IT Security News Daily Summary 2026-05-29

127 posts were published in the last hour

• 21:32 : Implementing Secure API Gateways for Microservices Architecture
• 21:32 : Friday Squid Blogging: Another Squid
• 21:2 : The White House’s Aliens.gov Site Brags That ICE Arrested More Than 700 US Citizens
• 20:32 : Imperva Customers Protected Against CVE-2026-45247 in Mirasvit Full Page Cache Warmer for Magento
• 20:2 : CISA Adds One Known Exploited Vulnerability to Catalog
• 20:2 : ICE to keep an eye on your eyes under $25M biometric scanner deal
• 19:32 : 5 Common Security Pitfalls in Serverless Architectures
• 19:32 : Dexcom Warns Stolen G7 Glucose Sensors May Pose Infection, Reading Risks
• 19:32 : EO 14390 raises stakes for enterprise cybersecurity
• 19:32 : Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes
• 19:5 : IT Security News Hourly Summary 2026-05-29 21h : 2 posts
• 18:32 : No fix yet for critical RCE bug in open-source Git service Gogs – exploit module is out
• 18:32 : ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
• 17:32 : Microsoft under fire for threatening security researcher with criminal investigation
• 17:2 : Carnival Data Breach Exposes Data of Nearly 6 Million Customers
• 17:2 : First month of Mythos Preview testing exposes 10K flaws
• 17:2 : Microsoft AI Chief Says White-Collar Jobs Could Face AI Automation Within 18 Months
• 16:33 : Wordfence Bug Bounty Program Monthly Report – March 2026
• 16:33 : AI Threats, Data Breaches, and Supply Chain Risks Define This Week of May 2026 in Cybersecurity
• 16:32 : Carnival Data Breach Impacts Nearly 6 Million Customers
• 16:32 : AI Growth Exposes Gaps in Governance and Readiness
• 16:32 : Malicious NuGet Package as Sicoob SDK Exfiltrates Banking Passwords
• 16:32 : From 200 CVEs to Actionable Fixes – DockSec Brings AI to Container Security
• 16:32 : Attackers Abuse Trusted Developer Tooling to Exfiltrate Source Code and Secrets
• 16:32 : JINX-0164 Threat Actor Using LinkedIn Social Engineering to Deploy Custom macOS Malware
• 16:32 : Ransomware Uses SYSTEM Scheduled Task to Encrypt Local Drives With Elevated Privileges
• 16:32 : 23andMe inherits lawsuit over ‘disturbing’ DNA data breach
• 16:32 : In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks
• 16:32 : Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection
• 16:32 : Cybersecurity & Arctic Sovereignty: Protecting Canada’s Most Vulnerable Infrastructure Cheryl Biswas
• 16:5 : IT Security News Hourly Summary 2026-05-29 18h : 4 posts
• 16:2 : Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
• 16:2 : CISA urges security teams to check for software development compromises
• 15:32 : Iran-Linked Hackers Targeted US Fuel Tank Systems Through Exposed ATG Networks
• 15:32 : AI Vigilante Sting Catches Alleged Paedophile Ex-Teacher in France
• 15:3 : MokN Raises $15 Million for Phish-Back Platform
• 15:3 : Charter Communications Data Breach Could Impact Nearly 5 Million
• 14:34 : Dutch police disrupts botnet composed of 17 million devices
• 14:34 : Cyber Briefing: 2026.05.29
• 14:2 : Final 24 hours to save up to $410 on your TechCrunch Disrupt 2026 ticket
• 13:34 : Ransomware Abuses SYSTEM Task to Encrypt Drives with Elevated Privileges
• 13:34 : Securing and Governing AI Agents At Scale Through A Unified AI Gateway
• 13:5 : IT Security News Hourly Summary 2026-05-29 15h : 16 posts
• 13:3 : Oracle Critical Security Update – Patch for 35 New Vulnerabilities Across Products
• 13:2 : Legitimate-Looking Codex Remote UI Steals OpenAI Codex Authentication Tokens
• 13:2 : Hackers Use Fake Adobe Document Cloud Pages to Deliver ScreenConnect Malware
• 13:2 : Dutch cops wrest 17M devices from mystery botnet’s clutches
• 13:2 : Gogs Zero-Day Exposes Servers to Remote Code Execution
• 13:2 : Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
• 13:2 : CyCOS Expands UK SME Cybersecurity Support
• 12:34 : JINX-0164 Uses LinkedIn Lures to Deploy Custom macOS Malware
• 12:34 : DIL Observatory: when the World Escalates, the Underground Responds
• 12:34 : Signal users targeted in backup-stealing phishing attacks
• 12:34 : New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
• 12:34 : Typosquatted npm Packages Steal Cloud Secrets
• 12:34 : Trusted Dev Tools Abused in Supply Chain Attacks
• 12:34 : Iranian Hackers Hit LA Transit Network
• 12:34 : Email Deliverability Tools Market Growth
• 12:34 : Google engineer charged with insider trading
• 12:2 : GREYVIBE Threat Actors Use ChatGPT and Google Gemini to Scale Cyberattack Operations
• 12:2 : Russia-linked threat group put ChatGPT to work from lure to payload
• 12:2 : ChatGPT blindly trusts browser content, turning the page into a payload
• 12:2 : New infostealer reaches enterprise devices through FortiClient EMS vulnerability
• 11:36 : Malicious NuGet Package Disguised as Sicoob SDK Exfiltrates Banking Passwords
• 11:36 : Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.
• 11:36 : Chilling Effects
• 11:36 : Acumen Cyber and AttackIQ Partner to Strengthen Cyber Defense Validation
• 11:36 : California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
• 11:36 : What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
• 11:2 : Trusted Dev Tools Abused to Steal Code and Secrets
• 11:2 : MicrosoftSystem64 Malware Uses HuggingFace Datasets for Stealthy Data Exfiltration
• 11:2 : Websites can spy on user activity by analyzing SSD behavior
• 10:35 : Typosquatted npm Packages Steal Cloud and CI/CD Secrets
• 10:35 : Deceptively Sweet: DonutLoader Reloaded in a modern Remcos RAT Infection
• 10:34 : ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak
• 10:34 : Chrome 148 Update Patches 151 Vulnerabilities
• 10:34 : LinkedIn-themed phishing abuses Adobe’s A/B testing platform
• 10:34 : Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
• 10:5 : IT Security News Hourly Summary 2026-05-29 12h : 5 posts
• 10:2 : The Deliverability Problem: How New Platforms Are Solving Inbox Placement
• 10:2 : GitLab Patches Multiple Duo AI, DoS, and Authorisation Vulnerabilities
• 10:2 : Infosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec Takes Over
• 9:36 : BTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone
• 9:36 : Microsoft 365 Copilot redesign brings context and actions into one workspace
• 9:2 : Fake Adobe Document Cloud Pages Spread ScreenConnect Malware
• 9:2 : Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies
• 8:32 : Google Patches 151 Vulnerabilities in Chrome, Including 22 Critical Ones
• 8:32 : Critical Samba Vulnerability Enables Remote Code Execution Attacks
• 8:32 : Malicious RVTools Installer Abuses Sectigo Certificate to Bypass SmartScreen Warnings
• 8:31 : AI-Generated npm Malware Leaks Its Own GitHub Token
• 8:2 : Are hackers using AI personalities to attack?
• 8:2 : Samba Security Flaw Lets Attackers Execute Code Remotely
• 8:2 : Anthropic launches Claude Opus 4.8, prepares Mythos-class models for all customers
• 7:37 : Claude Opus 4.8 Released With Advanced Engineering-Level Coding Capabilities
• 7:36 : OpenVPN Connect macOS Vulnerability Allows Remote Command Execution
• 7:36 : Zapocalypse Attack Lets Threat Actors Hijack Zapier Accounts
• 7:36 : Humanix expands detection to identify live violations of security procedures
• 7:36 : Claroty targets cyber-physical system risks with AI-powered security agent
• 7:36 : Netskope extends data localization capabilities with NewEdge updates
• 7:36 : World Cup fraud, US military location targets, IBM and Red Hat go Project Lightwell
• 7:5 : IT Security News Hourly Summary 2026-05-29 09h : 7 posts
• 7:2 : Fake Video Player Updates Spread Miner and RAT Malware
• 7:2 : AI Security Best Practices for technical and non-technical people
• 7:2 : What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant
• 7:2 : Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
• 6:38 : Fake Codex Remote UI Steals OpenAI Auth Tokens
• 6:38 : ESET APT Activity Report Q4 2025–Q1 2026
• 6:38 : Threat Actors Deploy Tiflux RMM for Persistent Remote Access
• 6:3 : MicrosoftSystem64 Malware Abuses Hugging Face for Stealthy Data Theft
• 6:3 : Hackers Exploit Microsoft Teams’ Collaboration Features to Impersonate IT Helpdesk Staff
• 6:3 : VS Code Remote-SSH RCE Lets Attackers Pivot From Developer Machines to Cloud Servers
• 6:3 : Google Employee Charged for Making $1.2 Million With Confidential Information
• 6:2 : The behavioral signals that sharpen Trojan malware detection
• 5:34 : Carnival Cruise Breach Leaks Sensitive Customer Information
• 5:34 : Product showcase: TotalAV helps iOS users clean up their digital mess
• 5:2 : New Gogs 0-Day Flaw Enables Remote Code Execution on Servers
• 5:2 : Malicious RVTools Installer Uses Sectigo Cert to Evade SmartScreen
• 5:2 : New infosec products of the month: May 2026
• 5:2 : Building a risk-based vulnerability management program that scales
• 4:5 : IT Security News Hourly Summary 2026-05-29 06h : 1 posts
• 4:2 : Typosquatted npm packages used to steal cloud and CI/CD secrets
• 2:2 : ISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)
• 23:4 : Why and how to migrate to a Transit Gateway-attached AWS Network Firewall
• 22:6 : Charter – 4,851,517 breached accounts
• 22:6 : Troops’ phones gave away location data to foreign adversaries
• 22:5 : IT Security News Hourly Summary 2026-05-29 00h : 1 posts
• 21:55 : IT Security News Daily Summary 2026-05-28