The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2026-31431…
Disneyland Deploys Facial Recognition at Select Entrance Lanes to Prevent Pass Fraud
Disneyland has introduced select entrance lanes at its California theme park that use facial recognition technology. Thank you for being a Ghacks reader. The post Disneyland Deploys Facial Recognition at Select Entrance Lanes to Prevent Pass Fraud appeared first on…
IT Security News Hourly Summary 2026-05-03 00h : 1 posts
1 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-05-02
IT Security News Daily Summary 2026-05-02
42 posts were published in the last hour 19:15 : Ransomware Campaign Leverages QEMU to Slip Past Enterprise Defences 19:5 : IT Security News Hourly Summary 2026-05-02 21h : 1 posts 18:31 : Google AppSheet Exploited in 30,000-User Facebook Phishing…
Ransomware Campaign Leverages QEMU to Slip Past Enterprise Defences
In an effort to circumvent traditional security controls, hackers are increasingly relying on virtualisation as a covert execution layer, embedding malicious operations within QEMU environments. As observed in observed incidents, adversaries deployed concealed virtual machines in which tooling and…
IT Security News Hourly Summary 2026-05-02 21h : 1 posts
1 posts were published in the last hour 18:31 : Google AppSheet Exploited in 30,000-User Facebook Phishing Operation
Google AppSheet Exploited in 30,000-User Facebook Phishing Operation
Scammers are abusing Google AppSheet and Google Drive to bypass security filters and steal thousands of Facebook Business accounts globally. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Google…
Hackers Breach Government and Military Servers by Exploiting cPanel Vulnerability
A sophisticated adversarial campaign targeting South-East Asian government and military infrastructure, combining rapid exploitation of a critical cPanel authentication bypass with a custom zero-day exploit chain against an Indonesian defense-sector portal and ultimately pivoting to exfiltrate over 4GB of sensitive…
Trellix Source Code Breach – Hackers Gain Unauthorized Access to Repository
Cybersecurity giant Trellix has disclosed a significant security incident involving unauthorized access to a portion of its source code repository. The company confirmed the breach in an official statement published on its website, stating it immediately engaged leading forensic experts…
Two US cybersecurity experts sentenced in ransomware case, third awaits July ruling
Two US security experts were sentenced to 4 years for helping ransomware attacks. A third accomplice pleaded guilty and awaits sentencing. Two US cybersecurity professionals, Ryan Goldberg and Kevin Martin, were sentenced to four years in prison for their role…
I Mapped Every Major Startup Credit Program for 2026. Most Founders Are Leaving $500K+ on the Table
Founders raise venture money to extend runway. Then they leave six figures of free credits sitting in a portal they never logged into. After watching this happen for a decade, I built a public directory of every major program. Here’s…
Lazarus Hackers Steal $290M from KelpDAO in Cross-Chain Exploit
KelpDAO has become the latest DeFi project to face a major security crisis after a $290 million heist that investigators say is likely tied to North Korea’s Lazarus Group. The attack targeted rsETH, a restaked ether asset used across…
Terms And Conditions Grow Harder To Read As Platforms Limit Users’ Legal Rights Study Finds
Most people click “agree” without looking – yet those agreements keep getting harder to understand. Complexity rises, researchers note, just as user protections shrink. From Cambridge, a recent study points out expanded corporate access to personal information. Legal barriers…
IT Security News Hourly Summary 2026-05-02 18h : 1 posts
1 posts were published in the last hour 15:34 : [un]prompted 2026 – Source to Sink: Improving LLM Vuln Discovery
[un]prompted 2026 – Source to Sink: Improving LLM Vuln Discovery
Author, Creator & Presenter: Scott Behrens, Principal Security Engineer At Netflix & Justice Cassel, Application & GenAI Security At Netflix, Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the…
GoldPickaxe
The Mobile Malware That Doesn’t Just Steal Passwords, It Steals You This article has been indexed from CyberMaterial Read the original article: GoldPickaxe
Trellix discloses the breach of a code repository
Trellix disclosed a security breach affecting part of its source code repository, however, the company says there’s no sign of code misuse. Trellix revealed a breach that allowed unauthorized access to part of its source code repository. The company said…
IT Security News Hourly Summary 2026-05-02 15h : 2 posts
2 posts were published in the last hour 12:36 : 2 US Cybersecurity Experts Jailed for Aiding ALPHV (BlackCat) Ransomware 12:36 : Multiple Exim Mail Server Vulnerabilities Leads to Crash with Malicious DNS data
2 US Cybersecurity Experts Jailed for Aiding ALPHV (BlackCat) Ransomware
Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: 2 US…
Multiple Exim Mail Server Vulnerabilities Leads to Crash with Malicious DNS data
The Exim development team has released version 4.99.2 to address four newly discovered security vulnerabilities affecting their mail server software. These flaws allow attackers to potentially crash servers, corrupt memory, or leak sensitive information. Because Exim is one of the…
New Bluekit Phishing Kit Features AI Assistant
Still under development, Bluekit provides users with automated domain registration and an AI Assistant. The post New Bluekit Phishing Kit Features AI Assistant appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: New Bluekit…
Disneyland Now Uses Face Recognition on Visitors
Plus: The NSA tests Anthropic’s Mythos Preview to find vulnerabilities, a Finnish teen is charged over the Scattered Spider hacking spree, and more. This article has been indexed from Security Latest Read the original article: Disneyland Now Uses Face Recognition…
IT Security News Hourly Summary 2026-05-02 12h : 3 posts
3 posts were published in the last hour 9:34 : New Deep#Door RAT uses stealth and persistence to target Windows 9:34 : Web application testing with Burp Suite: a practical guide for UK SMEs 9:9 : Brace for the patch…
New Deep#Door RAT uses stealth and persistence to target Windows
Deep#Door hides a Python RAT inside a batch file, kills Windows defenses, survives via multiple persistence methods, and exfiltrates data through a public TCP tunnel. Security researchers at Securonix uncovered a sophisticated malware campaign called Deep#Door. Threat actors employed a…