Five major publishers, author Scott Turow sue Meta, Mark Zuckerberg over use of copyrighted works, in latest challenge over AI training This article has been indexed from Silicon UK Read the original article: Major Publishers Sue Meta Over AI Training
Massive “Low and Slow” DDoS Attack Hits Platform With 2.45 Billion in 5 Hours
DataDome researchers uncovered a massive low and slow DDoS attack that delivered 2.45 billion requests using 1.2 million IP addresses. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Massive…
Ransomware Gang Member Linked to Russian Cybercrime Group Sentenced to Prison
A Latvian national operating from Moscow has been sentenced to 102 months in federal prison for his role as a key negotiator within a prolific Russian ransomware network. Deniss Zolotarjovs, 35, participated in a cybercrime syndicate that orchestrated data theft…
Silicon STATES: Head-to-Head Interview: Peri Kadaster, Chief Communications Officer, Nearform
As AI accelerates across industries, US regulators face a critical balancing act—can innovation outpace oversight without undermining trust, governance, and global competitiveness? This article has been indexed from Silicon UK Read the original article: Silicon STATES: Head-to-Head Interview: Peri Kadaster,…
US Government To Review Major AI Models
Department of Commerce to evaluate models from Google, Microsoft, xAI to assess capabilities, potential security risks This article has been indexed from Silicon UK Read the original article: US Government To Review Major AI Models
Apple To Let iPhone Users Choose AI Models Across Multiple Tasks
Upcoming iOS 27 release reportedly to bring in ability to choose from multiple AI models for tasks such as writing, image generation This article has been indexed from Silicon UK Read the original article: Apple To Let iPhone Users Choose…
Iran-Linked Hackers Target Oman Ministries in Webshell and Data Theft Campaign
Iran-linked operators have mounted a broad espionage operation against multiple Omani ministries, abusing exposed webshells, SQL escalation scripts, and a poorly secured C2 server to steal judicial and identity data at scale. Attacker’s own open directory strongly suggests a Ministry…
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild. The vulnerability, tracked as CVE-2026-0300, has been described as a case of unauthenticated remote code execution.…
Google Chrome Is Silently Downloading a 4GB Gemini Nano AI Model to User Devices Without Consent
Google Chrome has been quietly downloading around 4GB of Gemini Nano AI model weights to user devices without their consent, and it automatically re-downloads t Thank you for being a Ghacks reader. The post Google Chrome Is Silently Downloading a…
Video game supply chain attack, Bleeding Llama, US gets early LLM access
Video game platform hit by supply chain attack Bleeding Llama could expose your data US gets more early LLM access Get the show notes here: https://cisoseries.com/cybersecurity-news-video-game-supply-chain-attack-bleeding-llama-us-gets-early-llm-access/ Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof…
Malicious OpenClaw Skill Targets Agentic AI Workflows to Deploy RATs and Stealers
OpenClaw’s agent “skill” ecosystem to deliver both Remcos RAT and a cross‑platform stealer called GhostLoader by hiding malware inside a deceptive DeepSeek integration called “DeepSeek‑Claw.” The campaign shows how agentic AI workflows with high local privileges can be quietly hijacked…
Zero-Auth Vulnerability Enables Cross-Tenant Access at DoD Contractor
A severe authorization vulnerability was recently discovered in Schemata, an AI-powered virtual training platform serving the United States Department of Defense. Security researcher Alex Schapiro, utilizing the open-source AI hacking agent Strix, identified a critical lack of API authorization. Backed…
Oracle Debuts Monthly Critical Security Patch Updates
Containing fixes for critical-severity vulnerabilities, the monthly rollouts will focus on addressing priority issues faster. The post Oracle Debuts Monthly Critical Security Patch Updates appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Oracle…
Meta Deploys AI to Scan Photos and Detect Underage Users on Facebook and Instagram
Meta has introduced an expanded AI system that scans photos and videos on Facebook and Instagram to estimate users’ ages by analyzing physical features such as Thank you for being a Ghacks reader. The post Meta Deploys AI to Scan…
IT Security News Hourly Summary 2026-05-06 09h : 1 posts
1 posts were published in the last hour 6:35 : Ransomware and Data Extortion Groups Intensify Targeting of Aviation and Aerospace Sector
Ransomware and Data Extortion Groups Intensify Targeting of Aviation and Aerospace Sector
The aviation and aerospace sector has become one of the most actively targeted industries by ransomware operators and data extortion groups in 2025 and 2026. From passenger-processing platforms to satellite-dependent navigation systems, attackers are finding that disrupting even a single…
Remus Infostealer Adopts Lumma-Style Browser Key Theft to Bypass App-Bound Encryption
Remus is a newly observed 64-bit infostealer that closely tracks the Lumma Stealer codebase while adding EtherHiding-based C2 resolution and a refined Application‑Bound Encryption (ABE) bypass for Chromium browsers. The first Remus activity dates back to early 2026, shortly after…
Vimeo Confirms Breach Exposing 119,000 Unique User Email Addresses
Video hosting platform Vimeo has confirmed a data breach that exposed approximately 119,000 unique user email addresses, attributing the incident to a security compromise at Anodot, a third-party analytics vendor integrated with its systems. The breach came to light after…
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via backdoor-laced Windows and Android games This article has been indexed from WeLiveSecurity Read the original article: A rigged game: ScarCruft compromises gaming…
Attackers Bypass Azure AD Conditional Access Using Phantom Device Registration
A recent authorized red team operation by Howler Cell has demonstrated a critical attack path that completely bypasses Microsoft Entra ID (Azure AD) Conditional Access. Azure Conditional Access acts as the primary gatekeeper for cloud identity security, enforcing access rules…
When Screens Turn Against You: The Dark Mechanics of Webcam Sextortion
In the dim privacy of a personal screen, where anonymity is often assumed and discretion rarely questioned, a silent threat has begun to take shape. What was once dismissed as a crude bluff has, in certain cases, evolved into…
Critical Palo Alto Firewall Vulnerability Enables Attackers to Gain Root Privileges
Palo Alto Networks has issued an urgent security advisory concerning a critical vulnerability affecting its PAN-OS software. Tracked as CVE-2026-0300, this high-severity security flaw carries a CVSS 4.0 base score of 9.3 and is currently experiencing limited active exploitation in…
Ransomware Gangs Escalate Attacks on Aviation and Aerospace Sector
Ransomware and data extortion groups are increasingly targeting the aviation and aerospace sector, exploiting interconnected systems, shared platforms, and identity-based access models to cause operational disruption and data compromise. Cyber risk across aviation has shifted beyond traditional IT incidents toward…
Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. The post Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…