AttackFeed by Joe Wagner

A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence. The activity has been attributed to the GitHub account “BufferZoneCorp,” which has published a set of repositories that are associated with malicious Ruby gems … Read More “Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft  – The Hacker News” »

Compare top diagram software in 2026 and see why Wondershare EdrawMax can be a practical choice for fast, template rich, AI supported diagramming.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Two former cybersecurity professionals who moonlighted as cybercriminals, committing a series of ransomware attacks in 2023, were each sentenced to four years in prison, the Justice Department said Thursday. Ryan Clifford Goldberg and Kevin Tyler Martin previously pleaded guilty to one of three charges brought against them in December and faced up to 20 years … Read More “Former incident responders sentenced to 4 years in prison for committing ransomware attacks  – CyberScoop” »

A severe authentication bypass vulnerability in cPanel, one of the most widely deployed web hosting control panel platforms on the internet, is being actively exploited in the wild, according to security researchers and hosting providers. The vulnerability, tracked as CVE-2026-41940, affects all supported versions of cPanel and WebHost Manager (WHM) released after version 11.40, as … Read More “cPanel’s authentication bypass bug is being exploited in the wild, CISA warns  – CyberScoop” »

Congress extended a controversial surveillance law for 45 days on Thursday, hours before its latest expiration following an earlier extension. The Senate passed — then the House cleared — a 45-day extension of Section 702 of the Foreign Intelligence Surveillance Act, which authorizes warrantless surveillance of foreign targets. But those targets are sometimes communicating electronically … Read More “Congress kicks the can down the road on surveillance law (again)  – CyberScoop” »

Private chats and photos of celebrities and influencers were exposed after a suspected stalkerware setup left a database open, revealing sensitive messages and files.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

The Federal Communications Commission approved new regulations Wednesday designed to crack down on robocalling, protect telecommunications networks from cyberattacks and further vet equipment-testing labs based overseas. Commissioners unanimously passed a measure to strengthen telecom companies’ “Know Your Customer” requirements for verifying callers’ identities. Among the potential solutions being considered are requiring telecoms to verify a … Read More “FCC tightens KYC rules for telecoms, closes loophole for banned foreign services  – CyberScoop” »

A misconfigured server linked to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an AI coding error caused a major security flaw.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is … Read More “PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials  – The Hacker News” »

As more businesses relocate their operations to the cloud, one important decision arises: should you choose managed or…  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

A pair of persistent and problematic threat groups affiliated with The Com are actively targeting organizations across multiple critical infrastructure sectors for rapid data theft and extortion attacks, according to CrowdStrike. The financially-motivated attackers, which CrowdStrike tracks as Cordial Spider and Snarky Spider, have used voice-phishing and social engineering attacks to break into victims’ identity … Read More “Two new extortion crews are speedrunning the Scattered Spider playbook  – CyberScoop” »

The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online. Security is always a moving target. … Read More “ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories  – The Hacker News” »

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work … Read More “Anti-DDoS Firm Heaped Attacks on Brazilian ISPs  – Krebs on Security” »

Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO)  – Read More  – The Hacker News 

Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. “The intrusion chain begins with execution of a batch script (‘install_obf.bat’) that disables Windows security controls, dynamically extracts an  – Read More  – … Read More “New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials  – The Hacker News” »

Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Theori. “An unprivileged local user can write four controlled bytes into the page cache of … Read More “New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions  – The Hacker News” »

Anthropic recently announced that it would not release Mythos, its most powerful AI model, to the public. The model discovered thousands of previously unknown software vulnerabilities — flaws that had sat undetected in major operating systems and web browsers for as long as nearly three decades. Anthropic said the model was too dangerous to deploy … Read More “Everyone’s building AI agents. Almost nobody’s ready for what they do to identity.  – CyberScoop” »

Linux Kernel Vulnerability “Copy Fail” lets attackers gain root access via memory flaw. Patch now or disable algif_aead to stay secure.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes. Read more in my article on the Hot for Security blog.  – Read More  – GRAHAM CLULEY 

Google has addressed a maximum severity security flaw in Gemini CLI — the “@google/gemini-cli” npm package and the “google-github-actions/run-gemini-cli” GitHub Actions workflow — that could have allowed attackers to execute arbitrary commands on host systems. “The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,”  – Read … Read More “Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution  – The Hacker News” »

A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game currency. Meanwhile, there’s a 1980s phone protocol called … Read More “Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions  – GRAHAM CLULEY” »

Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then someone in a leadership meeting asks: “So, are we actually safer now?” Crickets. The room goes quiet because an honest answer requires context – which is something that patch counts … Read More “What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)  – The Hacker News” »

PocketOS founder says Cursor AI agent deleted its production database in 9 seconds after misusing a root API token, exposing major Railway security flaws.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

The growth of data centers — and adversaries’ targeting of them — left lawmakers at a hearing Wednesday contemplating whether the federal government has the right setup for defending them. Some industry witnesses and experts at the hearing of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection testified that the answer might be … Read More “Congress, industry ponder government posture for protecting data centers  – CyberScoop” »

A hacker using the alias “Xorcat” claims to have breached Polymarket using API flaws, but research suggests the leak could be just data scraping incident.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Bluekit Phishing Kit is a new PhaaS tool that targets major platforms, using AiTM techniques to steal session data and bypass MFA protections.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More