IT Security News Daily Summary 2026-05-22

135 posts were published in the last hour

• 21:32 : 2026-05-22: SmartApeSG ClickFix –> Unidentified RAT –> NetSupport RAT
• 21:32 : Friday Squid Blogging: Regulating Squid Fishing in the South Pacific
• 21:32 : Hackers Use NF-e Invoice Lures to Deliver Banana RAT Through Malicious Batch Files
• 21:32 : Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
• 21:32 : A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim’s crypto wallets
• 21:32 : The Department of Know: Google’s CodeMender, CISA’s big leak, Torvalds open-source warning
• 21:4 : Verizon 2026 DBIR: 6 key takeaways for CISOs
• 20:2 : FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account
• 19:31 : CISA Adds One Known Exploited Vulnerability to Catalog
• 19:5 : IT Security News Hourly Summary 2026-05-22 21h : 3 posts
• 19:2 : Ubiquiti Patches Critical UniFi OS Vulnerabilities Allowing Remote Privilege Escalation
• 19:2 : Megalodon chums the waters in 5.5K+ GitHub repo poisonings
• 18:31 : First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
• 18:3 : Microsoft recognized as a Leader in The Forrester Wave™ for Workforce Identity Security Platforms
• 17:32 : Identity security for AI agents: The proliferation challenge
• 17:32 : Deleted Google API Keys Continue Accessing Gemini, BigQuery, and Maps APIs
• 17:32 : CISA adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
• 17:32 : LiteSpeed cPanel Plugin 0-Day Exploited in the wild to Gain Server Root Access
• 17:32 : Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
• 17:32 : SOC Alert Overload: Why More Analysts Won’t Help
• 17:32 : Microsoft Warns Users About Rising QR Code Phishing and Quishing Scams
• 17:31 : Researchers Find Security Gap in Anthropic Skill Scanners
• 17:31 : Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
• 17:2 : Lawmakers Demand Answers as CISA Tries to Contain Data Leak
• 17:2 : Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations
• 17:2 : From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence
• 16:32 : Kash Patel’s clothing brand website shut down after reports it was hacked
• 16:32 : Android Malware Silently Subscribes Victims to Premium Services Without Consent
• 16:31 : CISA Warns of Microsoft Defender 0-Day Vulnerabilities Exploited in Attacks
• 16:5 : IT Security News Hourly Summary 2026-05-22 18h : 3 posts
• 16:2 : AI-Driven Threats, Critical Vulnerabilities, and Supply Chain Breaches Define the Week in May 2026
• 15:32 : Operation Dragon Whistle Uses Malicious LNK Files to Target Changzhou University
• 15:31 : Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
• 15:2 : RemotePE: The Lazarus RAT that lives in memory
• 14:32 : Trump Mobile confirms it exposed customers’ personal data, including phone numbers and home addresses
• 14:32 : Authorities arrest 23-year-old accused of running the Kimwolf botnet
• 14:32 : Hackers Hide Malware Payloads Inside Nested macOS-Like Folders to Evade Scanning
• 14:32 : Canadian Man Arrested for Operating KimWolf DDoS Botnet Hacking 2 Million Devices
• 14:32 : In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
• 14:32 : Data Leak: Instructure, Canvas Allegedly Hacked, ShinyHunters Claim Responsibility
• 14:32 : 9-Year-Old Linux bug Found by Researchers, Could Leak Data
• 14:32 : ShinyHunters Cyberattack Disrupts Canvas Platform Across Universities and Schools
• 14:32 : $20 per zero-day is already the WordPress plugin reality
• 14:31 : Cyber Briefing: 2026.05.22
• 14:2 : 5,561 GitHub Repositories Hit by Megalodon Supply Chain Attack in Six Hours
• 14:2 : AI Adoption for companies (based on OECD data)
• 14:2 : CISA Security Leak
• 13:32 : Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
• 13:32 : Hackers Exploit Middle East Telecoms for Massive C2 Operations
• 13:32 : AI Attacks Are No Longer Experimental: Key Findings from the March-April 2026 AI Threat Landscape
• 13:5 : IT Security News Hourly Summary 2026-05-22 15h : 8 posts
• 13:2 : Google’s Exploit Code Release Raises Concern Over Unfixed Chromium Security Bug
• 13:2 : Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective
• 13:2 : Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
• 12:34 : World Cup Phishing Surge: 203 Malicious IPs Detected
• 12:34 : Update Chrome now: Critical bugs could let attackers run code
• 12:34 : Splunk Patches Multiple Vulnerabilities that Enable DOS Attacks and Expose Sensitive Data
• 12:34 : Canadian Man Arrested for Operating Kimwolf Botnet
• 12:34 : Deleted Google API keys keep working for up to 23 minutes, researchers warn
• 12:4 : Russian Hackers Exploit RDP, VPNs, Supply Chains for Initial Access
• 11:34 : CISA Adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
• 11:34 : Kore.ai unveils AI-native platform for enterprise multiagent systems
• 11:34 : Fake Gemini and Claude Code Sites Spread Infostealers Through SEO Poisoning
• 11:5 : Popular npm Package “art-template” Backdoored in Watering-Hole Attack
• 11:5 : Techie claims Trump Mobile website was leaking thousands of people’s data
• 11:5 : Proton Pass adds monitored credential sharing for AI agents
• 11:4 : GitLab 19.0 adds AI workflows, secrets management, and self-hosted model support
• 11:4 : Versa extends zero trust principles to AI agents and MCP workflows
• 11:4 : Suspected KimWolf botnet admin arrested over DDoS-for-hire operation
• 10:32 : Paved With Intent: ROADtools and Nation-State Tactics in the Cloud
• 10:32 : Hackers Use Six-Layer Persistence on FreePBX Systems
• 10:32 : U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
• 10:32 : Keepnet contributes voice and SMS phishing data to the 2026 Verizon DBIR
• 10:32 : Apple Blocked $2.2bn in App Store Fraud in the Last Year
• 10:5 : IT Security News Hourly Summary 2026-05-22 12h : 14 posts
• 10:3 : Hackers Weaponize NF-e Invoice Lures to Deploy Banana RAT
• 10:2 : CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities
• 10:2 : Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload
• 10:2 : Hackers Use Hugging Face to Host Second-Stage Malware for npm Supply Chain Attack
• 10:2 : FBI Warns of Kali365 Attacking Microsoft 365 Users to Steal Logins and Bypass MFA
• 10:2 : CISA Warns of Trend Micro Apex One Vulnerability Exploited in Attacks
• 10:2 : Splunk Patches Multiple Vulnerabilities that Enable DOS Attack and Exposes Sensitive Data
• 10:2 : CISA’s new KEV nomination form opens reporting to vendors and researchers
• 9:32 : Android Malware Secretly Signs Users Up for Premium Services
• 9:32 : ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested
• 9:32 : Meet Fractal, an OS made for microarchitecture reverse engineering
• 9:32 : Microsoft 365 users targeted by new phishing threat that bypasses MFA
• 9:32 : Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
• 9:32 : Microsoft Phasing Out SMS Authentication Codes for Personal Accounts in Favor of Passkeys
• 9:4 : Hackers Can Weaponize Lenovo Driver to Terminate EDR Processes
• 9:4 : Google Publishes Exploit Code for Unfixed Chromium Bug Exposing Millions of Users
• 9:4 : Downtime has become a $600 billion business problem
• 8:34 : Splunk Patches Multiple Vulnerabilities Enabling DoS Attacks and Data Exposure
• 8:34 : Google API Key Issue Allows Deleted Keys to Retain Access to Cloud Services
• 8:34 : One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure
• 8:34 : TrendAI Patches Apex One Zero-Day Exploited in the Wild
• 8:34 : GitHub Breach Exposes 3,800 Repos | Microsoft Kills SMS Authentication | Proton Fights Canada Bill
• 8:4 : FBI Warns Kali365 PhaaS Platform Targets Microsoft 365 Users to Steal Logins
• 8:4 : Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
• 7:32 : Was Foxconn hit by a cyberattack?
• 7:32 : Operation Dragon Whistle Targets Changzhou University with Malicious LNK Files
• 7:32 : Mini Shai-Hulud Attack Forces npm to Reset Bypass-2FA Publishing Tokens
• 7:32 : Cisco’s 10.0 vulnerability, Microsoft email spammed, Chrome vulnerability surge
• 7:5 : IT Security News Hourly Summary 2026-05-22 09h : 9 posts
• 7:3 : FTC Fines Cox Media Over Fake AI ‘Listening’ Ad Service
• 7:2 : Hackers Hide Malware in Nested macOS-Style Folders to Evade Scans
• 7:2 : CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
• 6:34 : Cross-Platform NPM Stealer, (Fri, May 22nd)
• 6:34 : Megalodon Malware Rapidly Infects Over 5,500 GitHub Repositories
• 6:34 : CISA Warns Trend Micro Apex One Vulnerability Is Being Exploited in Attacks
• 6:5 : Hackers Abuse Hugging Face to Deliver npm Malware
• 6:5 : Cisco used AI to write security incident reports, with mixed results
• 6:5 : Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
• 5:32 : Mini Shai-Hulud Attack Prompts npm to Revoke 2FA-Bypass Tokens
• 5:2 : Authorities Take Down “First VPN” Service Used in Ransomware Attacks
• 5:2 : Flipper Introduces Flipper One as a Modular Linux-Based Cyberdeck
• 5:2 : The new economics of fraud: Cheaper, faster, more convincing
• 4:31 : New infosec products of the week: May 22, 2026
• 4:5 : IT Security News Hourly Summary 2026-05-22 06h : 2 posts
• 4:5 : Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours
• 4:4 : Discord Announces End-to-End Encryption by Default for Video and Voice Messages
• 4:4 : Google Navigates EU Regulatory Pressure With Search Policy Shift
• 2:3 : ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd)
• 1:33 : TAX#TRIDENT Campaign Spreads Windows Malware
• 1:33 : Russia hacks Bluesky accounts to spread Ukraine disinformation
• 1:33 : Trust3 AI launches MCP Security for AI agents
• 1:33 : Kimwolf botnet admin arrested in Canada
• 1:32 : Web devs fear AI job displacement in new survey
• 23:31 : Dems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 ‘slush fund’
• 22:5 : IT Security News Hourly Summary 2026-05-22 00h : 7 posts
• 22:3 : New Verizon Report Reveals the Security Gap Attackers Are Exploiting Most
• 22:3 : Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
• 22:3 : ‘Creepy’ Listening Tool for Targeted Ads Didn’t Actually Work, FTC Says
• 22:3 : Imperva Customers Protected Against CVE-2026-9082 in Drupal Core
• 21:55 : IT Security News Daily Summary 2026-05-21