IT Security News Weekly Summary 21

210 posts were published in the last hour

• 21:55 : IT Security News Daily Summary 2026-05-24
• 17:34 : Real-Time Webhook Notifications: No More Lost Security Alerts
• 17:4 : Wireshark 4.6.6 Released, (Sun, May 24th)
• 16:34 : AI eyes scanning for bugs create a worrisome Linux security trend
• 16:5 : IT Security News Hourly Summary 2026-05-24 18h : 3 posts
• 16:4 : Hackers Abuse Google Ads and Claude.ai Chats to Spread Mac Malware
• 16:4 : Anthropic’s Project Glasswing Detects Over 10,000 Critical Software Vulnerabilities Worldwide
• 16:4 : JDownloader Website Breach Spreads Malware Through Fake Windows and Linux Installers
• 13:5 : IT Security News Hourly Summary 2026-05-24 15h : 5 posts
• 13:4 : Top 10 Best Static Application Security Testing (SAST) Tools for Security Teams in 2026
• 13:4 : Threat Campaign Targets School Login Systems After Alleged Instructure Hack
• 12:34 : Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION
• 12:34 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98
• 12:34 : Top 10 Best Malware Sandbox Tools for Security Teams in 2026
• 11:2 : Scientists discover atoms suddenly spinning backward in quantum experiment
• 10:5 : IT Security News Hourly Summary 2026-05-24 12h : 1 posts
• 9:34 : Anthropic’s Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious
• 9:4 : Researcher Claims Trump Mobile Website Leaked Data on More Than 27,000 Customers Through Unprotected API
• 8:34 : U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
• 8:34 : Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited
• 5:31 : 7-Eleven – 185,256 breached accounts
• 4:5 : IT Security News Hourly Summary 2026-05-24 06h : 1 posts
• 4:2 : PyrsistenceSniper – Tool that Detects 117 Persistence Malware Techniques on Windows, Linux, and macOS
• 22:5 : IT Security News Hourly Summary 2026-05-24 00h : 1 posts
• 21:55 : IT Security News Daily Summary 2026-05-23
• 20:32 : These special phone and app features can help protect you from spyware
• 17:31 : CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack
• 17:2 : Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
• 17:2 : npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
• 16:34 : Millions of Devices at Risk: New Trojan Monitors Smartphones
• 16:34 : AI Coding Tools Expose Thousands of Apps With Sensitive Corporate Data Online
• 14:34 : Why pure extortion is replacing traditional ransomware
• 13:5 : IT Security News Hourly Summary 2026-05-23 15h : 4 posts
• 13:4 : Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks — Patch Now!
• 13:4 : Australia Seizes $4.2 Million in Bitcoin in Major Darknet Crackdown
• 13:4 : WhatsApp Fixed Two Security Bugs via It’s Bug Bounty Program
• 12:34 : Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
• 11:34 : RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers
• 11:2 : The FBI Wants ‘Near Real-Time’ Access to US License Plate Readers
• 11:2 : Hackers Exploit F5 BIG-IP Appliance to Gain SSH Access and Pivot Into Enterprise Linux Networks
• 11:2 : Dirty Frag, Copy Fail, Fragnesia: The start of a worrisome Linux security trend
• 11:2 : ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
• 10:32 : Hackers Exploit F5 BIG-IP to Gain SSH Access and Pivot Into Linux Networks
• 10:32 : Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets
• 10:31 : Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
• 10:5 : IT Security News Hourly Summary 2026-05-23 12h : 1 posts
• 9:34 : LiteSpeed cPanel Plugin 0-Day Exploited for Server Root Access
• 9:4 : Ubiquiti Patches Critical UniFi OS Privilege Escalation Flaws
• 8:31 : Hackers Use SEO Poisoning to Fake Gemini CLI, Claude Installers
• 8:3 : Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
• 8:3 : LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
• 7:31 : Hackers Compromise Laravel-Lang Packages via 700 GitHub Repos
• 7:5 : IT Security News Hourly Summary 2026-05-23 09h : 2 posts
• 6:32 : Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise
• 6:32 : Hackers Compromised 233 Versions of Laravel-Lang Packages by Hacking 700 GitHub Repos
• 6:2 : An Example of Stack String in High Level Language, (Sat, May 23rd)
• 6:2 : Claude Mythos Preview Discovers 10,000+ 0-Days in Glasswing
• 5:2 : Anthropic’s Claude Mythos Preview Uncovers 10,000+ 0-Days in Project Glasswing
• 5:2 : Quantum Technology Emerges as a Potential Threat to Bitcoin Networks
• 4:34 : Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials
• 1:5 : IT Security News Hourly Summary 2026-05-23 03h : 3 posts
• 1:2 : Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
• 0:32 : World Cup Phishing Campaign Nearly Triples With 203 Unique IP Addresses
• 0:31 : Hackers Abuse Middle East Telecom Networks for Large-Scale Command-and-Control Operations
• 23:2 : Hackers Backdoor Popular art-template npm Package to Launch Watering-Hole Attacks
• 23:2 : Russian Threat Groups Use RDP, VPN, Supply Chain Attacks, and Social Engineering for Initial Access
• 22:5 : IT Security News Hourly Summary 2026-05-23 00h : 9 posts
• 22:4 : Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker
• 22:4 : Data Sanitization Challenges Are Increasing in the AI Era
• 21:55 : IT Security News Daily Summary 2026-05-22
• 21:32 : 2026-05-22: SmartApeSG ClickFix –> Unidentified RAT –> NetSupport RAT
• 21:32 : Friday Squid Blogging: Regulating Squid Fishing in the South Pacific
• 21:32 : Hackers Use NF-e Invoice Lures to Deliver Banana RAT Through Malicious Batch Files
• 21:32 : Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
• 21:32 : A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim’s crypto wallets
• 21:32 : The Department of Know: Google’s CodeMender, CISA’s big leak, Torvalds open-source warning
• 21:4 : Verizon 2026 DBIR: 6 key takeaways for CISOs
• 20:2 : FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account
• 19:31 : CISA Adds One Known Exploited Vulnerability to Catalog
• 19:5 : IT Security News Hourly Summary 2026-05-22 21h : 3 posts
• 19:2 : Ubiquiti Patches Critical UniFi OS Vulnerabilities Allowing Remote Privilege Escalation
• 19:2 : Megalodon chums the waters in 5.5K+ GitHub repo poisonings
• 18:31 : First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
• 18:3 : Microsoft recognized as a Leader in The Forrester Wave™ for Workforce Identity Security Platforms
• 17:32 : Identity security for AI agents: The proliferation challenge
• 17:32 : Deleted Google API Keys Continue Accessing Gemini, BigQuery, and Maps APIs
• 17:32 : CISA adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
• 17:32 : LiteSpeed cPanel Plugin 0-Day Exploited in the wild to Gain Server Root Access
• 17:32 : Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
• 17:32 : SOC Alert Overload: Why More Analysts Won’t Help
• 17:32 : Microsoft Warns Users About Rising QR Code Phishing and Quishing Scams
• 17:31 : Researchers Find Security Gap in Anthropic Skill Scanners
• 17:31 : Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
• 17:2 : Lawmakers Demand Answers as CISA Tries to Contain Data Leak
• 17:2 : Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations
• 17:2 : From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence
• 16:32 : Kash Patel’s clothing brand website shut down after reports it was hacked
• 16:32 : Android Malware Silently Subscribes Victims to Premium Services Without Consent
• 16:31 : CISA Warns of Microsoft Defender 0-Day Vulnerabilities Exploited in Attacks
• 16:5 : IT Security News Hourly Summary 2026-05-22 18h : 3 posts
• 16:2 : AI-Driven Threats, Critical Vulnerabilities, and Supply Chain Breaches Define the Week in May 2026
• 15:32 : Operation Dragon Whistle Uses Malicious LNK Files to Target Changzhou University
• 15:31 : Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
• 15:2 : RemotePE: The Lazarus RAT that lives in memory
• 14:32 : Trump Mobile confirms it exposed customers’ personal data, including phone numbers and home addresses
• 14:32 : Authorities arrest 23-year-old accused of running the Kimwolf botnet
• 14:32 : Hackers Hide Malware Payloads Inside Nested macOS-Like Folders to Evade Scanning
• 14:32 : Canadian Man Arrested for Operating KimWolf DDoS Botnet Hacking 2 Million Devices
• 14:32 : In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
• 14:32 : Data Leak: Instructure, Canvas Allegedly Hacked, ShinyHunters Claim Responsibility
• 14:32 : 9-Year-Old Linux bug Found by Researchers, Could Leak Data
• 14:32 : ShinyHunters Cyberattack Disrupts Canvas Platform Across Universities and Schools
• 14:32 : $20 per zero-day is already the WordPress plugin reality
• 14:31 : Cyber Briefing: 2026.05.22
• 14:2 : 5,561 GitHub Repositories Hit by Megalodon Supply Chain Attack in Six Hours
• 14:2 : AI Adoption for companies (based on OECD data)
• 14:2 : CISA Security Leak
• 13:32 : Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
• 13:32 : Hackers Exploit Middle East Telecoms for Massive C2 Operations
• 13:32 : AI Attacks Are No Longer Experimental: Key Findings from the March-April 2026 AI Threat Landscape
• 13:5 : IT Security News Hourly Summary 2026-05-22 15h : 8 posts
• 13:2 : Google’s Exploit Code Release Raises Concern Over Unfixed Chromium Security Bug
• 13:2 : Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective
• 13:2 : Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
• 12:34 : World Cup Phishing Surge: 203 Malicious IPs Detected
• 12:34 : Update Chrome now: Critical bugs could let attackers run code
• 12:34 : Splunk Patches Multiple Vulnerabilities that Enable DOS Attacks and Expose Sensitive Data
• 12:34 : Canadian Man Arrested for Operating Kimwolf Botnet
• 12:34 : Deleted Google API keys keep working for up to 23 minutes, researchers warn
• 12:4 : Russian Hackers Exploit RDP, VPNs, Supply Chains for Initial Access
• 11:34 : CISA Adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
• 11:34 : Kore.ai unveils AI-native platform for enterprise multiagent systems
• 11:34 : Fake Gemini and Claude Code Sites Spread Infostealers Through SEO Poisoning
• 11:5 : Popular npm Package “art-template” Backdoored in Watering-Hole Attack
• 11:5 : Techie claims Trump Mobile website was leaking thousands of people’s data
• 11:5 : Proton Pass adds monitored credential sharing for AI agents
• 11:4 : GitLab 19.0 adds AI workflows, secrets management, and self-hosted model support
• 11:4 : Versa extends zero trust principles to AI agents and MCP workflows
• 11:4 : Suspected KimWolf botnet admin arrested over DDoS-for-hire operation
• 10:32 : Paved With Intent: ROADtools and Nation-State Tactics in the Cloud
• 10:32 : Hackers Use Six-Layer Persistence on FreePBX Systems
• 10:32 : U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
• 10:32 : Keepnet contributes voice and SMS phishing data to the 2026 Verizon DBIR
• 10:32 : Apple Blocked $2.2bn in App Store Fraud in the Last Year
• 10:5 : IT Security News Hourly Summary 2026-05-22 12h : 14 posts
• 10:3 : Hackers Weaponize NF-e Invoice Lures to Deploy Banana RAT
• 10:2 : CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities
• 10:2 : Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload
• 10:2 : Hackers Use Hugging Face to Host Second-Stage Malware for npm Supply Chain Attack
• 10:2 : FBI Warns of Kali365 Attacking Microsoft 365 Users to Steal Logins and Bypass MFA
• 10:2 : CISA Warns of Trend Micro Apex One Vulnerability Exploited in Attacks
• 10:2 : Splunk Patches Multiple Vulnerabilities that Enable DOS Attack and Exposes Sensitive Data
• 10:2 : CISA’s new KEV nomination form opens reporting to vendors and researchers
• 9:32 : Android Malware Secretly Signs Users Up for Premium Services
• 9:32 : ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested
• 9:32 : Meet Fractal, an OS made for microarchitecture reverse engineering
• 9:32 : Microsoft 365 users targeted by new phishing threat that bypasses MFA
• 9:32 : Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
• 9:32 : Microsoft Phasing Out SMS Authentication Codes for Personal Accounts in Favor of Passkeys
• 9:4 : Hackers Can Weaponize Lenovo Driver to Terminate EDR Processes
• 9:4 : Google Publishes Exploit Code for Unfixed Chromium Bug Exposing Millions of Users
• 9:4 : Downtime has become a $600 billion business problem
• 8:34 : Splunk Patches Multiple Vulnerabilities Enabling DoS Attacks and Data Exposure
• 8:34 : Google API Key Issue Allows Deleted Keys to Retain Access to Cloud Services
• 8:34 : One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure
• 8:34 : TrendAI Patches Apex One Zero-Day Exploited in the Wild
• 8:34 : GitHub Breach Exposes 3,800 Repos | Microsoft Kills SMS Authentication | Proton Fights Canada Bill
• 8:4 : FBI Warns Kali365 PhaaS Platform Targets Microsoft 365 Users to Steal Logins
• 8:4 : Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
• 7:32 : Was Foxconn hit by a cyberattack?
• 7:32 : Operation Dragon Whistle Targets Changzhou University with Malicious LNK Files
• 7:32 : Mini Shai-Hulud Attack Forces npm to Reset Bypass-2FA Publishing Tokens
• 7:32 : Cisco’s 10.0 vulnerability, Microsoft email spammed, Chrome vulnerability surge
• 7:5 : IT Security News Hourly Summary 2026-05-22 09h : 9 posts
• 7:3 : FTC Fines Cox Media Over Fake AI ‘Listening’ Ad Service
• 7:2 : Hackers Hide Malware in Nested macOS-Style Folders to Evade Scans
• 7:2 : CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
• 6:34 : Cross-Platform NPM Stealer, (Fri, May 22nd)
• 6:34 : Megalodon Malware Rapidly Infects Over 5,500 GitHub Repositories
• 6:34 : CISA Warns Trend Micro Apex One Vulnerability Is Being Exploited in Attacks
• 6:5 : Hackers Abuse Hugging Face to Deliver npm Malware
• 6:5 : Cisco used AI to write security incident reports, with mixed results
• 6:5 : Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
• 5:32 : Mini Shai-Hulud Attack Prompts npm to Revoke 2FA-Bypass Tokens
• 5:2 : Authorities Take Down “First VPN” Service Used in Ransomware Attacks
• 5:2 : Flipper Introduces Flipper One as a Modular Linux-Based Cyberdeck
• 5:2 : The new economics of fraud: Cheaper, faster, more convincing
• 4:31 : New infosec products of the week: May 22, 2026
• 4:5 : IT Security News Hourly Summary 2026-05-22 06h : 2 posts
• 4:5 : Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours
• 4:4 : Discord Announces End-to-End Encryption by Default for Video and Voice Messages
• 4:4 : Google Navigates EU Regulatory Pressure With Search Policy Shift
• 2:3 : ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd)
• 1:33 : TAX#TRIDENT Campaign Spreads Windows Malware
• 1:33 : Russia hacks Bluesky accounts to spread Ukraine disinformation
• 1:33 : Trust3 AI launches MCP Security for AI agents
• 1:33 : Kimwolf botnet admin arrested in Canada
• 1:32 : Web devs fear AI job displacement in new survey
• 23:31 : Dems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 ‘slush fund’
• 22:5 : IT Security News Hourly Summary 2026-05-22 00h : 7 posts
• 22:3 : New Verizon Report Reveals the Security Gap Attackers Are Exploiting Most
• 22:3 : Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
• 22:3 : ‘Creepy’ Listening Tool for Targeted Ads Didn’t Actually Work, FTC Says
• 22:3 : Imperva Customers Protected Against CVE-2026-9082 in Drupal Core
• 21:55 : IT Security News Daily Summary 2026-05-21
• 21:32 : Decentralized Threat: Stealthy P2P Cryptominer Targeting Ollama Endpoints
• 21:32 : U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog
• 21:2 : Indian Student Data Weaponized for Phishing, Social Engineering, and Financial Fraud
• 21:2 : Fake Invitation Phishing Campaign Targets U.S. Organizations With Credential Theft
• 21:2 : TamperedChef Malware Uses Signed Productivity Apps to Deliver Stealers and RATs