🐛 COMMON VULNERABILITIES AND EXPOSURES 138[−]
28 MayCVE-2026-46050 md/raid10: fix deadlock with check operation and nowait requestsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46011 media: mtk-jpeg: fix use-after-free in release path due to uncancelled workInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45877 HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clientsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45917 ipvs: do not keep dest_dst if dev is going downInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45841 netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULOInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46062 ntfs3: fix integer overflow in run_unpack() volume boundary checkInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46005 xfs: fix a resource leak in xfs_alloc_buftarg()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45930 net: mctp: ensure our nlmsg responses are initialisedInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46021 thermal: core: Fix thermal zone governor cleanup issuesInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46037 ipv4: icmp: validate reply type before using icmp_pointersInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46084 RDMA/mana_ib: Disable RX steering on RSS QP destroyInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46012 rxrpc: Fix memory leaks in rxkad_verify_response()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46085 rxrpc: Fix rxkad crypto unalignment handlingInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46059 KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUNInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46004 ALSA: caiaq: Handle probe errors properlyInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45901 netfilter: nf_tables: revert commit_mutex usage in reset pathInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46080 ocfs2: split transactions in dio completion to avoid credit exhaustionInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45894 iommu/vt-d: Clear Present bit before tearing down PASID entryInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45840 openvswitch: cap upcall PID array size and pre-size vport repliesInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46054 selinux: fix overlayfs mmap() and mprotect() access checksInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45991 udf: fix partition descriptor append bookkeepingInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46027 net/smc: avoid early lgr access in smc_clc_wait_msgInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46088 ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46051 md/raid5: fix soft lockup in retry_aligned_read()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46018 ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATESInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45835 Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45834 Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45944 iommu/vt-d: Clear Present bit before tearing down context entryInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45932 bpf: Fix tcx/netkit detach permissions when prog fd isn't givenInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45836 Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45961 gfs2: fix memory leaks in gfs2_fill_super error pathInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-44844 eml_parser: Recursion DoS via nested message/rfc822 attachmentsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45839 bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45940 net: stmmac: fix oops when split header is enabledInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-44897 Mistune Heading ID Attribute Injection XSSInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45893 apparmor: Fix & Optimize table creation from possibly unaligned memoryInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45943 erofs: fix inline data read failure for ztailpacking pclustersInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46017 mm: fix deferred split queue races during migrationInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45897 netfilter: nft_counter: serialize reset with spinlockInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45997 scsi: sd: fix missing put_disk() when device_add(&disk_dev) failsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45986 crypto: ccree - fix a memory leak in cc_mac_digest()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-47104 libusb < 1.0.30 Out-of-Bounds Read in parse_iad_array()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46047 net: qrtr: ns: Fix use-after-free in driver remove()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45571 go-git: Crafted repositories may modify main and submodule .git directoriesInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45850 ipvs: skip ipv6 extension headers for csum checksInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46052 ceph: only d_add() negative dentries when they are unhashedInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46009 PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardownInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46070 md/raid5: validate payload size before accessing journal metadataInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46043 RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcvInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45994 ibmasm: fix OOB reads in command_file_write due to missing size checksInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46069 wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45859 netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentationInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46032 KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXITInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46101 netfilter: reject zero shift in nft_bitwiseInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46014 KVM: SVM: Add missing save/restore handling of LBR MSRsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45845 net/sched: taprio: fix NULL pointer dereference in class dumpInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46086 net: bridge: use a stable FDB dst snapshot in RCU readersInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46065 fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_infoInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46098 net: caif: clear client service pointer on teardownInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45861 gfs2: Fix slab-use-after-free in qd_putInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46077 crypto: atmel-tdes - fix DMA sync directionInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46063 x86/shstk: Prevent deadlock during shstk sigreturnInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46056 Bluetooth: hci_event: fix potential UAF in SSP passkey handlersInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45956 drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46068 crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctxInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45843 slip: bound decode() reads against the compressed packet lengthInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46024 libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45963 ASoC: nau8821: Cancel delayed work on component removeInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45998 rxrpc: Fix potential UAF after skb_unshare() failureInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46023 dm mirror: fix integer overflow in create_dirty_log()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45844 netfilter: arp_tables: fix IEEE1394 ARP payload parsingInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45892 ext4: drop extent cache after doing PARTIAL_VALID1 zerooutInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46022 misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46102 net: strparser: fix skb_head leak in strp_abort_strp()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46016 remoteproc: xlnx: Only access buffer information if IPI is bufferedInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46000 rxrpc: Fix conn-level packet handling to unshare RESPONSE packetsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2025-71305 drm/display/dp_mst: Add protection against 0 vcpiInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46006 drm/nouveau: fix u32 overflow in pushbuf reloc bounds checkInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46003 net: qrtr: ns: Limit the total number of nodesInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46048 ALSA: caiaq: fix usb_dev refcount leak on probe failureInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46002 ext2: reject inodes with zero i_nlink and valid mode in ext2_iget()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46078 erofs: fix the out-of-bounds nameoff handling for trailing direntsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46064 ibmasm: fix heap over-read in ibmasm_send_i2o_message()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46075 crypto: atmel-sha204a - Fix potential UAF and memory leak in remove pathInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45973 RDMA/mlx5: Fix UMR hang in LAG error state unloadInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45838 bpf: fix end-of-list detection in cgroup_storage_get_next_key()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45899 ext4: drop extent cache when splitting extent failsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46071 KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46049 ALSA: ctxfi: Add fallback to default RSR for S/PDIFInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46066 ceph: fix num_ops off-by-one when crypto allocation failsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45989 of: unittest: fix use-after-free in testdrv_probe()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45855 ata: libata-scsi: avoid Non-NCQ command starvationInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46058 media: amphion: Fix race between m2m job_abort and device_runInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46031 net: ks8851: Reinstate disabling of BHs around IRQ handlerInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45912 ext4: don't cache extent during splitting extentInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45999 erofs: fix unsigned underflow in z_erofs_lz4_handle_overlap()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-44896 Mistune: XSS via unescaped figclass/figwidth in Figure directiveInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46091 media: rc: igorplugusb: heed coherency rulesInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45958 drm/exynos: vidi: fix to avoid directly dereferencing user pointerInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45846 bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-44899 Mistune Image Directive CSS Injection VulnerabilityInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46089 zram: do not forget to endio for partial discard requestsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46033 crypto: authencesn - reject short ahash digests during instance creationInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46046 ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-23679 libusb < 1.0.30 NULL Pointer Dereference in parse_interface()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45570 go-git: Improper single-quote escaping in go-git SSH transportInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46038 net: qrtr: ns: Free the node during ctrl_cmd_bye()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46040 inotify: fix watch count leak when fsnotify_add_inode_mark_locked() failsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45988 rxrpc: Fix re-decryption of RESPONSE packetsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45942 ext4: fix e4b bitmap inconsistency reportsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46019 crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanupInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46092 wifi: rtw88: check for PCI upstream bridge existenceInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45842 slip: reject VJ receive packets on instances with no rstate arrayInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45949 hwrng: core - use RCU and work_struct to fix race conditionInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46072 ntfs3: add buffer boundary checks to run_unpack()Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46079 rbd: fix null-ptr-deref when device_add_disk() failsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46099 net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnelsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46083 spi: fix resource leaks on device setup failureInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45987 KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46015 tcp: call sk_data_ready() after listener migrationInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45858 ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45934 btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocationInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46090 ALSA: aloop: Fix peer runtime UAF during format-change stopInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46082 KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-45993 LoongArch: Add spectre boundry for syscall dispatch tableInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46026 net: qrtr: ns: Limit the maximum number of lookupsInformation published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46076 KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1Information published.MSRC.MICROSOFT.COM
28 MayCVE-2026-46094 ext4: fix bounds check in check_xattrs() to prevent out-of-bounds accessInformation published.MSRC.MICROSOFT.COM
28 MayGlassWorm falls, but the repo problem is far from solvedTaking down a sprawling malware operation once signaled progress in securing the open-source ecosystem. Now, it barely registers. The GlassWorm campaign disruption comes at a moment when attackers can quickly reconstitute, and defenders are increasingly grappling with a new chall…CSOONLINE.COM
28 MayAuthenticated RCE via Argument Injection in Gogs (NOT FIXED)Overview Rapid7 Labs discovered a critical argument injection ( CWE-88 ) vulnerability in Gogs , a popular open-source self-hosted Git service. Rapid7 Labs scores this vulnerability as CVSSv4 9.4 (Critical). The vulnerability allows any authenticated user to achieve remote code e…RAPID7.COM
28 MayVU#780781: Casdoor contains multiple authentication bypass and access management vulnerabilitiesOverview Casdoor versions 2.362.0 and earlier contain several identity and access management vulnerabilities that enable broad authentication bypass and privilege escalation. These flaws relate to Casdoor’s Security Assertion Markup Language (SAML) processing, account binding, an…KB.CERT.ORG
28 MayHackers exploit FortiClient EMS flaw to push infostealer malwareHackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 37[−]
28 MayEmployees are unknowingly inviting tech support impersonators into firms, says FBIOnline or telephone IT support scams have been tricking employees into downloading or clicking on malware for years. But according to the FBI, one group that targets US-based law firms has recently found success in person, by convincing firms to allow a supposed IT support person…CSOONLINE.COM
28 MayGraduation day griftsThis week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside …THECYBERWIRE.COM
28 MayThe bipartisan case for CISA.This week, Dave and Ben sit down to discuss a growing bipartisan effort to support CISA. Throughout the conversation, the two look at how lawmakers from both sides of the aisle are showing greater support for CISA after the Trump administration cut its budget and workforce. Both …THECYBERWIRE.COM
28 MayCompanies built AI into core systems before figuring out how to govern it70% of organizations use GenAI in live environments, and 64% have AI agents in pilot or production deployments. Some of those agents have privileged access to core systems, according to Check Point’s 2026 Cloud Security Report. Confirmed and suspected AI incidents (Source: Check …HELPNETSECURITY.COM
28 MayCanonical releases Workshop for one-command sandboxed dev environments on UbuntuCanonical released Workshop, a tool that launches sandboxed development environments on Ubuntu with a single command. Environments are configured once and reproduced on different machines, giving teams consistent setups across development workstations and deployment pipelines. A …HELPNETSECURITY.COM
28 MayHottest cybersecurity open-source tools of the month: May 2026Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. Pipelock: Open-source AI agent firewall AI coding agents run with shell access, environment …HELPNETSECURITY.COM
28 MayKemper - 269,299 breached accountsIn April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a "pay or leak" extortion campaign . The attackers allegedly accessed Kemper's Salesforce environment via social engineering as part of a broader campaign ta…HAVEIBEENPWNED.COM
28 MayKetch brings multi-agent AI orchestration to enterprise privacy programsKetch has unveiled its vision for agentic privacy with the Ketch Agent Network, a multi-agent orchestration layer for enterprise privacy programs. The platform is designed to continuously reason across legal obligations, internal policies, and operational realities within a unifi…HELPNETSECURITY.COM
28 MayWhat the industrialization of exploitation means for defendersFor decades, cybersecurity was a battle of skill. Elite attackers versus elite defenders. The rules of engagement were understood, even if the playing field wasn’t level. If you hired better analysts and bought better tools, hopefully you hardened your systems well enough and bui…CSOONLINE.COM
28 MayDownload pumping: New npm deception technique for supply chain attacksLearn how attackers exploit automated bot traffic as part of software supply chain attacks to artificially inflate download counters and mask malicious payloads as legitimate. Key takeaways Volume doesn’t equal trust. Packages with numerous versions and high download counts might…TENABLE.COM
28 MayMicrosoft’s new cloud PCs place AI agents under enterprise controlsMicrosoft’s Windows 365 for Agents, a cloud PC platform for agentic workloads, runs AI agents in secure environments. Organizations can direct agents with natural language to interact with applications, browsers, files, and enterprise systems. The platform is available in public …HELPNETSECURITY.COM
28 MayOil shipments, drone makers, and a poisoned code library targeted in recent APT campaignsGeopolitical pressure drove much of the state-sponsored cyber activity recorded between October 2025 and March 2026, according to ESET’s latest APT Activity Report. Espionage groups aligned with China, North Korea, Russia, and Iran adjusted their targets to match the econom…HELPNETSECURITY.COM
28 MayThe AI governance imperative you can’t afford to ignoreCIOs rushing to roll out AI agents without real visibility into their decision-making processes are flirting with disaster. According to AI experts, deploying agents without observability processes and tools creates a ticking time bomb with the potential for huge negative consequ…CSOONLINE.COM
28 MayDICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heapThis white paper presents a concrete case study demonstrating the creation of a heap overflow vulnerability through the exploitation of the DICOM file format.TALOSINTELLIGENCE.COM
28 MayMicrosoft Condemns "Uncoordinated" Zero Day DisclosuresMicrosoft warned the disclosure of several unpatched vulnerabilities without notice has put “customers at unnecessary risk”INFOSECURITY-MAGAZINE.COM
28 MayGitea Vulnerability Exposed 30,000 Deployments to AttacksThe security flaw allowed attackers to pull private container images, exposing source code, credentials, and infrastructure. The post Gitea Vulnerability Exposed 30,000 Deployments to Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
28 May KEVCritical FortiClient EMS Vulnerability Exploited in Fresh AttacksFortinet rolled out hotfixes for the security defect in April, warning that it had been exploited in the wild as a zero-day and urging immediate patching. The post Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
28 MayIBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell”Project Lightwell is designed to fix vulnerabilities without breaking what is already in production. The post IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell” appeared first on SecurityWeek .SECURITYWEEK.COM
28 MayQumulo NeuralProtect uses AI to detect and stop ransomware before encryptionQumulo has unveiled Qumulo NeuralProtect, a ransomware resilience solution built to protect data at the storage layer by detecting and stopping threats before data is encrypted, corrupted, or lost. Integrated directly into the Qumulo Data Platform, NeuralProtect inspects every fi…HELPNETSECURITY.COM
28 MayQevlar’s new AI agents correlate CVEs, incident data, and active exploitation signalsQevlar has announced a new set of AI agents designed to bridge the disconnect between Security Operations Centers (SOCs) and vulnerability management teams. The new capabilities help security teams correlate CVEs with live incident data for real-time risk prioritization, automati…HELPNETSECURITY.COM
28 MayMicrosoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account RemovalMicrosoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and address them before they are publicly disclosed. The developm…THEHACKERNEWS.COM
28 May KEVIndian CERT urges firms to contain exploited internet-facing flaws within 12 hoursIndia’s cybersecurity agency, CERT-In, has urged organizations to patch, mitigate, or isolate known exploited vulnerabilities affecting internet-facing “crown jewel” systems within 12 hours where feasible, warning that AI-assisted attacks are dramatically compressing the time bet…CSOONLINE.COM
28 MayCanadian man gets 33 years for using social media to coerce US children into sending sexual contentProsecutors said the man spent years using fake online identities to contact children and manipulate them into sending sexually explicit images and videos.THERECORD.MEDIA
28 MayDuckDuckGo sees 30% growth spike as Google forces AI on SearchDuckDuckGo says it experienced a significant spike in users following Google’s announcement of a sweeping AI-powered overhaul of Search at Google I/O 2026. According to figures shared by the privacy-focused search company, installs and visits increased sharply in the six days aft…CYBERINSIDER.COM
28 MayZapier exploit chain shows how known anti-patterns compose into critical riskA five-stage exploit chain disclosed by Token Security researchers turned a free Zapier account into write access on Zapier’s public developer SDK packages and on internal packages that load in every authenticated zapier.com session. Each link in the chain was a known anti-…HELPNETSECURITY.COM
28 MayNew Gogs zero-day flaw lets hackers get remote code executionAn unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. [...]BLEEPINGCOMPUTER.COM
28 MayIBM and Red Hat are betting $5 billion that open source needs a security guardIBM and Red Hat announced Project Lightwell, a $5 billion commitment backed by new frontier AI capabilities and a global force of more than 20,000 engineers to help enterprises secure open source software. Together, these investments establish a new model for enterprise use of op…HELPNETSECURITY.COM
28 MayState of Post Quantum CryptographyDiscussion of PQC relevant statistics that we see across our customers and other data sources.WIZ.IO
28 MayIBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilitiesThe tech giant’s project could make it easier for businesses to safely use open-source packages.CYBERSECURITYDIVE.COM
28 MayAttackers Move Past Typosquatting to Realistic Package ImpersonationMost malicious open source packages now mimic real code rather than rely on typosquattingINFOSECURITY-MAGAZINE.COM
28 MayThreat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential StealerThreat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver credential-stealing malware. "The campaign abused trusted endpoint management infrastructure to deliver malware across manag…THEHACKERNEWS.COM
28 MayCritical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary CodeA critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The security flaw, per Rapid7, is rated 9.4 on the CVSS scoring system. It does not h…THEHACKERNEWS.COM
28 MayDutch Raid Fails to Dent Russian Bulletproof HostDutch law enforcement seized 800 servers and arrested two operators of THE.Hosting but left the hosting provider's core IP address space intact.DARKREADING.COM
28 MayThe military wants to move at cyber speed.Cyber Command’s new chief pushes modernization as lawmakers warn commercial location data is exposing U.S. troops. A third-party UK visa site leaks passports and selfies. Microsoft slams unpatched zero-day disclosures. Researchers uncover a new macOS malware campaign targeting cr…THECYBERWIRE.COM
28 MayLinux Supply Chain How-To - PSW #928This week we have a technical segment focused on Linux! Paul released a script that helps you get a handle on Linux supply chain security, and new features allow you to assess the state of Secure Boot on your Linux systems (that also use MS certificates, ironically). The script i…YOUTUBE.COM
28 MayMITRE Couldn’t Scale Caldera AloneMITRE is transferring the Caldera cybersecurity platform to the Apache Foundation to encourage broader open source collaboration and long-term project support. Caldera is widely used for testing systems against the MITRE ATT&CK framework and simulating adversary behavior acro…YOUTUBE.COM
28 MayBreaking the Patch Sound Barrier Part 2: So Is The Apocalypse Coming and What Is It?So, you read my previous blog post about breaking the patch sound barrier , but it left you wanting more? Well, this is that “more.” Gemini blog illustration / steampunk vuln apoc Here are three useful ideas to advance the conversation. 1. Defining the “Vulnerability Apocalypse” …MEDIUM.COM
📢 SECURITY ADVISORIES 4[−]
28 MaySextortionist sentenced to 33 years for targeting 145 childrenA Canadian man was sentenced to 33 years in prison after pleading guilty to targeting more than 145 children across the United States, some as young as 6 years old, in an eight-year-long sextortion scheme. [...]BLEEPINGCOMPUTER.COM
28 MayExperts on Experts: Why Compliance is becoming ContinuousThis week on Experts on Experts, I’m joined by Sergio Alonso – Rapid7’s Director of Trust, Risk, and Compliance – to talk about how compliance is changing and why many security teams are rethinking the way they approach readiness, reporting, and operational risk. One of the bigge…RAPID7.COM
28 MayNew Cyber Command chief commissions MITRE to review modernization efforts.CISA orders US agencies to patch maximum-severity cPanel flaw by tomorrow. Carnival confirms breach affecting just under six million people.THECYBERWIRE.COM
28 MaySimplifying policy management with URL and Domain Category filtering on AWS Network FirewallNetwork administrators face a persistent challenge: maintaining domain blocklists and allowlists that keep pace with the internet. New websites and services emerge daily, and keeping these lists current requires constant manual updates that leave gaps in coverage. This challenge …AWS.AMAZON.COM
🔥 INCIDENT REPORTING 21[−]
28 MayThe CISO selling confidence in a market full of breach headlinesEngineering teams across enterprise IT are writing their own software with AI coding assistants, spinning up agents that act on their behalf, and assigning those agents the same access privileges their human creators hold. The shift has pulled the role of the chief information se…HELPNETSECURITY.COM
28 MayNordic CISOs Handle Rising Cyber Threats Remarkably WellArtificial intelligence notwithstanding, the vast majority of CISOs in northern Europe say they're facing no more serious cyberattacks than they did two years ago.DARKREADING.COM
28 MayXM Cyber enhances identity risk visibility with continuous exposure management capabilitiesXM Cyber has announced platform enhancements aimed at helping organizations reduce identity risk, compounded by AI-enabled attackers. According to Gartner, “By 2028, 70% of CISOs will use identity visibility and intelligence capabilities to shrink the IAM attack surface, reducing…HELPNETSECURITY.COM
28 MayPolice arrest suspect in Ajax football club hack that exposed 300,000 fan recordsThe Dutch National Police arrested a man suspected of hacking into the computer systems of AFC Ajax, a football club from Amsterdam. “On the morning of Tuesday, May 26, detectives arrested a 35-year-old man from the municipality of Buren for computer intrusion at the Amsterdam fo…HELPNETSECURITY.COM
28 MayGoogle Unveils AI Threat Defense Platform to Fight AI-Powered CyberattacksNew AI Threat Defense platform combines capabilities from Mandiant, Wiz and Gemini to help customers fight AI with AI. The post Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks appeared first on SecurityWeek .SECURITYWEEK.COM
28 MayInfosecurity Europe: Cybersecurity Staff Prefer CISOs With Real Attack Response Experience, Study RevealsISC2 survey of cybersecurity professionals suggests that staff want their information security leaders to have experienced reacting to a significant cyber incidentINFOSECURITY-MAGAZINE.COM
28 May2026 World Cup: Discussing The World’s Biggest Game’s Attack SurfaceThe 2026 World Cup presents major cyber risks from ransomware groups, state-aligned actors, and other groups targeting critical infrastructure. Learn more here. The post 2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
28 MayCarnival Cruise confirms data breach affecting nearly 6 million peopleCarnival Corporation, the world's largest cruise line operator, has confirmed a data breach affecting nearly 6 million people claimed by the ShinyHunters extortion gang in April 2026. [...]BLEEPINGCOMPUTER.COM
28 MayCarnival confirms data breach impacting nearly 6 millionCruise giant Carnival has suffered yet another data breach, with ShinyHunters claiming to have stolen personal data affecting nearly 6 million people.MALWAREBYTES.COM
28 MayRomanian gets 5 years in prison for hacking Oregon govt networkA Romanian national was sentenced this week to 56 months in federal prison for breaking into an Oregon state government computer network and fr cyberattacks targeting dozens of other U.S. victims. [...]BLEEPINGCOMPUTER.COM
28 MayWebinar: Why network incidents take too long to resolveMany organizations can detect network issues quickly, but investigations and coordination often slow incident resolution. This webinar explores how automation and AI-assisted workflows can help IT teams reduce delays and improve response times. [...]BLEEPINGCOMPUTER.COM
28 MayMyPillow listed on ransomware gang’s leak site, but denies it has been breachedA notorious ransomware gang claims to have stolen MyPillow's private data, but CEO Mike Lindell calls it a politically motivated "hit job." With the countdown ticking toward a massive dark web leak, who is telling the truth? Read more in my article on the Hot for Security blog.BITDEFENDER.COM
28 MayNew BTMOB Android Malware Enables Full Device TakeoverDelivered via phishing lures, the malware combines financial theft with data exfiltration and remote access. The post New BTMOB Android Malware Enables Full Device Takeover appeared first on SecurityWeek .SECURITYWEEK.COM
28 MayCruise giant Carnival confirms data breach affecting nearly 6 million peopleThe company said the threat actor gained access to a limited portion of its IT environment last month after compromising an employee account. By the end of April, Carnival determined that the attacker had copied personal information from its systems.THERECORD.MEDIA
28 MayCarnival begins notifying 6 million people of a data breachCarnival Corporation has begun notifying roughly six million individuals that their personal information was stolen in the cyberattack claimed by the ShinyHunters extortion group earlier this year. The disclosure follows the public leak of data allegedly containing 8.7 million re…CYBERINSIDER.COM
28 MayCarnival Data Breach Exposed 6 Million PeopleData breach leaves nearly 6 million Carnival customers navigating identity theft risks. The post Carnival Data Breach Exposed 6 Million People appeared first on SecurityWeek .SECURITYWEEK.COM
28 MayCybercriminals sail away with data from 6 million Carnival customersCarnival Corporation, one of the world’s largest cruise operators, confirmed a data breach weeks after the ShinyHunters hacking group claimed it had stolen millions of customer records. Carnival acknowledged a phishing incident involving a single employee account and stated that …HELPNETSECURITY.COM
28 MayThe Gentlemen ransomware: Dissecting a self-propagating Go encryptorMicrosoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by affiliates of Storm-2697 that combines per-file ephemeral key encryption with an aggressive self-propagation module to deploy itself across an entire network using …MICROSOFT.COM
28 MayRussia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge CyberattacksResearchers warn GreyVibe’s extensive use of ChatGPT, Gemini, and other AI tools offers a glimpse into how future cybercriminal and state-aligned groups will operate. The post Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks appeared first on SecurityWeek .SECURITYWEEK.COM
28 MayCharter - 4,851,517 breached accountsIn May 2026, the telecommunications company Charter Communications (the parent company behind the consumer broadband and cable brand Spectrum) was named by the ShinyHunters group in a "pay or leak" extortion campaign . The group later published the data, which exposed 4.9M unique…HAVEIBEENPWNED.COM
28 MayGreyVibe hackers use ChatGPT, Gemini to power cyberattacksA likely Russian threat cluster tracked as GreyVibe has been targeting Ukrainian entities with AI-generated lures and a rich set of custom malware tools. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 21[−]
28 MayISC Stormcast For Thursday, May 28th, 2026 https://isc.sans.edu/podcastdetail/9948, (Thu, May 28th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
28 MayNudge Security adds browser-based discovery for shadow AI agentsNudge Security announced that its AI security platform offers discovery of shadow AI agents via the browser, extending its agent discovery capabilities to cover platforms that do not provide a public API for agent identity and inventory. The new browser-based agentic AI discovery…HELPNETSECURITY.COM
28 MayFrontier AI models collapse under multi-turn AI attacks, Cisco findsAttackers who probe large language models rarely give up after one refusal. They reframe, build context across turns, adopt personas, and escalate gradually. New research from Cisco’s AI threat intelligence team finds that the safety benchmarks used across the industry miss…HELPNETSECURITY.COM
28 MayChecksum introduces Continuous Quality Agent for automated test generation and healingChecksum has launched its Continuous Quality Agent, an autonomous system that runs nightly against deployed applications and automatically heals broken tests without waiting for an engineer to open a dashboard or write a prompt. AI coding has changed the constraint in software de…HELPNETSECURITY.COM
28 MayJINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS MalwareA new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware. "These campaigns leveraged sophisticated social eng…THEHACKERNEWS.COM
28 MayA single typo could derail your World Cup plansCybercriminals are spoofing Fédération Internationale de Football Association (FIFA) websites ahead of the 2026 FIFA World Cup, the FBI warns. The attackers are registering lookalike domains with small spelling changes or different domain endings to impersonate FIFA websites and …HELPNETSECURITY.COM
28 MayNew Threat Actor Jinx-0164 Targets Crypto Developers on macOSNew actor Jinx-0164 hit crypto developers with fake recruiter lures and macOS malwareINFOSECURITY-MAGAZINE.COM
28 MayNew Edamame Platform Aims to Catch AI Coding Agents Going Off the RailsFrance-based startup Edamame says its runtime verification platform uses host telemetry and AI analysis to detect coding-agent “intent drift,” secret theft and supply-chain attacks in real time. The post New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails appe…SECURITYWEEK.COM
28 MayRaising the Cybersecurity Stakes: Ante up for the Agentic EraCISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale. The post Raising the Cybersecurity Stakes: Ante up for the Agentic Era appeared first on SecurityWeek .SECURITYWEEK.COM
28 MayOpenAI prepares ChatGPT for the election misinformation waveAI-generated election misinformation could shape public opinion and influence the lives of millions of people. To address those risks, OpenAI outlined a series of safeguards ahead of the 2026 election cycle. The company said its efforts will focus on helping users access voting i…HELPNETSECURITY.COM
28 MayDigimarc adds provenance, audit, and verification controls for AI agent workflowsDigimarc has announced new provenance and verification infrastructure designed to secure autonomous and AI-enabled workflows. As enterprises increasingly adopt AI systems capable of generating content, orchestrating workflows, and taking action with minimal human intervention, es…HELPNETSECURITY.COM
28 MayZapier fixes bug chain that researchers say risked widespread account takeoverA five-step flaw chain in the popular automation service, now patched, could have let a single attacker act as any signed-in user across thousands of connected apps. The post Zapier fixes bug chain that researchers say risked widespread account takeover appeared first on CyberSco…CYBERSCOOP.COM
28 MayMicrosoft’s Copilot trust test: zero findings, more models, wider oversightMicrosoft 365 Copilot and Copilot Chat (Copilot) have been recertified under ISO/IEC 42001:2023 by an independent auditor for the second consecutive year. Copilot first received ISO 42001 certification in March 2025. This year’s recertification recorded zero non-conformities and …HELPNETSECURITY.COM
28 MayAWS Doesn’t Secure EverythingMany organizations move infrastructure into AWS or managed environments believing most security responsibilities transfer with it. In reality, customers still control major parts of configuration, identity management, permissions, and operational security. That misunderstanding c…YOUTUBE.COM
28 MayEnterprise data is creeping its way into shadow AI toolsExecutives and employees are clashing over usage policies as AI security concerns rise, an Okta report found.CYBERSECURITYDIVE.COM
28 MayHow CISOs can manage sovereign-cloud security risksSelecting and adopting cloud services from non-U.S. regional providers requires solid cyber risk and security assessment.CYBERSECURITYDIVE.COM
28 MayProton Mail adds support for Gmail account syncing and sendingProton has announced a new feature that allows users to connect their Gmail accounts directly to Proton Mail, enabling them to read and send Gmail messages from within Proton’s encrypted email platform. The feature is designed to simplify migration away from Google’s email ecosys…CYBERINSIDER.COM
28 MayQuantum breakthrough produces perfect randomness for secure communicationsETH Zurich researchers have demonstrated what they describe as the world’s first generation of certifiably perfect random numbers using a quantum experiment based on entangled superconducting qubits. The breakthrough could strengthen future encryption systems, digital identity pr…CYBERINSIDER.COM
28 MayGeordie Raises $30 Million for AI Security and Governance PlatformThe funding round was led by Balderton Capital, with additional support from Crosspoint Capital and previous investors General Catalyst and Ten Eleven Ventures. The post Geordie Raises $30 Million for AI Security and Governance Platform appeared first on SecurityWeek .SECURITYWEEK.COM
28 MayHouse panel poised to hold hearing centered on AI impact on cyberIt’s part of a series of examinations at the House Homeland Security Committee that now will include a public event. The post House panel poised to hold hearing centered on AI impact on cyber appeared first on CyberScoop .CYBERSCOOP.COM
28 MayGoogle security engineer accused of turning confidential search trends into $1.2M win on PolymarketMichele Spagnuolo allegedly placed multiple trades on the prediction marketplace, abusing internal access to Google’s nonpublic data on the most searched people in 2025. The post Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket a…CYBERSCOOP.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
28 MayFake ChatGPT download site infects Windows and Mac users with malwareSearching for ChatGPT? This fake download site serves malware to both Windows and Mac users, using separate payloads tailored to each platform.MALWAREBYTES.COM
28 MayGCHQ Chief Urges Action as AI Reshapes Cyber ThreatsGCHQ director urges urgent business cyber action as AI and quantum reshape the threatINFOSECURITY-MAGAZINE.COM
28 MayBTMOB Android malware service generates custom phishing payloadsAn Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware payloads tailored to phishing lures. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
28 MayBuilding Crisis Response Plans That Work Under Pressure with Courtney Guss of Semperis.Courtney Guss, Crisis Management Director at Semperis, joins Dave Bittner on the CyberWire Daily podcast for a sponsored Industry Voices to discuss why crisis planning must evolve beyond audit checklists and static documentation. She explains how organizations can build faster, m…THECYBERWIRE.COMHTTPS:
📡 INFOSEC NEWS 21[−]
28 MayPirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for yearsOur experts continue to track attacks targeting consumers of pirated content, both books and movies. 2026 saw the discovery of new target sites with tens of millions of visitors, while the miner gained a RAT module.SECURELIST.COM
28 MayScammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing AttacksCustomer data from more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking scams.WIRED.COM
28 MayYour Windows PC has a security deadline in June 2026Windows is replacing old Secure Boot certificates, and some older PCs could miss future security protections if the update fails.MALWAREBYTES.COM
28 MayNew AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distribu…THEHACKERNEWS.COM
28 MayThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 MoreEvery time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and enough exposed infrastructure to make you wonder if prod is just a public beta…THEHACKERNEWS.COM
28 MayChinese-speaking fraud gang could be stealing millions from 2026 World Cup fansCybercriminals have registered more than 4,300 fraudulent domains impersonating FIFA's official web presence since August 2025.THERECORD.MEDIA
28 MayRussia conducting daily attacks on UK 'from seabed to cyberspace,' spy chief warnsAnne Keast-Butler, director of GCHQ, said Russia's actions have prompted the agency to defend subsea cables and energy pipelines in British waters, disrupt Russian networks smuggling sanctioned technology and countering “reckless sabotage and assassination attempts.”THERECORD.MEDIA
28 MayGrading on a curve: How to assess a pentestDefenders don’t need to detect every adversary action to prevent a threat. Here’s a more realistic, optimized approach to testing.REDCANARY.COM
28 MayHow SIEM helps MSPs reduce noise and stop threats fasterMSPs don't lack security data. They struggle to separate real threats from alert noise. Kaseya explains how SIEM helps MSPs improve visibility, reduce fatigue, and respond faster. [...]BLEEPINGCOMPUTER.COM
28 MayFocus on Cyber Insurance: How Quantifying Risk Is Reshaping SecurityIn this latest installment of the Reporters' Notebook video series, we discuss how cyber insurance is forcing organizations to quantify risk, what's covered (and what's not), and why this could be the best thing to happen to cybersecurity.DARKREADING.COM
28 MayU.S. says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’One leading privacy lawmaker said it was time to "start treating the adtech industry as a national security threat."TECHCRUNCH.COM
28 MayAgentic AI Isn't Risky; the Way Orgs Deploy It IsAI agents aren't black boxes — they're models interacting with software tools. The risk lies in their overlap.DARKREADING.COM
28 MayThe Pentagon Knew Enemies Could Track Troops’ Phones for Years. Now They AreThe US military has long known that cheap fixes could stop location data from exposing its troops. It adopted almost none—and now says adversaries are using the data to target soldiers during a war.WIRED.COM
28 MayA security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licensesPay Tel secured the publicly exposed data after security researchers discovered the leak containing callers' sensitive ID documents and inmate communications.TECHCRUNCH.COM
28 MayAnalysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)Using the data collected over the past year and using Kibana these two ES|QL query to summarize the data, this shows the list of the most uploaded threat to two DShield sensors (local and cloud) over the past year. I have sorted the activity by months that shows the evolutio…ISC.SANS.EDU
28 MayHackers are trying to steal Signal users’ backups in new wave of phishing attacksA new hacking campaign is trying to trick Signal users to give up their secret recovery key, which can be used to access online backups containing past messages.TECHCRUNCH.COM
28 MayNewsom signs new AI-related EO.Supreme Court declines to hear Meta's challenge to social media addiction lawsuit.THECYBERWIRE.COM
28 MayFBI warns of fake FIFA websites running World Cup fraud schemesThe FBI is warning of fake websites impersonating FIFA ahead of the 2026 World Cup, to steal personal and financial information, sell fake tickets and hospitality packages, and push other fraud related to the event. [...]BLEEPINGCOMPUTER.COM
28 MayLess panic patching, more precisionIn this newsletter, Thor breaks down why you should stop relying solely on CVSS and start using EPSS and GCVE to focus your patching efforts on the threats that actually matter.TALOSINTELLIGENCE.COM
28 MayWhy and how to migrate to a Transit Gateway-attached AWS Network FirewallAWS Network Firewall now supports native attachment to AWS Transit Gateway. Customers commonly use Transit Gateway to route traffic from Amazon Virtual Private Cloud (Amazon VPC) networks to a centralized inspection VPC (a VPC dedicated to hosting firewall endpoints for traffic i…AWS.AMAZON.COM
28 MayAnthropic confirms Claude Mythos-class models will roll out to the publicAnthropic has confirmed that it plans to bring Mythos-class models to the general public after delaying the rollout due to security risks to public and private software. [...]BLEEPINGCOMPUTER.COM