Upcoming iOS 27 release reportedly to bring in ability to choose from multiple AI models for tasks such as writing, image generation This article has been indexed from Silicon UK Read the original article: Apple To Let iPhone Users Choose…
Iran-Linked Hackers Target Oman Ministries in Webshell and Data Theft Campaign
Iran-linked operators have mounted a broad espionage operation against multiple Omani ministries, abusing exposed webshells, SQL escalation scripts, and a poorly secured C2 server to steal judicial and identity data at scale. Attacker’s own open directory strongly suggests a Ministry…
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild. The vulnerability, tracked as CVE-2026-0300, has been described as a case of unauthenticated remote code execution.…
Google Chrome Is Silently Downloading a 4GB Gemini Nano AI Model to User Devices Without Consent
Google Chrome has been quietly downloading around 4GB of Gemini Nano AI model weights to user devices without their consent, and it automatically re-downloads t Thank you for being a Ghacks reader. The post Google Chrome Is Silently Downloading a…
Video game supply chain attack, Bleeding Llama, US gets early LLM access
Video game platform hit by supply chain attack Bleeding Llama could expose your data US gets more early LLM access Get the show notes here: https://cisoseries.com/cybersecurity-news-video-game-supply-chain-attack-bleeding-llama-us-gets-early-llm-access/ Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof…
Malicious OpenClaw Skill Targets Agentic AI Workflows to Deploy RATs and Stealers
OpenClaw’s agent “skill” ecosystem to deliver both Remcos RAT and a cross‑platform stealer called GhostLoader by hiding malware inside a deceptive DeepSeek integration called “DeepSeek‑Claw.” The campaign shows how agentic AI workflows with high local privileges can be quietly hijacked…
Zero-Auth Vulnerability Enables Cross-Tenant Access at DoD Contractor
A severe authorization vulnerability was recently discovered in Schemata, an AI-powered virtual training platform serving the United States Department of Defense. Security researcher Alex Schapiro, utilizing the open-source AI hacking agent Strix, identified a critical lack of API authorization. Backed…
Oracle Debuts Monthly Critical Security Patch Updates
Containing fixes for critical-severity vulnerabilities, the monthly rollouts will focus on addressing priority issues faster. The post Oracle Debuts Monthly Critical Security Patch Updates appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Oracle…
Meta Deploys AI to Scan Photos and Detect Underage Users on Facebook and Instagram
Meta has introduced an expanded AI system that scans photos and videos on Facebook and Instagram to estimate users’ ages by analyzing physical features such as Thank you for being a Ghacks reader. The post Meta Deploys AI to Scan…
IT Security News Hourly Summary 2026-05-06 09h : 1 posts
1 posts were published in the last hour 6:35 : Ransomware and Data Extortion Groups Intensify Targeting of Aviation and Aerospace Sector
Ransomware and Data Extortion Groups Intensify Targeting of Aviation and Aerospace Sector
The aviation and aerospace sector has become one of the most actively targeted industries by ransomware operators and data extortion groups in 2025 and 2026. From passenger-processing platforms to satellite-dependent navigation systems, attackers are finding that disrupting even a single…
Remus Infostealer Adopts Lumma-Style Browser Key Theft to Bypass App-Bound Encryption
Remus is a newly observed 64-bit infostealer that closely tracks the Lumma Stealer codebase while adding EtherHiding-based C2 resolution and a refined Application‑Bound Encryption (ABE) bypass for Chromium browsers. The first Remus activity dates back to early 2026, shortly after…
Vimeo Confirms Breach Exposing 119,000 Unique User Email Addresses
Video hosting platform Vimeo has confirmed a data breach that exposed approximately 119,000 unique user email addresses, attributing the incident to a security compromise at Anodot, a third-party analytics vendor integrated with its systems. The breach came to light after…
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via backdoor-laced Windows and Android games This article has been indexed from WeLiveSecurity Read the original article: A rigged game: ScarCruft compromises gaming…
Attackers Bypass Azure AD Conditional Access Using Phantom Device Registration
A recent authorized red team operation by Howler Cell has demonstrated a critical attack path that completely bypasses Microsoft Entra ID (Azure AD) Conditional Access. Azure Conditional Access acts as the primary gatekeeper for cloud identity security, enforcing access rules…
When Screens Turn Against You: The Dark Mechanics of Webcam Sextortion
In the dim privacy of a personal screen, where anonymity is often assumed and discretion rarely questioned, a silent threat has begun to take shape. What was once dismissed as a crude bluff has, in certain cases, evolved into…
Critical Palo Alto Firewall Vulnerability Enables Attackers to Gain Root Privileges
Palo Alto Networks has issued an urgent security advisory concerning a critical vulnerability affecting its PAN-OS software. Tracked as CVE-2026-0300, this high-severity security flaw carries a CVSS 4.0 base score of 9.3 and is currently experiencing limited active exploitation in…
Ransomware Gangs Escalate Attacks on Aviation and Aerospace Sector
Ransomware and data extortion groups are increasingly targeting the aviation and aerospace sector, exploiting interconnected systems, shared platforms, and identity-based access models to cause operational disruption and data compromise. Cyber risk across aviation has shifted beyond traditional IT incidents toward…
Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. The post Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Tropic Trooper Expands Operations with Home Router Attacks and New Targets in Asia
A China-linked advanced persistent threat group known as Tropic Trooper is modifying how it operates, introducing unusual attack methods and expanding both its target base and technical toolkit. Recent observations show the group experimenting with new intrusion paths, including an…
Over 80 Organisations Impacted by Phishing Leveraging SimpleHelp and ScreenConnect
Researchers have identified a systematic intrusion operation that is utilizing remote management utilities, and recent findings reinforce this shift in phishing campaigns, which have evolved from opportunistic scams to structured intrusion operations. Researchers have identified an ongoing campaign that…
QR Phishing Explodes, Ubuntu Under Attack, CISA Warns Critical Infrastructure Prepare for Isolation
QR-code phishing is no longer a niche attack. Microsoft says QR phishing attacks jumped from 7.6 million in January to 18.7 million in March 2026 — a 146% increase in just three months. In this episode of Cybersecurity Today, David…
Critical Palo Alto Firewalls Vulnerability Exploited in the Wild to Gain Root Access
Palo Alto Networks has disclosed a critical buffer overflow vulnerability in PAN-OS software, tracked as CVE-2026-0300, that is already being actively exploited in the wild. The flaw carries a CVSS 4.0 score of 9.3 (CRITICAL) and allows unauthenticated attackers to…
IT Security News Hourly Summary 2026-05-06 06h : 1 posts
1 posts were published in the last hour 3:9 : India orders infosec red alert in case Mythos sparks crime spree