access ai android api apple attack authentication backdoor breach business ceo china cisa cisco ciso cloud compliance control credentials crypto cve cyber cyberattack cybercrime cybersecurity data data-breach defense detection email exploit finance flaw framework fraud germany google governance government group hacker hacking healthcare identity infrastructure intelligence Internet jobs law leak linux malicious malware microsoft monitoring network open-source password phishing privacy ransomware remote-code-execution resilience risk russia scam service software strategy supply-chain technology theft threat tool unclassified update usa vulnerability windows zero-day
-
Supply-Chain-Angriff: Hunderte von NPM- und PyPI-Paketen kompromittiert
Die Hackergruppe TeamPCP gräbt sich erneut durch unzählige NPM- und Python-Pakete und verbreitet Schadcode, der vor allem Zugangsdaten sammelt. First seen on golem.de Jump to article: www.golem.de/news/supply-chain-angriff-hunderte-von-npm-und-pypi-paketen-kompromittiert-2605-208562.html also interesting: 71% of CISOs hit with third-party security incident this year GitHub Actions missbraucht The Changing Threat Landscape for Retailers: Why is data security working harder than…
-
Frustrierende Updates: Wie Microsoft Windows-11-Updates weniger nervig machen will
Wenige Dinge sind frustrierender, als sich an den PC zu setzen und festzustellen, dass er ein Update benötigt, schreibt Microsoft. First seen on golem.de Jump to article: www.golem.de/news/frustrierende-updates-wie-microsoft-windows-11-updates-weniger-nervig-machen-will-2605-208563.html also interesting: Microsoft releases emergency fix for Windows Server crashes Microsoft gibt auf: Kein automatischer Fix für nervigen Update-Bug in Windows 11 Eigenartige Firewall-Fehler: Microsoft gesteht Update-Panne…
-
Malicious Hugging Face Repository Typosquats OpenAI
HiddenLayer reveals infostealer malware in a Hugging Face repository First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-hugging-face-repo/ also interesting: Invisible C2″Š”, “Šthanks to AI-powered techniques LLM-Powered MalTerminal Malware Uses OpenAI GPT-4 to Create Ransomware Code Cybersecurity Snapshot: Top Advice for Detecting and Preventing AI Attacks, and for Securing AI Systems Attackers trojanize Axios HTTP library…
-
State-sponsored actors, better known as the friends you don’t want
Tags: ransomwareResponding to a state-sponsored threat is nothing like responding to ransomware, and the differences can make or break the outcome. Learn why your IR plan might need revisiting, and the factors you should consider. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/state-sponsored-actors-better-known-as-the-friends-you-dont-want/ also interesting: Rhysida ransomware takes responsibility for Bayhealth Hospital compromise P2Pinfect Redis Server with New Ransomware…
-
Cline AI Agent Flaw Allows Attackers to Launch RCE Attacks
A critical security vulnerability in the Cline AI coding assistant’s kanban package exposes developers to remote code execution, data theft, and denial-of-service attacks by simply visiting a malicious website. Security researcher Sagilayani disclosed CVE-2026-44211 on GitHub four days ago, revealing that the kanban npm package bundled with the Cline CLI starts a WebSocket server on 127.0.0.1:3484 with zero Origin…
-
Instructure reaches ‘agreement’ with ShinyHunters to stop data leak
Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an “agreement” with the ShinyHunters extortion group to prevent the data stolen in a recent breach from being leaked online. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instructure-reaches-agreement-with-shinyhunters-to-stop-data-leak/ also interesting: Dell demonstration platform breached by World Leaks extortion group 9…
-
Why patching SLAs should be the floor, not the strategy
SLAs measure discipline, not risk: Here’s the mental model I’ve been pushing with my peers. Think of patching SLAs the way you think of fire drills. Fire drills are necessary. They prove that, on a predictable cadence, your organization can execute a known procedure. No one in charge of a building full of people would…
-
Veeam warnt nach Cyberangriff auf Canvas vor unterschätzten SaaS-Risiken
Entscheidend bleibt die Fähigkeit von Unternehmen, Daten unabhängig wiederherstellen und den Geschäftsbetrieb auch nach einem Sicherheitsvorfall schnell fortsetzen zu können. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/veeam-warnt-nach-cyberangriff-auf-canvas-vor-unterschaetzten-saas-risiken/a45086/ also interesting: Agents, Robotics, and Auth Oh My! – Impart Security Disaster recovery and business continuity: How to create an effective plan Disaster recovery and business continuity:…
-
Microsoft Warns: MistralAI PyPI Package Compromised with Malware
Mistral’s official Python client on PyPI has been pulled into the ongoing wave of AI supply”‘chain attacks, with Microsoft warning that version 2.4.6 of the mistralai package was backdoored to silently deploy a credential”‘stealing payload on Linux systems. The logic is designed to execute automatically whenever the package is imported, meaning developers simply using the library in…
-
South Staffordshire Water Fined £1m After Data Breach
The ICO has fined South Staffordshire Water nearly £1m for a series of data protection failings First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/south-staffordshire-water-fined-1m/ also interesting: HPE Investigates After Alleged Data Breach US student agrees to plead guilty to hack affecting tens of millions of students Kimsuky Hackers’ Playbook Uncovered in Exposed ‘Kim’ Data Dump…
-
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign.The affected npm packages have been modified to include an obfuscated JavaScript file (“router_init.js”) that’s designed…
-
OpenAI’s Daybreak uses Codex Security to identify risky attack paths
OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It combines OpenAI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/openai-daybreak-openai-daybreak-vulnerability-validation-initiative/ also interesting: Cybersecurity Snapshot: NIST Offers Zero Trust Implementation Advice, While OpenAI Shares ChatGPT Misuse Incidents 6 ways hackers hide their tracks Five…
-
Claude Chrome Extension Flaw Lets Malicious Add-Ons Steal Gmail and Drive Data
A critical vulnerability dubbed >>ClaudeBleed<< has compromised Anthropic's trusted AI assistant, potentially turning it into a backdoor. This severe design flaw in the Claude Chrome extension allows malicious add-ons to hijack the AI secretly. Even extensions with zero declared permissions can exploit this vulnerability to steal sensitive data from Gmail, Google Drive, and GitHub. In…
-
Fake TronLink Chrome Extension Steals Crypto Wallet Credentials
A newly uncovered phishing campaign is targeting TRON wallet users through a deceptive Chrome extension that mimics the popular TronLink wallet. The campaign highlights how modern browser extension abuse is evolving beyond static code inspection, making detection significantly harder. At first glance, it appears legitimate, even displaying “1,000,000+ users” and strong ratings on the Chrome…
-
Finanzstabilität in Gefahr: Claude Mythos alarmiert den IWF
Anthropics neues Modell ‘Claude Mythos Preview” findet Schwachstellen in jedem gängigen Betriebssystem und Browser, auch in den Händen von Laien. Für den Internationalen Währungsfonds ist das ein Weckruf: Cybersicherheit müsse als systemisches Finanzrisiko behandelt werden. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/claude-mythos-alarmiert-den-iwf also interesting: Black Friday und Cyber Weekend: Cybersicherheit beim Online-Shopping bleibt gefährlich…
-
Cyberangriff trifft Fahrzeughersteller: Kundendaten von Skoda kompromittiert
Tags: cyberattackEin unbekannter Angreifer hat ein von Skoda genutztes Shopsystem infiltriert und konnte auf Kundendaten zugreifen. Auch Zugangsdaten sind betroffen. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-trifft-fahrzeughersteller-kundendaten-von-skoda-kompromittiert-2605-208556.html also interesting: Microsoft Zero-Day Used by Lazarus in Rootkit Attack DDoS-Angriff auf die Websites von Hilfsorganisationen in Deutschland Verkauf von Prepaid-Karten in Deutschland von Cyberangriff auf IT-Dienstleister betroffen…
-
Nordkoreas Hacker-Offensive eskaliert: Shifty Corsair greift gezielt Entwickler und Krypto-Assets an
Da die Angreifer statische Schlüssel direkt in ihre Angriffsketten integrieren, reichen klassische SSH-Sicherheitsmechanismen laut BlueVoyant inzwischen nicht mehr aus. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/nordkoreas-hacker-offensive-eskaliert-shifty-corsair-greift-gezielt-entwickler-und-krypto-assets-an/a45077/ also interesting: CoinStats says North Korean hackers breached 1,590 crypto wallets N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto Drift…
-
Backup-Umgebungen – Schnelle Wiederherstellung und die Weiterentwicklung der Regeln für die IT-Architektur
Tags: backupFirst seen on security-insider.de Jump to article: www.security-insider.de/schnelle-wiederherstellung-und-die-weiterentwicklung-der-regeln-fuer-die-it-architektur-a-1a7e3d52b26dd1bb8832d93f022f5ee5/ also interesting: Crims bust through SonicWall to grab sensitive config data SonicWall Breached, Firewall Backup Data Exposed QNAP NetBak Replicator Vulnerability Allow Malicious Code Execution Report: Nevada State Hackers Evaded Detection for Months
-
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues.”Daybreak combines the intelligence of OpenAI models, the extensibility of Codex as an agentic harness, and our partners across…
-
OpenAI Daybreak Automates Vulnerability Detection and Patching
Tags: ai, control, cyber, cyberattack, detection, exploit, intelligence, openai, software, update, vulnerability, zero-dayThe relentless race against zero-day exploits and sophisticated cyberattacks requires a revolutionary approach to software security. Defenders are constantly overwhelmed by massive backlogs of alerts and the sheer volume of code requiring manual review. Enter OpenAI Daybreak, a frontier artificial intelligence system built specifically for cyber defenders. By shifting the focus from reactive damage control…
-
Android banking Trojan TrickMo evolves using TON network for C2
ThreatFabric found a new TrickMo Android trojan focused on stealth and persistence, moving its command-and-control traffic to the TON network. Security researchers at ThreatFabric have recently identified a new version of TrickMo, a dangerous Android banking trojan that shows how malware operators are focusing less on flashy new features and more on improving stealth, flexibility,…
-
Cybersicherheit – Daybreak ist OpenAIs Antwort auf Claude Mythos
Mit der neuen Cyber-Sicherheitsinitiative Daybreak will OpenAI verlorenen Boden im Bereich Sicherheit gutmachen. First seen on computerbase.de Jump to article: www.computerbase.de/news/apps/cybersicherheit-daybreak-ist-openais-antwort-auf-claude-mythos.97324 also interesting: SANS Cyber Leaders Podcast-Reihe bietet strategische Tools für CISOs OpenAI stemmt sich gegen die Forderung, Millionen von ChatGPT-Konversationen freizugeben OpenAI Reveals Mixpanel Data Breach Exposing User Details OpenAI Courts Banks in Trusted…
-
Cyberkriminelle greifen über Umwege an – Third-Party-Risiken werden systematisch unterschätzt
Tags: riskFirst seen on security-insider.de Jump to article: www.security-insider.de/lieferkettenrisiken-cybersecurity-third-party-angriffe-a-fc524787c1b7676b663beb3af25496f5/ also interesting: Zscaler erweitert KI-basierte Analysen für Cyber-Risiken, User Experience, SaaS-Nutzung Operation 999: Ransomware tabletop tests cyber execs’ response Ensuring Stability in Your Cybersecurity Approach Security for AI: A Practical Guide to Enforcing Your AI Acceptable Use Policy
-
iOS 26.5 Brings Default EndEnd Encrypted RCS Messaging Between iPhone and Android
Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Communication Services (RCS) in beta as part of a “cross-industry effort” to replace traditional SMS with a more secure alternative.To that end, E2EE RCS messaging is rolling out to iPhone users running iOS 26.5 with supported carriers and Android users…
-
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers
Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecommerce websites stealthily. Because GTM is widely used and loaded from the trusted domain googletagmanager.com, malicious scripts can blend in with legitimate site functionality, making detection significantly harder. Once embedded into a compromised…
-
BitUnlocker Downgrade Attack Bypasses Windows 11 Disk Encryption in Minutes
A proof-of-concept (PoC) exploit that demonstrates how attackers can bypass Windows 11 BitLocker disk encryption in under 5 minutes. Dubbed the >>BitUnlocker<< attack, this physical downgrade technique exploits a known vulnerability, CVE-2025-48804. Initially documented by the Microsoft STORM team in July 2025, the flaw exposes a critical weakness in how Secure Boot interacts with legacy…
-
Local privilege escalation bis zu Root-Rechten – ‘Copy Fail”-Sicherheitslücke im Linux-Kernel wird in Angriffen ausgenutzt
First seen on security-insider.de Jump to article: www.security-insider.de/linux-kernel-luecke-cve-2026-31431-root-eskalation-a-7c39801062b8b452a3ad5ad00d6c517d/ also interesting: Gefährliche Sicherheitslücke in Linux: So verhinderte ein freiwilliger Programmierer weltweite Schäden Sicherheitslücke in xz – Backdoor in Linux-Archivbibliothek macht Systeme angreifbar Root-Zugriff für alle: Kritische Sudo-Lücke gefährdet unzählige Linux-Systeme Claude Mythos ist der Hype gerechtfertigt?
-
TrickMo Android Malware Targets Banking, Wallet, and Authenticator Apps
TrickMo, the Android banking malware, has resurfaced with a significantly redesigned architecture, targeting banking, fintech, wallet, and authenticator applications while introducing advanced stealth and network capabilities. Rather than introducing entirely new user-facing functionality, the latest TrickMo variant focuses on backend improvements. The malware retains its core device takeover (DTO) capabilities but enhances stealth, persistence, and…
-
Google Warns Hackers Are Using AI to Build Working Zero-Day Exploits
Artificial intelligence has officially transitioned from an experimental hacking novelty into an industrial-scale weapon for cybercriminals. Google Threat Intelligence Group (GTIG) adversaries are now actively using generative AI models to discover vulnerabilities and engineer functional zero-day exploits. This marks a significant escalation in the cyber threat landscape, shifting AI’s role from a simple research assistant…
-
84 npm Packages Linked to TanStack Hit by Supply-Chain Breach
A massive supply chain breach affecting 84 npm packages within the widely used TanStack ecosystem. Malicious actors compromised these packages by injecting a sophisticated credential-stealing tool designed to target continuous integration environments such as GitHub Actions. Packages such as React Router, which sees over 12 million weekly downloads, were modified, posing a severe threat to…
-
Checkmarx Jenkins AST Plugin Compromised in KICS Supply Chain Attack
Supply chain campaign has now extended to Checkmarx’s Jenkins ecosystem, with attackers pushing a malicious Checkmarx Jenkins AST plugin to the official Jenkins Marketplace as part of the ongoing KICS/Trivy-linked compromise. The rogue release is identified as version 2026.5.09 and includes tampered plugin artifacts, while the last known-good Jenkins AST plugin build remains 2.0.13-829.vc72453fa_1c16, released…
-
HEIDI: Free IDE security plugin for open-source vulnerability checks
Open-source dependencies make up a large percentage of the code in production applications, and most vulnerability checks still run late in the pipeline, inside CI/CD systems … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/heidi-free-ide-security-plugin/ also interesting: “Ratten”-Malware greift Kameras und DVR an 10 top XDR tools and how to evaluate them Apache NiFi Vulnerability…
-
Die Augen weit offen: Wie man die Sicherheits- und Datenschutzrisiken von Smart Glasses entschärft
Tags: unclassifiedIntelligente Brillen ermöglichen es jedem, die Welt um sich herum zu verfolgen und aufzuzeichnen. Das könnte Ihre Daten und die Privatsphäre der Menschen in Ihrer Nähe gefährden. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/privatsphare/die-augen-weit-offen-wie-man-die-sicherheits-und-datenschutzrisiken-von-smart-glasses-entscharft/ also interesting: ConnectWise Rolls Out Security360 and Sidekick for Security Exclusive bolsters APAC operations How we lead shapes everything Vorsicht…
-
The hidden smart fridge risks that emerge years after purchase
Household refrigerators are built to last more than a decade. The software, cloud services, and mobile apps that control them are not. A new analysis from Erik Buchmann at … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/iot-smart-fridge-risks/ also interesting: Cybersecurity Snapshot: New Standard for AI System Security Published, While Study Finds Cyber Teams Boost…
-
Phishing-Großangriff seit vier Jahren: Operation HookedWing
Tags: phishingSeit über vier Jahren infiltriert die Operation HookedWing gezielt kritische Sektoren durch Phishing. Über 500 Organisationen sind vom Datendiebstahl betroffen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/phishing-grossangriff-vier-jahre also interesting: Scattered Spider nimmt Luftfahrtbranche ins Visier Phishing Dominates EU-Wide Intrusions, says ENISA APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign Apple account change…
-
Arbeitswelt: 3 von 10 Befragten können sich KI als Chef-Ersatz vorstellen
Tags: aiFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/arbeitswelt-3-von-10-befragten-ki-chef-ersatz-vorstellbar also interesting: Business Case for Agentic AI SOC Analysts Moderne Authentifizierung und digitale Souveränität im Fokus Attackers Used AI to Breach an AWS Environment in 8 Minutes Anthropic Debuts Claude Code Security AI Now Scan Vulnerabilities in Your Entire Codebase
-
Pressure mounts on Canvas as data leak extortion deadline looms
Attackers affiliated with The Com are threatening to leak data from more than 8,800 school systems if Instructure doesn’t pay a ransom. First seen on cyberscoop.com Jump to article: cyberscoop.com/canvas-instructure-data-theft-extortion-the-com/ also interesting: Dell Data Breach World Leaks Group Hacks Test Lab Platform Ransomware attacks: The evolving extortion threat to US financial institutions Red Hat data…
-
Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched
Tags: access, attack, business, control, cve, cybersecurity, exploit, flaw, group, incident response, infosec, linux, LLM, mitigation, risk, service, strategy, switch, technology, tool, update, vulnerability, zero-day), a logic bug which lets users easily obtain root access, and Dirty Frag, which abuses weaknesses in how the Linux kernel handles fragmented memory pages. The Dirty Frag attack combines two separate vulnerabilities affecting the Linux IPsec Encapsulating Security Payload (ESP) subsystem (CVE-2026-43284) and the RxRPC networking protocol (CVE-2026-43500). The proposal has set off a furious…
-
New GhostLock tool abuses Windows API to block file access
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-ghostlock-tool-abuses-windows-api-to-block-file-access/ also interesting: Cybersecurity Snapshot: AI Will Take Center Stage in Cyber in 2026, Google…
-
Official CheckMarx Jenkins package compromised with infostealer
Tags: application-securityCheckmarx warned over the weekend that a rogue version of its Jenkins Application Security Testing (AST) plugin had been published on the Jenkins Marketplace. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/official-checkmarx-jenkins-package-compromised-with-infostealer/ also interesting: DEF CON 32 AppSec Village Speed Bumps and Speed HacksP: Adventures in Car Mfg Security Securing the Future Together: Why Thales…
-
GM agrees to $12.75M California settlement over sale of drivers’ data
California Attorney General Rob Bonta announced a proposed $12.75 million settlement agreement with General Motors (GM) over allegations that the company violated the California Consumer Privacy Act (CCPA). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/gm-agrees-to-1275m-california-settlement-over-sale-of-drivers-data/ also interesting: Italy Fines OpenAI Euro15 Million for ChatGPT GDPR Data Privacy Violations Meta to Train AI on E.U.…
-
Core42 partners with Solutions+ on Mubadala sovereign AI
Agreement announced at Make it in the Emirates will see Core42 provide sovereign cloud and AI infrastructure while Solutions+ delivers implementation services and enterprise AI applications across Mubadala portfolio companies and government entities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642883/Core42-partners-with-Solutions-on-Mubadala-sovereign-AI also interesting: Cybersecurity Snapshot: Security Lags Cloud and AI Adoption, Tenable Report Finds, as…
-
The Netherlands leads in quantum technology but lags on quantum security
The Dutch government has invested Euro615m to build a world-class quantum technology ecosystem, but many institutions have not started any quantum-specific preparations to protect themselves against the security threat First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642917/The-Netherlands-leads-in-quantum-technology-but-lags-on-quantum-security also interesting: What is AI fuzzing? And what tools, threats and challenges generative AI brings Vulnerability monitoring service…
-
ServiceNow Knowledge 2026: FedEx digital chief unpacks agentic AI’s potential
Speaking to Computer Weekly at ServiceNow Knowledge 2026, Vishal Talwar, FedEx’s executive vice-president and CDIO, lays out the company’s mission to scale artificial intelligence responsibly First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642894/ServiceNow-Knowledge-2026-FedEx-digital-chief-unpacks-agentic-AIs-potential also interesting: Hacker Exploits AI Art Tool to Steal 1.1TB of Disney Data Cybersecurity Snapshot: NIST Offers Zero Trust Implementation Advice, While…
-
ICO fines Cl0p victim South Staffs Water over data breach
The ICO has levied a reduced fine on South Staffordshire Water following cyber improvements in the wake of a Cl0p ransomware attack First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642957/ICO-fines-Cl0p-victim-South-Staffs-Water-over-data-breach also interesting: Rite Aid disclosed data breach following RansomHub ransomware attack Password managers under increasing threat as infostealers triple and adapt The Human Cost of…
-
UK government renews calls to sign Cyber Resilience Pledge
Westminster renews calls for business leaders to sign up to its yet-to-be-launched Cyber Resilience Pledge and highlights growth, and challenges, for the UK’s cyber economy. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642938/UK-government-renews-calls-to-sign-Cyber-Resilience-Pledge also interesting: UK Unveils Draft Cybersecurity Governance Code to Boost Business Resilience 10 key questions security leaders must ask at RSA 2025…