Collecting Cyber-News from over 60 sources

Tag: infrastructure

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

May 15, 2026 8:00 AM

Tags: access, authentication, cisa, cisco, cve, exploit, infrastructure, kev, vulnerability

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026.The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It’s First seen on thehackernews.com…
U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog

May 14, 2026 10:00 PM

Tags: cisa, cisco, control, cve, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Catalyst SD-WAN, tracked as CVE-2026-20182 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Cisco fixed CVE-2026-20182, a flaw in SD-WAN control…
FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

May 14, 2026 4:00 PM

Tags: attack, authentication, business, cloud, communications, control, credentials, defense, detection, email, framework, government, infrastructure, login, malicious, malware, mfa, microsoft, phishing, service, theft

The campaign dynamically adapts to victims: After deobfuscation, the phishing payload loads infrastructure designed to impersonate Microsoft 365 and other login portals while dynamically adapting to targeted users.According to the report, the malware can determine which authentication provider should be impersonated, preload victim email addresses into phishing pages, and customize branding elements such as company…
New Malware Framework Enables Screen Control and UAC Bypass

May 14, 2026 3:00 PM

Tags: access, attack, control, cyber, framework, infrastructure, malware, open-source, tool

A sophisticated malware framework capable of screen control, browser artifact access, and User Account Control (UAC) bypass, highlighting how attackers are increasingly adapting open-source tools for real-world intrusions. The attack chain revealed a carefully staged operation designed to blend into normal enterprise traffic. Investigators observed suspicious infrastructure activity, host-level artifacts, and command-and-control (C2) communication patterns…
Critical Exim Mailer Flaw Enables Remote Code Execution Attacks

May 14, 2026 3:00 PM

Tags: attack, cve, cyber, email, flaw, infrastructure, Internet, linux, mail, remote-code-execution, vulnerability

A newly disclosed vulnerability in the widely used Exim mail transfer agent exposes thousands of internet-facing mail servers to unauthenticated remote code execution, threatening core email infrastructure across Linux and Unix-like systems. Tracked as CVE-2026-45185 and nicknamed “Dead.Letter,” the bug resides in Exim’s handling of TLS-encrypted SMTP traffic, and BDAT chunked message bodies when compiled…
How AI Hallucinations Are Creating Real Security Risks

May 14, 2026 3:00 PM

Tags: ai, data, exploit, infrastructure, risk, training

AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks certainty, it doesn’t have a mechanism to recognize that. Instead, it generates the most probable response based on patterns in its training data, even if that response is inaccurate.…
BlackBerry doubles down on secure communications

May 14, 2026 12:01 PM

Tags: ai, communications, cryptography, encryption, endpoint, infrastructure, military, threat

Having sold its Cylance endpoint security portfolio to Arctic Wolf, the former smartphone pioneer is doubling down on military-grade encryption and post-quantum cryptography to shield critical infrastructure from AI-driven threats First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643081/BlackBerry-doubles-down-on-secure-communications
Most Organizations Now Use AI Agents for Sensitive Security Tasks

May 14, 2026 12:01 PM

Tags: ai, attack, identity, infrastructure

Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/most-organizations-ai-agents/
UAE launches sovereign AI-driven Cyber Factory security initiative

May 12, 2026 1:18 PM

Tags: ai, cyber, infrastructure, resilience

UAE Cyber Security Council and CPX unveil national cyber manufacturing initiative aimed at strengthening digital sovereignty, AI-powered defence and critical infrastructure resilience First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642771/UAE-launches-sovereign-AI-driven-Cyber-Factory-security-initiative
Developer workstations are the new beachhead

May 12, 2026 1:18 PM

Tags: access, application-security, attack, authentication, cloud, container, control, credentials, edr, endpoint, exploit, github, group, Hardware, identity, incident response, infrastructure, malware, mfa, monitoring, network, software, supply-chain, threat, update

The economics that drive the convergence: A typical developer workstation holds SSH keys, cloud provider credentials, container registry tokens, Git authentication tokens and CI/CD pipeline secrets. Many developers have administrative access to internal package registries and deployment infrastructure. Their machines often sit outside the hardened perimeter that security teams build around production systems.From an attacker’s…
CISOs step into the AI spotlight

May 12, 2026 12:19 PM

Tags: ai, api, attack, automation, awareness, business, ciso, control, cyber, cybersecurity, data, defense, detection, exploit, finance, fraud, governance, identity, infrastructure, jobs, least-privilege, military, phishing, risk, service, social-engineering, software, technology, threat, tool, training, update, vulnerability, vulnerability-management

Move fast, keep risk at bay: Like Hensley, Jeff Trudeau, CSO of Chime, says the role is fundamentally shifting from a control function to a strategic partner in how the business adopts AI responsibly. At Chime, that means being embedded early in how AI is built and deployed, not reviewing it after the fact, Trudeau…
CISOs step into the AI spotlight

May 12, 2026 12:19 PM

Tags: ai, api, attack, automation, awareness, business, ciso, control, cyber, cybersecurity, data, defense, detection, exploit, finance, fraud, governance, identity, infrastructure, jobs, least-privilege, military, phishing, risk, service, social-engineering, software, technology, threat, tool, training, update, vulnerability, vulnerability-management

Move fast, keep risk at bay: Like Hensley, Jeff Trudeau, CSO of Chime, says the role is fundamentally shifting from a control function to a strategic partner in how the business adopts AI responsibly. At Chime, that means being embedded early in how AI is built and deployed, not reviewing it after the fact, Trudeau…
Core42 partners with Solutions+ on Mubadala sovereign AI

May 12, 2026 1:19 AM

Tags: ai, cloud, government, infrastructure, service

Agreement announced at Make it in the Emirates will see Core42 provide sovereign cloud and AI infrastructure while Solutions+ delivers implementation services and enterprise AI applications across Mubadala portfolio companies and government entities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642883/Core42-partners-with-Solutions-on-Mubadala-sovereign-AI
Staatsanwaltschaft: Ermittlungen zu Cyberangriff auf Südwestfalen-IT erfolglos

May 11, 2026 8:19 PM

Tags: cyberattack, infrastructure, ransomware

Der Angriff gilt als einer der bisher schwersten Schläge gegen die kommunale IT-Infrastruktur in Deutschland. Die Ransomware-Gruppe Akira bleibt unerkannt. Die Staatsanwaltschaft gibt auf. First seen on golem.de Jump to article: www.golem.de/news/staatsanwaltschaft-ermittlungen-zu-cyberangriff-auf-suedwestfalen-it-erfolglos-2605-208550.html
New cybersecurity industry coalition aims to lead US critical infrastructure protection

May 11, 2026 7:19 PM

Tags: cybersecurity, infrastructure

The new Alliance for Critical Infrastructure’s biggest goal: changing how the nation plans for a major cybersecurity crisis. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-infrastructure-cybersecurity-coalition-aci-government/818662/
Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program

May 11, 2026 6:18 PM

Tags: ai, cyber, cybersecurity, identity, infrastructure

Dubai, UAE, May 11th, 2026, CyberNewswire Dubai-founded OTT Cybersecurity LLC also unveils the Agent Trust Protocol (ATP), the first open cryptographic standard for AI agent identity, scope, and action verification, slated for IETF submission. OTT Cybersecurity LLC, the company behind Lyrie.ai, today announced two milestones that together position the company as foundational infrastructure for […]…
New cybersecurity industry alliance aims to lead US critical infrastructure protection

May 11, 2026 5:20 PM

Tags: cybersecurity, infrastructure

The new Alliance for Critical Infrastructure’s biggest goal: changing how the U.S. plans for a major cybersecurity crisis. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-infrastructure-cybersecurity-coalition-aci-government/818662/
Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program

May 11, 2026 5:20 PM

Tags: ai, attack, ceo, cyber, cybersecurity, exploit, framework, github, Hardware, identity, infrastructure, Internet, penetration-testing, RedTeam, risk, threat, tool, vulnerability, zero-day

Identity, who the AI agent is.Scope, what it is authorized to do.Attestation, whether it or its instructions have been tampered with.Delegation, who delegated authority.Revocation, whether that authority has been revoked.”Every AI agent on the internet today is a stranger. You don’t know who it is, what it’s authorized to do, or whether it’s been tampered…
Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads

May 11, 2026 5:20 PM

Tags: access, advisory, ai, application-security, attack, authentication, breach, compliance, container, control, credentials, cybersecurity, gartner, governance, infrastructure, malicious, network, open-source, openai, password, service, software, supply-chain, vulnerability, windows

Part of a broader AI supply chain targeting: HiddenLayer, in its advisory, said that it identified six additional Hugging Face repositories uploaded under a separate account that used nearly identical loader logic and shared infrastructure with the campaign.The researchers also linked elements of the operation to earlier software supply-chain attacks involving npm typosquatting campaigns and…
1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolution

May 11, 2026 5:20 PM

Tags: ai, attack, authentication, breach, cloud, control, credentials, data, data-breach, defense, exploit, framework, governance, identity, infrastructure, Internet, LLM, malicious, monitoring, network, risk, service, supply-chain, threat, tool, vulnerability, zero-trust

The epistemological chasm: What renders MCP vulnerabilities particularly vexatious is the fundamental asymmetry they exploit between machine cognition and human oversight.Tool poisoning attacks insert malevolent instructions into tool metadata that LLMs process with complete fidelity but that remain utterly invisible to human operators. The machine perceives everything; its ostensible supervisors perceive nothing. We have unwittingly…
U.S. CISA adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog

May 11, 2026 5:20 PM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in BerriAI LiteLLM, tracked as CVE-2026-42208 (CVSS score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. At the end of April, attackers rapidly exploited the critical…
PCPJack Worm Targets Docker, Kubernetes, Redis, and MongoDB Credentials

May 8, 2026 8:49 AM

Tags: breach, cloud, container, credentials, cyber, data-breach, docker, extortion, framework, fraud, infrastructure, kubernetes, malware, spam, threat, worm

A newly identified malware framework dubbed PCPJack is targeting exposed cloud and container infrastructure to steal credentials at scale while actively removing artifacts linked to the TeamPCP threat actor. Unlike typical cloud-focused campaigns, PCPJack skips cryptomining entirely and instead appears optimized for fraud, spam, extortion, and resale of stolen access. TeamPCP itself drew attention earlier in 2026…
Einsatz Digitaler Zwillinge durch mangelnde IT-Infrastruktur und Daten gebremst

May 8, 2026 1:48 AM

Tags: infrastructure

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/einsatz-digital-zwilling-mangel-it-infrastruktur-daten-bremse
European leaders unveil tentative deal for AI Act simplification, including a ban on nudification tools

May 7, 2026 10:48 PM

Tags: ai, infrastructure, law, tool

The tentative deal responds to industry criticism by postponing enforcement of rules governing so-called “high-risk” AI tools involving biometrics and those used in employment, law enforcement and critical infrastructure to December 2027. First seen on therecord.media Jump to article: therecord.media/european-leaders-unveil-deal-ai-act-nudification
New PCPJack worm steals credentials, cleans TeamPCP infections

May 7, 2026 9:48 PM

Tags: access, cloud, credentials, data-breach, framework, infection, infrastructure, malware, worm

A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing TeamPCP’s access to the systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-pcpjack-worm-steals-credentials-cleans-teampcp-infections/
U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog

May 7, 2026 8:48 PM

Tags: cisa, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, mobile, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in the Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-6973 (CVSS score of 7.1), to its Known Exploited Vulnerabilities (KEV) catalog. Ivanti warns customers…
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

May 7, 2026 8:48 PM

Tags: cloud, container, credentials, cve, cybersecurity, data, data-breach, exploit, finance, framework, infrastructure, service, theft, worm

Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments.”The toolset harvests credentials from cloud, container, developer, productivity, and financial services, then exfiltrates the data through attacker-controlled infrastructure while attempting First seen on thehackernews.com Jump to article:…
Cyber Blind Spots: The hidden technology that poses the greatest security risk

May 7, 2026 4:48 PM

Tags: country, cyber, data, infrastructure, network, ransomware, risk, technology

By Peter Villiers, Director of Cyber Risk at Barrier Networks There’s a growing risk across the UK’s Critical National Infrastructure (CNI) that is placing the country at serious risk of disruption. It isn’t ransomware or a headline-grabbing data breach. It sits within the systems that keep the country running. The risk is growing over time,…
OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos

May 7, 2026 4:48 PM

Tags: ai, attack, cyber, infrastructure, LLM, openai, technology

Commercial AI models were used to help plan and conduct cyber-attack against operational technology of a water and drainage facility, say researchers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/llm-critical-infrastructure/
CISA Issues Warning Over Palo Alto PAN-OS Flaw Enabling Root-Level Access

May 7, 2026 3:48 PM

Tags: access, cisa, control, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, network, unauthorized, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a newly identified, severe vulnerability within Palo Alto Networks PAN-OS. Officially tracked as CVE-2026-0300, this critical flaw was aggressively added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on May 6, 2026. Because the vulnerability grants unauthorized users complete system control, federal agencies…