A sophisticated threat actor breached DigiCert’s internal support environment in early April 2026 by tricking support analysts into executing a disguised malicious screensaver file, ultimately obtaining stolen EV Code Signing certificates used to distribute the “Zhong Stealer” malware family. On…
Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks
Cisco on Monday announced its intent to acquire Astrix Security, a startup focused on securing non-human identities (NHIs) such as API keys, service accounts, and OAuth tokens increasingly used by applications and AI agents. In a blog post, Cisco said the acquisition…
How Mythos Signals Cybersecurity Disruption
What is Mythos Mythos is Anthropic’s latest AI model, and it is stirring up a tornado of concern in cybersecurity circles. Even before its release, Mythos discovered thousands of new sensitive vulnerabilities in commercial and open-source software, including all major…
U.S. Officials Consider Three-Day Patch Rule in Wake of Anthropic’s Mythos
Reuters reported that U.S. cybersecurity officials are weighing cutting the time federal agencies have to fix critical vulnerabilities from two weeks to three days after Anthropic’s Mythos AI model raises the specter of even faster attacks. Security pros say the…
IT Security News Hourly Summary 2026-05-04 21h : 3 posts
3 posts were published in the last hour 18:40 : Hackers are still exploiting the cPanel bug to gain control of thousands of websites 18:40 : Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools 18:40 : Securing…
Hackers are still exploiting the cPanel bug to gain control of thousands of websites
Days after the disclosure of a critical vulnerability in popular web hosting software cPanel and WHM, hackers keep targeting and hacking websites. This article has been indexed from Security News | TechCrunch Read the original article: Hackers are still exploiting…
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate Remote Monitoring and Management (RMM) software as a way to establish persistent remote access to compromised hosts. The activity, codenamed VENOMOUS#HELPER, has impacted…
Securing open proxies in your AWS environment
This article shows you how to identify and secure open proxies in your AWS environment to prevent abuse, protect your IP address reputation, and control costs. An open proxy is a server that forwards traffic on behalf of internet users…
TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03), (Mon, May 4th)
Summary This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03), (Mon, May 4th)
Canvas Breach May Put 275M Users, 9,000 Schools at Risk
Instructure confirms a Canvas breach involving user information and messages as hackers claim 275M users and nearly 9,000 schools were affected. The post Canvas Breach May Put 275M Users, 9,000 Schools at Risk appeared first on TechRepublic. This article has…
Trellix Source Code Repository Breached
The cybersecurity firm’s investigation has not found any impact on its source code release or distribution process. The post Trellix Source Code Repository Breached appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Trellix…
The AI Vulnerability Storm Is Here. Is Your Security Program Breach Ready?
How a new class of AI-powered attacks is redrawing the rules of cybersecurity, and why the organizations that survive will be those that build for containment, not just prevention. There is a moment in every technological shift when the future…
Randall Munroe’s XKCD ‘Centimeter Wavelengths’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Centimeter Wavelengths’ appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: Randall Munroe’s…
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule…
Securing the IT and OT Boundary in Geospatial Enterprise Systems
In modern infrastructure, the line between information technology (IT) and operational technology (OT) is blurring. Enterprise geographic information system (GIS) platforms, delivered by leading providers such as Environmental Systems Research Institute Inc. (Esri) as an implementation partner, unify spatial context…
Bluekit Phishing Kit Automates Domains, 2FA Lures, and Session Hijacking in One Panel
A newly identified phishing kit called Bluekit is changing how cybercriminals carry out phishing attacks by packing multiple attack capabilities into a single, easy-to-use operator panel. Rather than relying on separate tools stitched together from different sources, Bluekit gives attackers…
New MicroStealer Malware Actively Attacking Telecom & Education Sectors
A new infostealer malware called MicroStealer has quietly entered the threat landscape and is already showing a worrying reach. First spotted in December 2025, the malware has picked up speed fast, showing up across sandbox environments within weeks of its…
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
Microsoft Defender Research observed a large-scale credential theft campaign that exemplifies this trend, using code of conduct-themed lures, a multi-step attack chain, and legitimate email services to distribute fully authenticated messages from attacker-controlled domains. The post Breaking the code: Multi-stage…
Claude Desktop Silently Alters Browser Settings, Even on Uninstalled Browsers
Claude Desktop, Anthropic’s standalone AI app for macOS, has come under fire for quietly altering browser‑level settings on users’ machines—even when they have never installed or used certain browsers. Security and privacy researchers have found that the application drops…
New xlabs_v1 Botnet Targets Minecraft Servers Through ADB-Exposed Android Devices
A newly identified botnet called xlabs_v1 has been found targeting Minecraft game servers by exploiting Android devices with the Android Debug Bridge (ADB) port left open and exposed to the internet. The botnet is a modified version of the well-known…
Malicious Tanstack Package Uses Postinstall Script to Steal Developer Environment Files
A malicious npm package impersonating the widely trusted TanStack project was discovered on April 29, 2026, silently stealing developer environment files the moment it was installed. The attacker registered the unscoped “tanstack” package name on npm, dressed it up as…
[un]prompted 2026 – Why Most ML Vulnerability Detection Fails
Author, Creator & Presenter: Jenny Guanni Qu, AI Researcher At Pebblebed Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’ YouTube Channel. Permalink The post [un]prompted 2026 –…
⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The game…
New MOVEit vulnerabilities prompt urgent patch warning
Progress Software warned customers to immediately upgrade to versions of the file-transfer tool that fix the serious flaws. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: New MOVEit vulnerabilities prompt urgent patch warning