform, the new system connects threat intelligence, threat …HELPNETSECURITY.COM
26 MayAI Developers Never Go HomeAI coding agents are often compared to junior developers because of similar output quality, but their behavior is fundamentally different. They operate continuously, adapt dynamically, pursue assigned goals autonomously, and may hold system access that organizations do not fully …YOUTUBE.COM
26 MayIdentifying People Using Wi-Fi RoutersNot identifying people based on their use of Wi-Fi routers, but identifying people using Wi-Fi signals . This is accomplished through what is known as WiFi sensing , or the use of WiFi signals to infer information about a physical environment. When radio signals like WiFi travel …SCHNEIER.COM
26 MayAnthropic: Mythos finds more than 10,000 software flaws in first monthEarly results show a tenfold jump in bug discovery at some partners, and a widening gap between finding flaws and fixing them. The post Anthropic: Mythos finds more than 10,000 software flaws in first month appeared first on CyberScoop .CYBERSCOOP.COM
26 MayFBI warns about PhaaS platform used to access Microsoft 365 environmentsDevice code phishing enabled hackers to bypass multifactor authentication without credentials.CYBERSECURITYDIVE.COM
26 MayMuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 CountriesThe Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of 2026. The activity targeted industrial and electronics manufacturing, education and public-sector…THEHACKERNEWS.COM
26 MayThe AI Accounts Nobody RemovesAI agents and non-human identities are increasingly being treated like employees because they also have operational lifecycles. Agents can be created quickly, assigned permissions, reorganized, and eventually become irrelevant to the business over time. The governance challenge i…YOUTUBE.COM
26 May KEVListening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland - SWN #584They're Listening, Drupal, TTE, KEV, Mythos, Megalodon, Boris and Natasha, MFA, Pope Leo, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-584YOUTUBE.COM
26 MayFrom poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilitiesMicrosoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with malicious sites also surfaced through AI chatbots. The post From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microso…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
26 MayIran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning CampaignIran's Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoningINFOSECURITY-MAGAZINE.COM
26 May700+ education and tech websites hijacked in huge ClickFix malware campaignHackers are abusing a Ghost CMS website flaw to serve fake Cloudflare verification pages that pressure users into infecting their own PCs.MALWAREBYTES.COM
26 MayFeeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub ReposIn just six hours, the campaign quietly pushed thousands of malicious commits to more than 5,500 GitHub repositories, stealing credentials, developer secrets, and more.DARKREADING.COM
📡 INFOSEC NEWS 14[−]
26 MayScammers pretending to be Microsoft had help from US executivesCourt documents reveal how tech support scammers relied on infrastructure supplied by a US business.MALWAREBYTES.COM
26 MayFrom Cartels to Terrorists, the CIA, FBI, and White House: The Vast Career of Karen SchaeferKaren Schaefer retired from the CIA in 2019, after 26 years of service. She started out in Latin America and ended with a stint at the FBI. In between, she earned numerous intelligence awards and held key positions that spanned operational, supervisory, and policy roles. Her many…THECYBERWIRE.COM
26 MayRemembering Tim Wilson, Whose Legacy Lives on at Dark ReadingThe co-founder and former editor-in-chief passed away five years ago in November. As Dark Reading enters is third decade, we pause to celebrate and honor Wilson's instrumental role in building and elevating the media site.DARKREADING.COM
26 MayNew AI DDoS Attacks Are Smarter. Learn How to Fight Back in This WebinarEvery single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Intelligence (AI) tools to make their attacks faster, stronger, and much harder to st…THEHACKERNEWS.COM
26 MayBTMOB Android RAT Spreads Through No-Code Builder ToolingBTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing luresINFOSECURITY-MAGAZINE.COM
26 MayIntelligence Insights: May 2026ClearFake is in command and ACR Stealer and GraphRunner debut in this month’s edition of Intelligence InsightsREDCANARY.COM
26 MayState of SDLC Security 2026: How Risk Scales in Modern DevelopmentInsights from real-world environments into how code, developer tooling, automation, and AI are reshaping application security.WIZ.IO
26 MayDutch government blocks US company from acquisition, citing ‘risk to public interest’The move to block the acquisition of the cloud company that hosts the Dutch digital ID service comes as Europe continues to reduce its reliance on U.S. technology.TECHCRUNCH.COM
26 MayGhost hackers: the cybersecurity mystery that nobody has solvedA shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today.TECHCRUNCH.COM
26 MayFBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts – no password requiredSo, you've enabled multi-factor authentication. You've taught your staff never to type their passwords into dodgy-looking login pages. Surely your Microsoft 365 accounts are safe now? Well, think again. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
26 MayInternet Starts to Return in Iran After 3-Month BlackoutSome internet connectivity is returning in Iran after nearly 90 days offline, web monitoring groups say. But it isn’t clear if the reconnection is permanent.WIRED.COM
26 MayMicrosoft Issues Out-of-Band SharePoint PatchSharePoint access often means access to the keys of the kingdom, something attackers and defenders understand all too well.DARKREADING.COM
26 MayUK Visa Portal spilled thousands of applicants’ passports and selfies online — and hasn’t fixed the leakThe third-party website exposed applicants' sensitive documents as part of the U.K. visa application process. Instead of fixing the issue, the company sent attorneys.TECHCRUNCH.COM