The Dutch National Police and the country’s National Cyber Security Center (NCSC) have taken offline 200 servers controlling a botnet of 17 million devices, the law enforcement agency announced on Thursday. The investigation was launched after the NCSC received a…
Cyber Briefing: 2026.05.29
Critical infrastructure and developer workflows are under sustained pressure from a combination of high-volume software vulnerabilities, supply chain credential theft, and state-sponsored attacks. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.05.29
Final 24 hours to save up to $410 on your TechCrunch Disrupt 2026 ticket
You now have until tonight at 11:59 p.m. PT to lock in Early Bird savings of up to $410 for TechCrunch Disrupt 2026 before prices increase. Join 10,000+ tech leaders in October for one of the most anticipated tech events…
Ransomware Abuses SYSTEM Task to Encrypt Drives with Elevated Privileges
A newly analyzed ransomware strain, “The Gentlemen,” is raising concern among security researchers due to its ability to combine strong encryption with aggressive lateral movement. What makes this threat particularly dangerous is its use of SYSTEM-level scheduled tasks to encrypt…
Securing and Governing AI Agents At Scale Through A Unified AI Gateway
Palo Alto Networks acquires Portkey, integrating its AI Gateway into Prisma AIRS. Get the unified control plane to securely govern and operationalize autonomous AI agents. The post Securing and Governing AI Agents At Scale Through A Unified AI Gateway appeared…
IT Security News Hourly Summary 2026-05-29 15h : 16 posts
16 posts were published in the last hour 13:3 : Oracle Critical Security Update – Patch for 35 New Vulnerabilities Across Products 13:2 : Legitimate-Looking Codex Remote UI Steals OpenAI Codex Authentication Tokens 13:2 : Hackers Use Fake Adobe Document…
Oracle Critical Security Update – Patch for 35 New Vulnerabilities Across Products
Oracle has rolled out its first Critical Security Patch Update (CSPU), delivering 35 new security fixes for serious vulnerabilities across several major product lines, including Oracle Database, Oracle REST Data Services, Oracle Communications Unified Assurance, Oracle E‑Business Suite, and Oracle…
Legitimate-Looking Codex Remote UI Steals OpenAI Codex Authentication Tokens
A polished, fully functional npm package has been caught secretly stealing OpenAI Codex authentication tokens from developers who trusted it. The package, named codexui-android, presented itself as a remote web UI for OpenAI Codex with no obvious signs of being…
Hackers Use Fake Adobe Document Cloud Pages to Deliver ScreenConnect Malware
A sophisticated phishing campaign is actively targeting financial organizations by using fake Adobe Document Cloud pages to silently install ScreenConnect remote access malware on victim machines. The operation is well-structured, deceptive, and difficult to detect because it blends into everyday…
Dutch cops wrest 17M devices from mystery botnet’s clutches
Hosting provider pulled the plug after police traced 200 servers to the Netherlands This article has been indexed from www.theregister.com – Articles Read the original article: Dutch cops wrest 17M devices from mystery botnet’s clutches
Gogs Zero-Day Exposes Servers to Remote Code Execution
The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with malicious branch names. The post Gogs Zero-Day Exposes Servers to Remote Code Execution appeared first…
Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
Threat actors from the Silent Ransom Group, aka Luna Moth, are escalating attacks by impersonating IT staff in phone calls and even showing up in person to gain direct access to victim systems This article has been indexed from www.infosecurity-magazine.com…
CyCOS Expands UK SME Cybersecurity Support
A UK pilot program designed to provide peer-led cybersecurity support to small and medium enterprises is preparing for significant expansion. This article has been indexed from CyberMaterial Read the original article: CyCOS Expands UK SME Cybersecurity Support
JINX-0164 Uses LinkedIn Lures to Deploy Custom macOS Malware
A newly identified threat actor tracked as JINX-0164 is targeting cryptocurrency organizations through sophisticated LinkedIn-based social engineering campaigns. The financially motivated group has been active since at least mid-2025. It is leveraging custom macOS malware, credential theft, and CI/CD pipeline…
DIL Observatory: when the World Escalates, the Underground Responds
Digital Intelligence Lab (DIL) launches an observatory for reading cyber events as what they actually are: signals of a broader social and geopolitical reality. The timing rarely lies, and the connection between real-world events and cyber activity is no longer…
Signal users targeted in backup-stealing phishing attacks
Cybercriminals are impersonating Signal Support to steal backup recovery keys, giving them access to victims’ entire message archives. This article has been indexed from Malwarebytes Read the original article: Signal users targeted in backup-stealing phishing attacks
New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian…
Typosquatted npm Packages Steal Cloud Secrets
A supply chain attack targeting the npm ecosystem has been discovered, with malicious actors deploying typosquatted packages designed to steal sensitive credentials from developers. This article has been indexed from CyberMaterial Read the original article: Typosquatted npm Packages Steal Cloud…
Trusted Dev Tools Abused in Supply Chain Attacks
Cybersecurity authorities are warning of an escalating threat to software development environments as attackers increasingly abuse trusted developer tools to breach supply chains. This article has been indexed from CyberMaterial Read the original article: Trusted Dev Tools Abused in Supply…
Iranian Hackers Hit LA Transit Network
A cyberattack that disrupted Los Angeles public transit systems in March 2024 has been linked to Iranian intelligence services, according to research published by Tel Aviv-based cybersecurity firm Gambit Security. This article has been indexed from CyberMaterial Read the original…
Email Deliverability Tools Market Growth
Email deliverability has become a critical infrastructure challenge as global inbox placement rates fell to 83.5% in 2024, according to Validity’s annual benchmark. This article has been indexed from CyberMaterial Read the original article: Email Deliverability Tools Market Growth
Google engineer charged with insider trading
Federal authorities have charged a Google security engineer with insider trading after the individual allegedly used confidential company information to win approximately $1.2 million on Polymarket, a decentralized prediction market platform that operates using cryptocurrency. This article has been indexed…
GREYVIBE Threat Actors Use ChatGPT and Google Gemini to Scale Cyberattack Operations
Threat actors are increasingly turning to generative AI tools such as ChatGPT and Google Gemini to accelerate cyberattack operations, lowering technical barriers and reshaping modern threat landscapes. A recent report by WithSecure highlights a Russia-linked threat group, tracked as GREYVIBE,…
Russia-linked threat group put ChatGPT to work from lure to payload
Researchers say ‘GREYVIBE’ crew used AI tools throughout a campaign targeting Ukrainian military and government This article has been indexed from www.theregister.com – Articles Read the original article: Russia-linked threat group put ChatGPT to work from lure to payload