Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on…
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. “The intrusion chain begins with execution of a…
U.S. Charges Suspected Scattered Spider Member
Federal authorities have taken legal action against Peter Stokes, a 19-year-old alleged member of the cybercriminal group known as Scattered Spider. This article has been indexed from CyberMaterial Read the original article: U.S. Charges Suspected Scattered Spider Member
Claude Mythos Fears Startle Japan’s Financial Sector
Japan’s financial sector is taking proactive steps to address potential cybersecurity threats posed by Anthropic’s new AI model, Mythos. This article has been indexed from CyberMaterial Read the original article: Claude Mythos Fears Startle Japan’s Financial Sector
Cybercrime Fighters Club Launched
Group-IB has announced the creation of the Cybercrime Fighters Club, a new initiative designed to foster collaboration and knowledge sharing in the cybersecurity field. This article has been indexed from CyberMaterial Read the original article: Cybercrime Fighters Club Launched
IT Security News Hourly Summary 2026-04-30 15h : 12 posts
12 posts were published in the last hour 12:37 : Check Point Cyber Security Now Available Across All Levels of U.S. Government 12:37 : 90,000 Screenshots of One Celebrity’s Phone Were Exposed Online 12:37 : Hackers arrested for stealing and…
Check Point Cyber Security Now Available Across All Levels of U.S. Government
We’re proud to announce that Check Point has earned GovRAMP Authorization for the Check Point Infinity Platform for Government. This is a big milestone for the company and is a reflection of our unparalleled prevention-first capabilities, which were recently ranked #1 for the fourth consecutive year in Miercom’s 2026 Hybrid…
90,000 Screenshots of One Celebrity’s Phone Were Exposed Online
Spyware appears to have captured everything from intimate photos to private messages from the smartphone of European celebrity. They were publicly accessible until a researcher flagged the exposure. This article has been indexed from Security Latest Read the original article:…
Hackers arrested for stealing and reselling 600,000 Roblox accounts
Ukrainian police detained three suspects accused of hacking into Roblox accounts and reselling the data on Russian websites, with payments made in cryptocurrency. Police raid (Source: The Prosecutor General’s Office of Ukraine) “Prosecutors of the Lviv region, together with the…
Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs
Proxmox Backup Server 4.2 is a maintenance and feature update built on Debian 13.4 “Trixie” that adds S3-compatible object storage as a supported backend and introduces parallel processing for sync jobs. The server ships the new version with Linux kernel…
Researchers develop tool to expose GPS signal spoofing in transit networks
The Oak Ridge National Laboratory (ORNL) has developed a portable detector that identifies GPS spoofing in real time, including during motion, to help protect transportation systems. Spoofing involves transmitting counterfeit signals that imitate authentic GPS transmissions and produce false information…
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)
Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working proof-of-concept (PoC) exploit is…
Met Police face criticism for using AI to spy on their own officers
London police officers have been warned by the Metropolitan Police Federation to watch their backs after the force deployed controversial AI software to investigate misconduct. The staff association, representing more than 30,000 officers in London, reported it had not been…
Vidar Rises to Top of Chaotic Infostealer Market
Vidar, a credential-stealing malware that has been active since 2018, has recently ascended to the top of the infostealer market. This article has been indexed from CyberMaterial Read the original article: Vidar Rises to Top of Chaotic Infostealer Market
PromptMink Malware Targets Crypto Trading Agents
A sophisticated malware campaign known as PromptMink has emerged, targeting the software development community, particularly those involved with autonomous crypto trading projects. This article has been indexed from CyberMaterial Read the original article: PromptMink Malware Targets Crypto Trading Agents
Feuding Ransomware Groups Leak Each Other’s Data
A recent feud between two ransomware groups, 0APT and KryBit, has led to the exposure of sensitive data from both parties. This article has been indexed from CyberMaterial Read the original article: Feuding Ransomware Groups Leak Each Other’s Data
Sandhills Medical Ransomware Breach
Sandhills Medical has recently disclosed a significant data breach that occurred nearly a year ago, affecting approximately 170,000 individuals. This article has been indexed from CyberMaterial Read the original article: Sandhills Medical Ransomware Breach
OpenAI Cyber Defense Roadmap Released
OpenAI has unveiled a new cyber defense roadmap titled ‘Cybersecurity in the Intelligence Age’, aimed at equipping security professionals with AI-powered tools to stay ahead of cyber threats. This article has been indexed from CyberMaterial Read the original article: OpenAI…
Nearly half of UK businesses pwned last year as phishing keeps doing the job like it’s 2005
Turns out the real problem is not AI but staff still clicking on dodgy emails from ‘IT support’ Nearly half of UK businesses are still getting breached, and in many cases, the attacker’s big breakthrough is an employee clicking “sure,…
EnOcean SmartServer Flaws Expose Buildings to Remote Hacking
Claroty researchers discovered two vulnerabilities that can be exploited for security bypass and remote code execution. The post EnOcean SmartServer Flaws Expose Buildings to Remote Hacking appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Benchmarking AI Pentesting Tools: A Practical Comparison
We benchmarked 4 AI pentesting tools: Escape, Shannon, Strix, PentAGI, and Claude against a modern vulnerable application. Learn more about their detection rates, false positive rates, and scanning speed. The post Benchmarking AI Pentesting Tools: A Practical Comparison appeared first…
What type of ‘C2 on a sleep cycle’ do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
Just in time for the Trump-Xi summit Exclusive A novel China-linked threat group infiltrated more than a dozen critical networks in Poland, Asian countries, and possibly beyond, beginning in December 2024 and with activity uncovered as recently as this month.……
Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months
The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers. The post Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Hackers Use Hidden QEMU Linux VMs to Evade Windows Security and Launch Stealth Attacks
Cybersecurity experts have uncovered a stealthy tactic where attackers bypass Windows defenses by running concealed Linux virtual machines using QEMU. Researchers warn that these hidden environments allow threat actors to maintain persistent access, steal sensitive data, and even deploy…