IT Security News Daily Summary 2026-05-20

168 posts were published in the last hour

• 21:34 : Browser Threats Are Expanding the SMB Attack Surface
• 21:34 : PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch
• 21:34 : Trapdoor Android Ad Fraud Operation Uses 455 Malicious Apps to Generate Fake Clicks
• 21:4 : Even Claude agrees: hole in its sandbox was real and dangerous
• 21:4 : Why Policy in Amazon Bedrock AgentCore chose Cedar for securing agentic workflows
• 20:2 : The npm Threat Landscape: Attack Surface and Mitigations (Updated May 20)
• 20:2 : Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs
• 19:5 : IT Security News Hourly Summary 2026-05-20 21h : 7 posts
• 19:4 : Detecting Bugs and Vulnerabilities in Java With SonarQube
• 19:4 : Securing the American Experience
• 18:34 : PinTheft Linux Vulnerability Let Attackers Gain Root Access – PoC Released
• 18:34 : DevilNFC Android Malware Uses Kiosk Mode to Trap Victims During NFC Relay Attacks
• 18:34 : Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft
• 18:5 : Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft
• 18:5 : Microsoft Launches New Surface AI PCs for Business Buyers
• 18:4 : CISA Contractor Exposed Sensitive Credentials in Public GitHub Repository
• 18:4 : CISA Adds Seven Known Exploited Vulnerabilities to Catalog
• 18:4 : Securing the gaming culture of cultures
• 18:4 : AWS Security Hub Extended: Why enterprise security products should sell themselves
• 17:34 : A New York Cop Got Injured at a Boxing Match. Now Madison Square Garden Is Banning His Lawyer
• 17:34 : How to Close the Most Expensive Gap in Your SOC
• 17:34 : Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
• 16:32 : Madison Square Garden Bans Lawyer Representing New York Cop Injured at a Boxing Match
• 16:31 : Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow
• 16:5 : IT Security News Hourly Summary 2026-05-20 18h : 15 posts
• 16:4 : Fake malware-signing service Fox Tempest dismantled by Microsoft
• 16:4 : Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
• 16:4 : Quantum Bridge Raises $8 Million for Quantum-Safe Key Distribution Solution
• 16:4 : Pulitzer-Winning Journalists Expose the Human Cost and Hidden Network Behind Digital Arrest Scams
• 15:34 : Customers say Trump Mobile is leaking their personal information
• 15:34 : Microsoft issues YellowKey mitigation, no patch yet
• 15:34 : European Union Agrees to Ban AI Generated Non Consensual Sexualized Deepfakes
• 15:34 : PCPJack Worm Steals Cloud Credentials While Wiping Out TeamPCP Infections
• 15:34 : Token Pilfering: How Token Theft is Plaguing Cybersecurity
• 15:34 : Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users
• 15:5 : Understanding Trend Structure: Higher Highs and Lower Lows Explained
• 15:5 : Critical ExifTool Vulnerability Allows Attackers to Compromise Macs via Single Malicious Image
• 15:5 : FreePBX Vulnerability Allow Attackers to Gain Access to User Portals
• 15:5 : Pardus Linux Local Privilege Escalation Flaw Allows Silent Root Access
• 15:5 : Grafana GitHub Breach Linked to TanStack npm Supply Chain Ransomware
• 15:4 : AI-Powered App Attacks Are Faster, More Frequent and Harder to Stop
• 15:4 : Webworm APT targets European government organizations with new backdoors
• 15:4 : Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
• 15:4 : Mini Shai-Hulud Hits Hundreds of npm Packages in AntV Ecosystem
• 15:4 : 7-Eleven hit by data breach
• 14:32 : On AI Security
• 14:32 : Critical flaw in software powering a third of the internet is already being exploited – free checker now available
• 14:32 : NanoCo lands $12 million seed funding, launches enterprise assistant built on NanoClaw
• 14:32 : Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
• 14:31 : Cyber Briefing: 2026.05.20
• 14:2 : GitHub Breach: TeamPCP Steals 3,800 Repositories via VS Code Extension
• 14:2 : Grafana GitHub Security Incident Reportedly Connected to TanStack npm Ransomware
• 14:2 : 1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials
• 13:34 : Critical ExifTool Vulnerability Lets Hackers Compromise Macs via Malicious Images
• 13:34 : Taking care of business: The CISO’s role in a cyber crisis
• 13:34 : GitHub says hackers stole data from thousands of internal repositories
• 13:34 : Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free
• 13:34 : Exploited Faster, Patched Slower: Verizon DBIR 2026 Shows Security Teams Losing Ground
• 13:34 : Agent AI is Coming. Are You Ready?
• 13:34 : Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
• 13:5 : IT Security News Hourly Summary 2026-05-20 15h : 13 posts
• 13:5 : Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches
• 13:5 : Gremlin Stealer Hides C2 and Exfiltration Paths in Encrypted Resources
• 13:4 : Hackers Abuse MSHTA Legacy Windows Tool to Deliver LummaStealer and Amatera Malware
• 13:4 : Microsoft Python Client DurableTask Compromised by TeamPCP Hackers
• 13:4 : Hackers Use Single-Letter Go Module Typosquat to Deploy DNS-Based Backdoor
• 13:4 : Anthropic Silently Patches Claude Code Sandbox Bypass
• 12:32 : NVIDIA Triton Inference Server Flaw Raises Risk of Unauthorized Access
• 12:32 : Old Breaches Resold as New Corporate Data Leaks
• 12:32 : Microsoft DurableTask Python Client Targeted in TeamPCP Cyberattack
• 12:32 : Firefox 151 packs big privacy upgrades into a small update
• 12:32 : According to Sophos 71% of orgs hit by identity breaches
• 12:32 : NIST PNT Framework Strengthens GPS Interference Defenses
• 12:32 : Indiana launches military-aligned cybersecurity pathway
• 12:2 : GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos
• 12:2 : OtterCookie RAT Steals Dev Secrets and Cloud Credentials
• 12:2 : Crafted JPEGs Trigger PHP Memory Bugs
• 12:2 : Tulane University Data Breach Investigation
• 12:2 : Baidam and AUSCERT sign MOU for cybersecurity collaboration
• 11:32 : Fake Word Phishing Reveals Enterprise Blind Spot in Trusted Remote Access Tools
• 11:32 : Fox Tempest Linked to Malware-Signing Service Abusing Microsoft Artifact Signing
• 11:32 : GraphWorm Malware Abuses Microsoft OneDrive for Stealthy C2 Operations
• 11:32 : GraphWorm Malware Uses Microsoft OneDrive as Command-and-Control Infrastructure
• 11:32 : Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack
• 11:32 : Novata uses AI to map risk across portfolios and supply chains
• 11:32 : ArmorCode gives security teams AI workers for exposure and remediation
• 11:32 : FBI: $388 million lost in crypto ATM scams in 2026
• 11:31 : China-Linked Webworm APT Evolves Tactics, Expands to European Targets
• 11:5 : Fake Tax Assessment Pages Spread Windows Malware
• 11:5 : Caught Off Guard: Securing AI After It Hits Production
• 11:5 : Trust3 AI focuses on AI agent risks with MCP Security layer
• 11:5 : TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
• 11:5 : Typosquatting Is No Longer a User Problem. It’s a Supply Chain Problem
• 11:5 : GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
• 10:34 : This Is a Hold-Up: Financial Services Under Attack
• 10:34 : Certes Research Warns Legacy Systems Are Biggest Barrier to Quantum Security Readiness
• 10:34 : GitHub says internal repos exfiltrated after poisoned VS Code extension attack
• 10:34 : Real-World ICS Security Tales From the Trenches
• 10:5 : IT Security News Hourly Summary 2026-05-20 12h : 16 posts
• 10:2 : Tracking TamperedChef Clusters via Certificate and Code Reuse
• 10:2 : Microsoft Set To Bring Biggest India Data Centre Online
• 10:2 : New NGINX Vulnerability Allow Remote Attackers to Trigger Malicious Code
• 10:2 : Microsoft Releases Mitigation for Windows BitLocker Security Bypass 0-Day Vulnerability
• 10:2 : London’s police asked Big Tech for comms data over 700,000 times last year
• 10:2 : Virtual Event Today: Threat Detection & Incident Response Summit
• 10:2 : Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
• 10:2 : Researchers Warn CypherLoc Scareware Has Targeted Millions of Users
• 9:32 : Google Hires Contextual AI Researchers, Chief Executive
• 9:32 : Banana RAT Malware in Fake Invoices Hits Customers at 16 Brazilian Banks
• 9:32 : Data Brokers’ and AI Firms’ Opt-Out Forms Are Built to Fail, Report Finds
• 9:32 : A malicious VS code extension just breached GitHub ‘s internal repositories
• 9:32 : How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)
• 9:32 : GitHub Confirms Hack Impacting 3,800 Internal Repositories
• 9:32 : Darwinium updates mobile SDKs to detect remote access scam activity
• 9:32 : Encryption Consulting launches CertSecure Manager v3.3 with zero-touch certificate renewals
• 9:2 : Mistral Buys Austria’s Emmi AI For Industrial Tech
• 9:2 : Pardus Linux Vulnerability Lets Local Attackers Gain Silent Root Access
• 9:2 : Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)
• 9:2 : Verizon DBIR: Vulnerability Exploits Overtake Credentials as Top Access Vector
• 9:2 : Discord Enables End-to-End Encryption by Default for All Voice and Video Calls
• 8:34 : Meta Offers Limited Free AI Access To WhatsApp
• 8:34 : DirtyDecrypt: PoC Released for yet another Linux flaw
• 8:34 : Fox Tempest Malware-Signing Service Abused Microsoft Artifact Signing to Certify Malware
• 8:2 : Is the UK ready for a state‑backed cyberwar?
• 8:2 : FinTech and Agentic Commerce: When AI Becomes the Customer
• 8:2 : Google, Samsung Show Upcoming AI Glasses
• 8:2 : Void Botnet Leverages Ethereum for Resilient C2
• 7:32 : Cambridge University Satellite AI Model Protects Hedgehogs
• 7:32 : China’s Moonshot AI To Unwind Offshore Structure
• 7:32 : BREAKING: TeamPCP Hacks 4000 GitHub Repos and Compromised TanStack npm
• 7:31 : Microsoft hits Fox Tempest, robotics OS flaw, CISA admins leaks keys
• 7:5 : IT Security News Hourly Summary 2026-05-20 09h : 10 posts
• 7:2 : Trapdoor Android Ad Fraud Ring Abuses 455 Apps for Fake Clicks
• 7:2 : New NGINX Vulnerability Exposes Servers to Malicious Code Execution
• 7:2 : The quest for greater tech independence
• 7:2 : Communicating cyber risk in dollars boards understand
• 6:32 : Single-Letter Go Module Typosquat Drops DNS-Based Backdoor
• 6:32 : Mini Shai-Hulud Attack Hits npm Ecosystem, Compromising Over 600 Packages
• 6:32 : DevilNFC Malware Traps Android Users in NFC Relay Attacks
• 6:32 : FreePBX Security Flaw Lets Attackers Access User Portals
• 6:32 : Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash
• 6:32 : CVE Lite CLI: Open-source dependency vulnerability scanner
• 6:2 : Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware
• 6:2 : PoC Exploit Released for DirtyDecrypt Linux Kernel Vulnerability
• 6:2 : PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability
• 6:2 : GitHub Hacked – Internal Source Code Repositories Compromised via Employee Device
• 6:2 : When your AI assistant has the keys to production
• 6:2 : Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
• 5:32 : GitHub Source Code Reportedly Compromised, TeamPCP Claims Breach
• 5:32 : WhatsApp Encryption Comes Under Spotlight Following Federal Allegations
• 5:32 : Ivanti Patches New EPMM Vulnerability Linked to Active Zero-Day Exploitation
• 5:32 : 7 hard truths security pros should know: 2026 DevOps Threats Report
• 5:2 : What CISOs need to know about AI audit logs
• 5:2 : What happens when your identity provider becomes the kill chain
• 4:32 : ShinyHunters Claims Credit for Cyber-Attack on Online Learning Management System
• 4:32 : GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
• 4:32 : Windows 11 BitLocker Zero-Day, TeamPCP Malware Leak, Iran Gas Station Hacks | Cybersecurity Today
• 4:5 : IT Security News Hourly Summary 2026-05-20 06h : 1 posts
• 3:32 : GitHub Source Code Breach – TeamPCP Claims Access to Internal Source Code
• 2:31 : ISC Stormcast For Wednesday, May 20th, 2026 https://isc.sans.edu/podcastdetail/9938, (Wed, May 20th)
• 1:5 : IT Security News Hourly Summary 2026-05-20 03h : 1 posts
• 0:31 : Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector
• 22:32 : macOS Malware Installs Fake Google Software Update LaunchAgent for Persistence
• 22:31 : UAC-0184 Malware Chain Uses bitsadmin and HTA Files for Gated Payload Delivery
• 22:5 : IT Security News Hourly Summary 2026-05-20 00h : 7 posts
• 22:4 : Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
• 22:4 : CIRT insights: How to help prevent unauthorized account removals from AWS Organizations
• 21:55 : IT Security News Daily Summary 2026-05-19