Collecting Cyber-News from over 60 sources

Tag: access

Grafana says stolen GitHub token let hackers steal codebase

May 18, 2026 5:00 PM

Tags: access, breach, github, hacker

Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/grafana-says-stolen-github-token-let-hackers-steal-codebase/
Famoussparrow-Gruppe tarnt sich optimal für langfristigen Zugriff auf das Opfernetz

May 18, 2026 4:01 PM

Tags: access, cyberattack

Cyberangriffe auf die Öl- und Gasindustrie im Südkaukasus verdienen angesichts der zunehmenden Relevanz der Region für die europäische Energieversorgung eine besondere Aufmerksamkeit. Offenbar verlagern Cyberkriminelle mit staatlich-chinesischem Hintergrund wie etwa <> ihre Aktivitäten in diese Region. Die Bitdefender Labs haben eine gezielte Attacke auf ein aserbaidschanisches Energie-Infrastrukturunternehmen analysiert, die mit großer Wahrscheinlichkeit der […] First…
New image-based prompt injection attack targets multimodal AI models

May 18, 2026 4:01 PM

Tags: access, ai, attack, control, defense, exploit, framework, guide, injection, open-source

Researchers claim strong black-box transferability: The researchers evaluated the technique against multiple open-source LVLMs, including MiniGPT4, BLIP-2, InstructBLIP, BLIVA, and Qwen2.5-VL, the paper added.According to the paper, the attack achieved an average success rate of 66.36% across tested models, outperforming prior baseline attacks by roughly 41 percentage points.The researchers also said the technique demonstrated “strong…
‘Patched’ Windows bug resurfaces 6 years later as working SYSTEM-level exploit

May 18, 2026 3:00 PM

Tags: access, cve, edr, exploit, flaw, microsoft, service, update, vpn, vulnerability, windows

Nightmare-Eclipse’s Windows disclosure spree keeps growing: MiniPlasma is only the latest entry in what has become one of 2026’s most chaotic Windows disclosure runs.The spree began with BlueHammer, a Windows Defender privilege escalation flaw later assigned CVE-2026-33825. That was followed by RedSun and UnDefend, two additional Windows privilege escalation and denial-of-service disclosures. Huntress later reported…
Developer Workstations Are Now Part of the Software Supply Chain

May 18, 2026 2:00 PM

Tags: access, api, cloud, credentials, docker, malicious, pypi, software, supply-chain

Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer environments and CI/CD pipelines, including API keys, cloud…
Why the best security investment a board can make in 2026 isn’t another tool

May 18, 2026 12:00 PM

Tags: access, ai, api, attack, automation, breach, cloud, credentials, data, detection, endpoint, governance, monitoring, network, risk, service, technology, tool

Attackers don’t break through your defenses. They walk between them: The most effective attacks today don’t target any single tool’s coverage area. They move through the seams. An attacker who compromises a valid credential doesn’t trigger endpoint detection. An attacker who moves from one cloud service to another using legitimate trust relationships doesn’t trip network…
AI coding is fueling a secrets-sprawl crisis few CISOs are containing

May 18, 2026 12:00 PM

Tags: access, ai, api, automation, awareness, business, ceo, ciso, control, credentials, data-breach, detection, governance, identity, leak, privacy, programming, risk, service, software, supply-chain, threat, tool, training, unauthorized

Addressing the broader issue: As AI-assisted coding expands, security leaders must rethink how they manage risk. That means looking beyond repositories and securing the full software development lifecycle (SDLC), including collaboration tools where credentials often show up.”We focus on both, but the risk profile is very different, what’s identified in Jira or Slack is far…
AI coding is fueling a secrets-sprawl crisis few CISOs are containing

May 18, 2026 12:00 PM

Tags: access, ai, api, automation, awareness, business, ceo, ciso, control, credentials, data-breach, detection, governance, identity, leak, privacy, programming, risk, service, software, supply-chain, threat, tool, training, unauthorized

Addressing the broader issue: As AI-assisted coding expands, security leaders must rethink how they manage risk. That means looking beyond repositories and securing the full software development lifecycle (SDLC), including collaboration tools where credentials often show up.”We focus on both, but the risk profile is very different, what’s identified in Jira or Slack is far…
Attackers accessed, downloaded code from Grafana Labs’ GitHub

May 18, 2026 12:00 PM

Tags: access, data, github, open-source, threat

A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/18/attackers-accessed-downloaded-code-from-grafana-labs-github/
OtterCookie Malware Steals Dev Secrets, SSH Keys, Cloud Credentials, and Tokens

May 18, 2026 11:01 AM

Tags: access, cloud, control, credentials, cyber, data, malware, threat

A newly analyzed malware strain, OtterCookie, is emerging as a serious threat to developers, quietly harvesting sensitive data from active workstations in real time. Unlike earlier assumptions, OtterCookie is not a variant of BeaverTail but a separate Node. js-based remote access trojan (RAT) with a different command-and-control design and a stronger focus on continuous surveillance.…
Exploit available for new DirtyDecrypt Linux root escalation flaw

May 18, 2026 10:00 AM

Tags: access, exploit, flaw, linux, vulnerability

A recently patched local privilege escalation vulnerability in the Linux kernel’s rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/exploit-available-for-new-dirtydecrypt-linux-root-escalation-flaw/
Exploit available for new DirtyDecrypt Linux root escalation flaw

May 18, 2026 10:00 AM

Tags: access, exploit, flaw, linux, vulnerability

A recently patched local privilege escalation vulnerability in the Linux kernel’s rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/exploit-available-for-new-dirtydecrypt-linux-root-escalation-flaw/
Grafana Labs Confirms Security Incident Involving GitHub Codebase Access

May 18, 2026 8:00 AM

Tags: access, credentials, cyber, github, leak, risk, security-incident, software, supply-chain, threat, unauthorized

Grafana Labs has confirmed a security incident involving unauthorized access to its internal GitHub environment, after a threat actor obtained a compromised access token and downloaded portions of the company’s codebase. The disclosure, made via an official statement on May 17, 2026, highlights growing risks around credential leaks and software supply chain exposure. Grafana Labs…
New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC released

May 18, 2026 1:00 AM

Tags: access, cybersecurity, exploit, windows, zero-day

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed “MiniPlasma” that lets attackers gain SYSTEM privileges on fully patched Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released/
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

May 17, 2026 11:00 AM

Tags: access, breach, data, extortion, github

Grafana has disclosed that an “unauthorized party” obtained a token that granted them the ability to access the company’s GitHub environment and download its codebase. “Our investigation has determined that no customer data or personal information was accessed during this incident, and we have found no evidence of impact to customer systems or operations,” Grafana…
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution

May 16, 2026 8:00 PM

Tags: access, apt, backdoor, botnet, control, detection, group, malware, microsoft, russia, tool

Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution

May 16, 2026 8:00 PM

Tags: access, apt, backdoor, botnet, control, detection, group, malware, microsoft, russia, tool

Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution

May 16, 2026 8:00 PM

Tags: access, apt, backdoor, botnet, control, detection, group, malware, microsoft, russia, tool

Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution

May 16, 2026 8:00 PM

Tags: access, apt, backdoor, botnet, control, detection, group, malware, microsoft, russia, tool

Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
JDownloader Website Hack Exposes Windows and Linux Users to Malicious Installers

May 16, 2026 1:00 PM

Tags: access, cyber, linux, malicious, malware, open-source, threat, unauthorized, windows

A popular open-source download manager trusted by millions suddenly became a malware delivery platform after attackers compromised its official website, replacing legitimate installers with trojanized versions targeting both Windows and Linux users. The incident, confirmed by JDownloader developers, occurred between May 6 and May 7, 2026, when threat actors gained unauthorized access to the project’s web…
Linux “ssh-keysign-pwn” Flaw Exposing Critical Authentication Files

May 16, 2026 11:00 AM

Tags: access, authentication, cyber, flaw, linux, password, unauthorized, vulnerability

A newly disclosed Linux kernel vulnerability, dubbed >>ssh-keysign-pwn<< by Qualys researchers, exposes millions of Linux systems to unauthorized access to sensitive SSH private keys and hashed passwords stored in /etc/shadow. Tracked as CVE-2026-46333 and GHSA-pm8f-4p6p-6×53, the flaw has existed undetected for approximately six years and was published to the National Vulnerability Database on May 15, 2026. Linux "ssh-keysign-pwn" Flaw At the…
New Cisco SD-WAN Zero-Day Grants Admin Access

May 16, 2026 1:00 AM

Tags: access, authentication, cisco, exploit, vulnerability, zero-day

Broken vdaemon Peering Authentication Enables Unauthenticated Admin Access. A maximum-severity vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited, giving attackers administrative privileges without authentication. The authentication bypass vulnerability stems from a broken peering authentication mechanism. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/new-cisco-sd-wan-zero-day-grants-admin-access-a-31708
Expired domain leads to supply chain attack on node-ipc npm package

May 16, 2026 12:00 AM

Tags: access, attack, cloud, control, credentials, data, data-breach, detection, dns, docker, email, github, gitlab, group, ibm, macOS, malicious, microsoft, open-source, password, service, software, supply-chain

require(‘node-ipc’). The trojanized versions were designed to remain fully functional to avoid immediate detection, which together with other decisions attackers took, such as data exfiltration via DNS TXT, suggest stealthiness was a top priority.Once executed, the malicious code collects information about the host system, including operating system version, hostname, and environment variables. It then starts…
Anthropic Warns US Risks Losing AI Edge to China Over Chips

May 16, 2026 12:00 AM

Tags: access, ai, china, control, infrastructure, risk

New Report Warns China Could Reach Frontier AI Near-Parity by 2028. Anthropic warned that weak chip export controls, model distillation and expanded Chinese access to advanced compute infrastructure could erode Washington’s frontier AI advantage and accelerate Beijing’s push toward near-parity in advanced AI systems. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/anthropic-warns-us-risks-losing-ai-edge-to-china-over-chips-a-31702
A hotel check-in system left a million passports and driver’s licenses open for anyone to see

May 15, 2026 10:00 PM

Tags: access, cloud, data

The tech company that maintains the hotel check-in system set its cloud storage to public, allowing anyone to access customers’ data without a password. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/15/a-hotel-check-in-system-left-a-million-passports-and-drivers-licenses-open-for-anyone-to-see/
Two Unpatched Windows Exploits Target BitLocker, SYSTEM Access

May 15, 2026 9:00 PM

Tags: access, control, exploit, microsoft, update, windows

Two unpatched Windows exploit PoCs target BitLocker protections and privilege controls after Microsoft’s May Patch Tuesday security update. The post Two Unpatched Windows Exploits Target BitLocker, SYSTEM Access appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-unpatched-windows-exploits-bitlocker-privilege-escalation/
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

May 15, 2026 8:00 PM

Tags: access, backdoor, botnet, cybersecurity, group, hacking, infrastructure, russia, service

The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that’s engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is assessed to be affiliated with Center 16 of Russia’s Federal Security Service (FSB) First…
Google lets Workspace admins apply one policy across all SAML apps

May 15, 2026 4:00 PM

Tags: access, google

Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third-party or internal … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/15/google-workspace-caa-default-policy-saml-applications/
Cisco warns of an actively exploited SD-WAN flaw with max severity

May 15, 2026 3:00 PM

Tags: access, advisory, cisco, cloud, control, cve, cvss, cybersecurity, data-breach, exploit, flaw, infrastructure, kev, malicious, mitigation, network, service, software, update, vulnerability

root user account,” Cisco said. “Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.”The issue, tracked as CVE-2026-20182, received a max-severity rating of CVSS 10.0. The company said that the issue is configuration-independent, meaning vulnerable systems remain exposed regardless of deployment-specific settings.Cisco…
Autonomous systems are finally working. Security is next

May 15, 2026 1:00 PM

Tags: access, ai, cloud, credentials, data, defense, exploit, identity, infrastructure, injection, risk

Security still runs at human speed: Despite advances in infrastructure, cloud and AI, the underlying workflow of security operations has not fundamentally changed. At its core, security still operates as a human-driven process: Alerts are generated, analysts investigate, context is assembled manually and decisions are made under pressure. This model was sufficient when environments were…