Cybersecurity News from Across the Internet
Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years … Read More “ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories – The Hacker News” »
Business cash flow is often harder to manage than revenue. A company can have strong sales and still… – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Mustang Panda campaign deploys updated FDMTP backdoor against Asia-Pacific and Japan networks – Read More –
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,… – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It’s also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC‑0057 – Read … Read More “Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike – The Hacker News” »
Foxconn, one of the world’s largest manufacturers of electronics sold by major tech vendors, is recovering from a cyberattack that disrupted some of the company’s factories in North America. Nitrogen, a ransomware group that’s known for targeting organizations in the manufacturing, construction and technology sectors, claimed responsibility for the attack on its data leak site … Read More “Major tech manufacturer Foxconn confirms cyberattack hit North American factories – CyberScoop” »
New Fragnesia kernel flaw lets unprivileged local users escalate to root on Linux systems – Read More –
Google’s Android Advanced Protection Mode is getting a new feature allowing trusted security experts to investigate potential spyware infections – Read More –
AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks certainty, it doesn’t have a mechanism to recognize that. Instead, it generates the most probable response based on patterns in its training data, even if that response is inaccurate. … Read More “How AI Hallucinations Are Creating Real Security Risks – The Hacker News” »
Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure. The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke the – Read … Read More “PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure – The Hacker News” »
A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON). The security defects have been codenamed YellowKey and GreenPlasma, respectively, by the researcher, who goes by the online aliases Chaotic Eclipse – Read More – … Read More “Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation – The Hacker News” »
The Information Commissioner’s Office has released new guidance on how to mitigate the risk of AI-powered attacks – Read More –
Pay up, or we’ll pay someone to pay you a visit. Cybercrime gangs are increasingly turning to real-world threats – and even hiring local muscle to deliver the message. Read more in my article on the Hot for Security blog. – Read More – GRAHAM CLULEY
Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure – Read More –
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia, the security vulnerability is tracked as CVE-2026-46300 (CVSS score: … Read More “New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption – The Hacker News” »
Welcome to Day One of Pwn2Own Berlin 2026! Today, 22 entries take the Pwn2Own stage to target AI Databases, Coding Agents, Local Inferences, and a separate category for NVIDIA products, as the world’s top security researchers push technology to its limits. Exploits, surprises, and breakthrough discoveries are unfolding. Follow the action live! We’ll be posting … Read More “Pwn2Own Berlin 2026 – Day One Results – Zero Day Initiative – Blog” »
Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, discovered by depthfirst, is a heap buffer overflow issue impacting ngx_http_rewrite_module (CVE-2026-42945, CVSS v4 score: 9.2) that could allow an attacker to achieve remote code execution or cause a – … Read More “18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE – The Hacker News” »
Artificial Intelligence is now moving beyond the fringe of enterprise innovation. It has been firmly integrated into business processes,… The post Why Enterprises Need Adaptive AI Security Governance Now appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Welcome to the largest educational data breach in history – affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas’s parent company refused to pay and announced they had deployed “security patches” instead, the hackers were less than impressed. So they came back through the cat flap. Meanwhile, a famous … Read More “Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities – GRAHAM CLULEY” »
Instructure has reached an agreement with the ShinyHunters group to return and destroy stolen Canvas data, protecting millions of student records from a public leak. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The House Homeland Security Committee is digging into Anthropic’s AI model Mythos in a series of briefings and hearings, as questions proliferate on whether and how the federal government will make use of the technology touted for its ability to autonomously uncover cyber vulnerabilities. Wednesday brought a closed-door briefing for the House Homeland Security Committee … Read More “Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks – CyberScoop” »
Two of the most advanced artificial intelligence models — Anthropic’s Claude Mythos Preview and OpenAI’s GPT-5.5 — have significantly surpassed the already-accelerating pace at which AI systems are completing autonomous cybersecurity tasks, according to separate findings published Wednesday by the United Kingdom’s AI Security Institute (AISI) and Palo Alto Networks. The AISI, which conducts pre-deployment … Read More “Researchers say AI just broke every benchmark for autonomous cyber capability – CyberScoop” »
The Trump administration released a legal opinion outlining the legal rationale behind its nationwide voter data collection efforts, justifying an aggressive federal role in vetting voter eligibility, a position courts have repeatedly rejected in related litigation. The memo, released Tuesday by the Department of Justice Office of Legal Counsel, concedes that while election administration is … Read More “DOJ releases legal rationale for nationwide voter data collection – CyberScoop” »
The Trump administration released a legal opinion outlining the legal rationale behind its nationwide voter data collection efforts, justifying an aggressive federal role in vetting voter eligibility, a position courts have repeatedly rejected in related litigation. The memo, released Tuesday by the Department of Justice Office of Legal Counsel, concedes that while election administration is … Read More “DOJ releases legal rationale for nationwide voter data collection – CyberScoop” »
Today’s enterprise executives are navigating a complex landscape of AI-driven challenges, but none is more urgent than the rapid escalation of AI-generated fraud. Fraudsters are weaponizing generative AI to automate impersonation and mass-produce synthetic identities at a scale and pace that is rendering enterprises’ long-standing defenses obsolete. This is no longer a slow-moving game of … Read More “Weaponized AI: The new frontier of fraud and identity spoofing – CyberScoop” »
Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Willkommen! (Welcome!) Pwn2Own Berlin 2026 has arrived at OffensiveCon, and the world’s top security researchers are ready. This year’s enterprise-focused competition features AI Databases, Coding Agents, Local Inferences, and a separate category for NVIDIA products. Earlier today, we held the random draw to determine attempt order. Below is the official schedule. All times are Berlin … Read More “Pwn2Own Berlin 2026: The Full Schedule – Zero Day Initiative – Blog” »
OpenAI has unveiled Daybreak, a cybersecurity initiative that combines the company’s large language models with its Codex agentic framework to help organizations identify, patch, and validate software vulnerabilities across the development lifecycle. The platform is built around three model tiers: GPT-5.5 for general-purpose use, GPT-5.5 with Trusted Access for Cyber for verified defensive security workflows, … Read More “Daybreak is OpenAI’s answer to the AI arms race in cybersecurity – CyberScoop” »
Instructure says it reached an agreement with ShinyHunters over the Canvas breach data – Read More –
A Slovakian administrator tied to the dark web Kingdom Market received a 16 year US prison sentence for drug trafficking and cybercrime activity. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A threat actor with affiliations to China has been linked to a “multi-wave intrusion” targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its targeting. The activity has been attributed by Bitdefender with moderate-to-high confidence to a hacking group known as FamousSparrow (aka UAT-9244), … Read More “Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation – The Hacker News” »
Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it’s being tested by some customers as part of a limited private preview. MDASH, short for multi-model agentic scanning harness, is designed as a model-agnostic system that uses bespoke AI agents for different … Read More “Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday – The Hacker News” »
Avada Builder flaws allowed file read and SQL injection on one million WordPress sites – Read More –
Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 flaws, 30 are rated Critical, 104 are rated Important, three are rated Moderate, and one is rated Low in severity. As many as 61 vulnerabilities … Read More “Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws – The Hacker News” »
Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant’s M-Trends 2026 report puts the mean time to exploit at an estimated negative seven days. The Verizon 2025 DBIR puts median time to remediate edge device vulnerabilities at 32 days. These numbers have … Read More “Most Remediation Programs Never Confirm the Fix Actually Worked – The Hacker News” »
TL;DR: Stop chasing thousands of “toast” alerts. Join experts from Wiz and Okta/GitLab to learn how hackers connect tiny flaws to build a “Lethal Chain” to your data—and how to break it. Register for the Strategic Briefing Here. Most security tools work like a smoke alarm that goes off every time you burn a piece … Read More “[Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It) – The Hacker News” »
Survey of cybersecurity leaders suggests that majority would strongly consider paying cybercriminals, if that’s what it took to help restore encrypted systems – Read More –
Canadian telecom providers face mounting cyber threats from ransomware, SIM swapping, data breaches, and nation-state attacks targeting critical infrastructure. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chains – Read More –
Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that use the registry as a data exfiltration channel rather than for malware distribution. “The packages do not appear designed for mass developer compromise,” Socket said. “Many have little or no download activity, … Read More “GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data – The Hacker News” »
Microsoft has patched 120 vulnerabilities in this month’s security update round – Read More –
AI is quickly reshaping enterprises, ranging from predictive analytics and fraud identification to autonomous decision-making and generative AI applications…. The post AI Supply Chain attacks are surging – Here’s how Encryption and Key Management stop them appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
UK cybersecurity sector reaches £14.7bn in revenue, driven by rapid growth in AI security firms, increased investment and rising employment across the industry – Read More –
Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, available as part of Advanced Protection Mode, enables “persistent and privacy-preserving forensics logging to allow for investigation of devices in the event of a suspected compromise,” the company said. The feature, … Read More “Android Adds Intrusion Logging for Sophisticated Spyware Forensics – The Hacker News” »
ShinyHunters says its shinyhunte.rs domain was suspended after the Canvas LMS attacks, forcing the group to move fully to its dark web (.onion) site. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A rapidly spreading malware campaign has infected hundreds of software packages across major open-source registries, embedding credential-stealing code into development tools downloaded millions of times a week. The attack, referred to as “mini Shai-Hulud,” targeted prominent software libraries, including TanStack, UiPath, and MistralAI. TanStack’s React Router package alone accounts for more than 12 million weekly … Read More “‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack – CyberScoop” »
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers — including Apple, Google, Microsoft, Mozilla and Oracle — fixing near … Read More “Patch Tuesday, May 2026 Edition – Krebs on Security” »
Microsoft addressed another triple-digit batch of vulnerabilities cutting across its various enterprise products, components and underlying systems. Yet despite the high number of defects, the vendor reported no actively exploited zero-days in this month’s Patch Tuesday update. Thirteen of the 137 vulnerabilities Microsoft disclosed were assigned critical CVSS ratings, including a pair of vulnerabilities affecting … Read More “Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical – CyberScoop” »
![[Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It) – The Hacker News](https://attackfeed.com/wp-content/uploads/2026/05/wiz-P5vlHe.jpg "[Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It)")
