A newly uncovered cyber campaign dubbed “Operation Dragon Whistle” is targeting China’s education sector with highly tailored spear-phishing attacks that deploy Cobalt Strike beacons via deceptive PDF/LNK files. The attackers crafted emails that impersonate official university communications, urging students and…
Third-Party Cyberattack Impacts Patient Information at The Oncology Institute
The Oncology Institute disclosed a data breach tied to a third-party vendor, potentially exposing patient information after a 2025 cyberattack. The Oncology Institute has confirmed that patient information was impacted in a cybersecurity incident involving a third-party software provider. The…
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon. The vulnerability, tracked…
Jailbroken Gemini AI Abused in Credential Theft and Crypto Wallet Heist
Jailbroken Gemini AI has been weaponised in a long-running campaign that combined political influence, credential theft, and a cryptocurrency wallet heist, all operated by a single threat actor using a fake “patriot” persona. Trend Micro researchers recently documented how a…
Anthropic Prepares Claude Mythos for Wider Release Through Claude Code
Anthropic is preparing to expand access to its most advanced AI model, Claude Mythos, signaling a shift from tightly controlled deployment to a staged commercial rollout under a new version labeled Mythos 1. The move suggests the company is transitioning…
Product showcase: F-Secure Internet Security blocks phishing sites, fake stores, and SMS scams
F-Secure Internet Security protects against viruses, ransomware, spyware, infected email attachments, and other cyber threats. It focuses on securing devices and online activity through malware protection, scam prevention, safe browsing, and banking safeguards. The platform supports Windows, macOS, Android, and…
Ransomware Uses ChaCha20 and Curve25519 to Encrypt Windows Files
Payload ransomware is a new Windows ransomware family that combines ChaCha20 stream encryption with per-file Curve25519 ECDH key exchange, making victim data effectively unrecoverable without the attackers’ private key. It also implements strong anti-forensics, including ETW patching, VSS deletion, event…
Hackers Abuse KnowledgeDeliver LMS Flaw to Install BLUEBEAM Web Shell
Hackers are actively exploiting a critical vulnerability in the KnowledgeDeliver Learning Management System (LMS) to deploy the BLUEBEAM web shell, according to findings from Mandiant’s Google Threat Intelligence Group. The flaw, tracked as CVE-2026-5426, enables unauthenticated remote code execution through…
New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems
A critical heap buffer overflow vulnerability has been disclosed in 7-Zip version 26.00, enabling attackers to achieve arbitrary code execution via a vtable hijack by exploiting a defect in the tool’s NTFS archive handler. Tracked as CVE-2026-48095 and assigned advisory…
Manage machine identities: The hidden privileged access layer you need to manage
Why are machine identities becoming the majority of “things with access”? Every automation, integration, and workload needs a way to authenticate and the right permissions to act. That quiet requirement has created a massive population of machine identities, also called…
Cybersecurity jobs available right now: May 26, 2026
Application Security Engineer IG Group | India | Hybrid – View job details As an Application Security Engineer, you will assess the security of web, mobile, and cloud applications through penetration testing, secure code reviews, threat modeling, and architecture reviews.…
IT Security News Hourly Summary 2026-05-26 06h : 1 posts
1 posts were published in the last hour 3:32 : Anthropic’s Restricted Claude Mythos Moves Toward Public Release via Claude Code and Security
Anthropic’s Restricted Claude Mythos Moves Toward Public Release via Claude Code and Security
Anthropic appears to be loosening its grip on Claude Mythos, the company’s most powerful and previously restricted AI model, with new signals pointing to a commercially versioned release under the name Mythos 1 (claude-mythos-1-preview), integrated directly into Claude Code and…
OpenCode’s Rapid Growth Reflects Rising Developer Concerns Over AI Vendor Dependence
A glaring divide is emerging in the AI coding industry as developers increasingly weigh the convenience of fully managed coding platforms against the flexibility of open-source alternatives designed to avoid dependence on a single provider. The debate intensified this…
Rising Digital Invitation Scams Highlight Need for Strong Cyber Awareness
What was once used for birthdays, weddings, corporate events, and social gatherings has increasingly been weaponized by cybercriminals as a sophisticated phishing technique. The security research community has observed that threat actors are increasingly using commonly used invitation platforms…
ISC Stormcast For Tuesday, May 26th, 2026 https://isc.sans.edu/podcastdetail/9944, (Tue, May 26th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, May 26th, 2026…
IT Security News Hourly Summary 2026-05-26 03h : 1 posts
1 posts were published in the last hour 0:32 : Possible ACR Stealer From Page Impersonating Claude, (Tue, May 26th)
Possible ACR Stealer From Page Impersonating Claude, (Tue, May 26th)
Introduction This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Possible ACR Stealer From Page Impersonating Claude, (Tue, May 26th)
Hacker Lists 340M OnlyFans User Records for Sale
A hacker is selling a 340M OnlyFans database, but the seller says old leaks and public data were used to link creators and subscribers to real identities. The post Hacker Lists 340M OnlyFans User Records for Sale appeared first on…
WhatsApp Local Storage Claim Raises Apple Privacy Questions
Researchers allege that WhatsApp’s local storage on macOS and iOS may raise privacy concerns, though experts dispute the broader claim. The post WhatsApp Local Storage Claim Raises Apple Privacy Questions appeared first on TechRepublic. This article has been indexed from…
IT Security News Hourly Summary 2026-05-26 00h : 3 posts
3 posts were published in the last hour 21:59 : IT Security News Daily Summary 2026-05-25 21:37 : Cloud Atlas APT Group Modifies termsrv.dll to Enable Multiple RDP Sessions on Victim Hosts 21:36 : InvisibleFerret Malware Now Ships as .pyd…
IT Security News Daily Summary 2026-05-25
100 posts were published in the last hour 21:37 : Cloud Atlas APT Group Modifies termsrv.dll to Enable Multiple RDP Sessions on Victim Hosts 21:36 : InvisibleFerret Malware Now Ships as .pyd and .so Files to Evade Script Detection 20:8…
Cloud Atlas APT Group Modifies termsrv.dll to Enable Multiple RDP Sessions on Victim Hosts
A well-known advanced persistent threat group called Cloud Atlas has been caught using a dangerous technique to hijack Windows systems without alerting anyone on the network. The group modifies a core Windows file called termsrv.dll to unlock multiple simultaneous Remote…
InvisibleFerret Malware Now Ships as .pyd and .so Files to Evade Script Detection
A North Korea-linked hacker group has quietly upgraded one of its most dangerous tools, making it harder for security software to detect. InvisibleFerret, an information-stealing malware tied to the threat actor known as Void Dokkaebi (also tracked as Famous Chollima),…