Security researchers have uncovered a gap in the way Anthropic Skill scanning tools inspect third-party AI packages, allowing malicious code hidden inside test files to execute on developer systems even after scanners marked the Skills as safe. The issue centers…
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine’s National Security and Defense Council) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in the country. The activity, per the…
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets…
Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations
How Frontier firms secure AI at scale: read how Microsoft customers embed governance, identity, and cloud security to make protection an enabler of AI growth. The post Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations…
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence
A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence server for credential theft and identity compromise. Learn how the threat actor attempted Kerberos relay and lateral movement, and how…
Kash Patel’s clothing brand website shut down after reports it was hacked
According to users on X, the website was hijacked by hackers in an attempt to trick visitors into installing malware. This article has been indexed from Security News | TechCrunch Read the original article: Kash Patel’s clothing brand website shut…
Android Malware Silently Subscribes Victims to Premium Services Without Consent
A newly uncovered Android malware campaign has been quietly draining money from mobile users across four countries by signing them up for paid services they never asked for. The operation ran for nearly ten months and carried out financial fraud…
CISA Warns of Microsoft Defender 0-Day Vulnerabilities Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Microsoft Defender vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations of active exploitation risks. The flaws, tracked as CVE-2026-45498 and CVE-2026-41091, impact Microsoft Defender and could…
IT Security News Hourly Summary 2026-05-22 18h : 3 posts
3 posts were published in the last hour 16:2 : AI-Driven Threats, Critical Vulnerabilities, and Supply Chain Breaches Define the Week in May 2026 15:32 : Operation Dragon Whistle Uses Malicious LNK Files to Target Changzhou University 15:31 : Iran-linked…
AI-Driven Threats, Critical Vulnerabilities, and Supply Chain Breaches Define the Week in May 2026
Weekly summary of Cybersecurity Insider newsletters for May 2026. The post AI-Driven Threats, Critical Vulnerabilities, and Supply Chain Breaches Define the Week in May 2026 appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
Operation Dragon Whistle Uses Malicious LNK Files to Target Changzhou University
A newly uncovered cyber operation has raised concerns among security professionals after a coordinated wave of attacks targeted government institutions in Pakistan. The campaign, now tracked as Operation Dragon Whistle, used highly convincing phishing emails to trick employees into opening…
Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
Companies, particularly those in the affected industries, should harden their defenses against impersonation schemes, Palo Alto Networks said. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Iran-linked hackers target key US, allied sectors…
RemotePE: The Lazarus RAT that lives in memory
Authors: Yun Zheng Hu and Mick Koomen Summary Last year, we published research about a North Korean Lazarus subgroup targeting financial and cryptocurrency organizations, encountered during multiple incident response engagements. This Lazarus subgroup overlaps with activity linked to AppleJeus, Citrine…
Trump Mobile confirms it exposed customers’ personal data, including phone numbers and home addresses
President Trump’s branded cell phone maker and cell provider said the exposure was linked to a third-party platform, and was evaluating whether it needs to notify customers. This article has been indexed from Security News | TechCrunch Read the original…
Authorities arrest 23-year-old accused of running the Kimwolf botnet
Canadian authorities arrested a 23-year-old Ottawa man accused of running the Kimwolf DDoS botnet. The US is now seeking extradition. US authorities have charged 23-year-old Jacob Butler (aka “Dort”), an Ottawa resident, for allegedly operating the recently disrupted Kimwolf botnet.…
Hackers Hide Malware Payloads Inside Nested macOS-Like Folders to Evade Scanning
Hackers are quietly hiding Windows malware inside nested folders that imitate macOS system paths, making dangerous payloads look like harmless archives to the untrained eye. By burying their tools several layers deep, they aim to slip past automated scanning and…
Canadian Man Arrested for Operating KimWolf DDoS Botnet Hacking 2 Million Devices
Canadian and U.S. authorities have arrested and charged a 23‑year‑old Ottawa resident for allegedly operating “KimWolf,” a massive Internet‑of‑Things (IoT) DDoS‑for‑hire botnet that weaponized more than a million connected devices worldwide, including systems in Alaska and on the U.S. Department…
In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
Other noteworthy stories that might have slipped under the radar: CISA contractor exposes credentials, Mythos testing and new features, Huawei router flaw triggered telecom blackout. The post In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking…
Data Leak: Instructure, Canvas Allegedly Hacked, ShinyHunters Claim Responsibility
Instructure, a cloud-based LMS Canvas company was hit by a massive data attack. Ransomware gang ShinyHunters claimed responsibility for the attack, saying that it had stolen data related to 280 million students, teachers, and school staff. 100s of GBs data…
9-Year-Old Linux bug Found by Researchers, Could Leak Data
Experts have revealed details of a bug in the Linux kernel that stayed unnoticed for nine years. The flaw is tracked as CVE-2026-46333 (CVSS score: 5.5). Improper bug management The incident is improper privilege management that could have allowed threat…
ShinyHunters Cyberattack Disrupts Canvas Platform Across Universities and Schools
This week, a significant digital breach affected educational institutions throughout the United States, Canada, and Australia. The incident followed claims by the hacking collective ShinyHunters. Their target: Canvas, a commonly adopted online learning system. Despite its widespread use, the…
$20 per zero-day is already the WordPress plugin reality
Vulnerability researchers have spent the past year arguing about whether AI agents can find real bugs at scale or whether they mostly generate noise. A pipeline built in three days by researchers from TrendAI and CHT Security supplies an answer,…
Cyber Briefing: 2026.05.22
Sophisticated state-sponsored actors and cybercriminals are increasingly weaponizing legitimate cloud APIs and social platforms to conduct espionage and disinformation, while the rapid integration… This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.05.22
5,561 GitHub Repositories Hit by Megalodon Supply Chain Attack in Six Hours
SafeDep uncovered the Megalodon attack targeting 5,561 GitHub repositories with malicious CI workflows and cloud credential theft. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: 5,561 GitHub Repositories Hit…