ShinyHunters breached Instructure and Vimeo, exposing millions of student and user records through direct and supply chain attacks. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: ShinyHunters’ Instructure Canvas…
Authenticated Arbitrary File Upload Vulnerability Patched in Slider Revolution 7 WordPress Plugin
On April 18th, 2026, we received a submission for an Authenticated Arbitrary File Upload vulnerability in Slider Revolution, a WordPress plugin. Although the plugin has more than 5,000,000 active installations, we estimate that only around 45,000 sites are using a…
Palo Alto Networks Firewall Zero-Day Exploited in Active Attacks
Palo Alto Networks disclosed a critical PAN-OS firewall vulnerability that is being actively exploited. The post Palo Alto Networks Firewall Zero-Day Exploited in Active Attacks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
Google Chrome’s silent 4GB AI download problem
Google Chrome writes a 4GB AI model to users’ devices without asking, and reinstalls it if you delete it. This article has been indexed from Malwarebytes Read the original article: Google Chrome’s silent 4GB AI download problem
ClickFix campaign uses fake macOS utilities lures to deliver infostealers
Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands. This campaign evades traditional defenses by stealing credentials, wallets, and sensitive data. The post ClickFix campaign uses fake macOS utilities lures to…
Microsoft named an overall leader in KuppingerCole Analyst’s 2026 Emerging AI Security Operations Center (SOC) report
Microsoft is excited to be named an Overall Leader, and the Market Leader in the Kuppinger Cole Analyst’s 2026 Emerging AI Security Operations Center (SOC) report, as we see automation and AI as core components of the future of cybersecurity.…
Hackers Hate AI Slop Even More Than You Do
It’s not just you. Scammers, hackers, and other cybercriminals are complaining about “AI shit” flooding platforms where they discuss cyberattacks and other illegal activity. This article has been indexed from Security Latest Read the original article: Hackers Hate AI Slop…
Some kids are bypassing age-verification checks with a fake mustache
A new survey found that kids find it easy to bypass age checks, despite a rise in age-verification laws around the world. This article has been indexed from Security News | TechCrunch Read the original article: Some kids are bypassing…
Iran cybersnoops still LARPing as ransomware crooks in espionage ops
MOIS-linked cyber outfit puts on a ransomware show to disguise the wide-open backdoor behind the scenes This article has been indexed from www.theregister.com – Articles Read the original article: Iran cybersnoops still LARPing as ransomware crooks in espionage ops
Cybercriminals Are Complaining About AI Slop Flooding Their Forums
It’s not just you. Hackers and other cybercriminals are complaining about “AI shit” flooding platforms where they discuss cyberattacks and other illegal activity. This article has been indexed from Security Latest Read the original article: Cybercriminals Are Complaining About AI…
UK Finance Sector Puts Cyber Defences to the Test in National Hackathon
Over the course of two days (April 27-28), banks, fintech companies, technology providers, and regulators from across the UK financial ecosystem came together for a cybersecurity competition designed to test real-world readiness, decision-making under pressure, and the ability to defend…
IT Security News Hourly Summary 2026-05-06 18h : 8 posts
8 posts were published in the last hour 15:34 : Iranian cyber espionage disguised as a Chaos Ransomware attack 15:34 : Remus Infostealer Uses Lumma-Style Browser Key Theft and Application-Bound Encryption Bypass 15:34 : Iranian-Nexus Operation Targets Oman Ministries With…
Iranian cyber espionage disguised as a Chaos Ransomware attack
Iran-linked APT MuddyWater used ransomware-style tactics to mask espionage, combining phishing, credential theft, data exfiltration, and extortion without encryption. A newly discovered cyber intrusion attributed to the Iran-linked APT MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) reveals how state-sponsored attackers are increasingly leveraging…
Remus Infostealer Uses Lumma-Style Browser Key Theft and Application-Bound Encryption Bypass
A dangerous new piece of malware called Remus has surfaced, quietly picking up where one of the most feared information stealers left off. Designed to steal browser passwords, cookies, and cryptocurrency wallets, Remus carries the DNA of Lumma Stealer, one…
Iranian-Nexus Operation Targets Oman Ministries With Webshells, SQL Escalation, and Data Theft
A sophisticated cyber operation linked to an Iranian-nexus threat actor has quietly worked through at least 12 Omani government ministries, stealing tens of thousands of citizen records and leaving persistent backdoors behind. The attackers used webshells, SQL server escalation, and…
Malicious OpenClaw DeepSeek Skill Exploits Agentic AI Workflows to Deliver RAT and Stealer
A cleverly disguised malware campaign is targeting developers and AI-driven systems by hiding inside what looks like a legitimate plugin for an open-source AI framework. Security researchers have uncovered a threat that takes full advantage of how modern AI agents…
Salesforce Marketing Cloud Vulnerability Opened Door to Email Data Exposure
A significant set of security vulnerabilities in Salesforce Marketing Cloud (SFMC) could have allowed attackers to read and expose private email data belonging to millions of users across hundreds of organizations. The flaws, now patched, were rooted in the platform’s…
ADT Data Breach Confirmed After ShinyHunters Threatens Leak of Stolen Customer Information
Now comes word that ADT, a provider of home security systems, suffered a data breach following threats by the hacking collective ShinyHunters to expose purloined records if payment isn’t made. This event joins others recently where attackers gain access…
Sri Lanka Finance Ministry Loses $2.5 Million in Cyberattack on Payment System
Sri Lanka is trying to recover $2.5 million after a cyberattack on the Finance Ministry’s payment system redirected funds away from their intended recipient, exposing fresh weaknesses in the country’s public financial controls. Officials say the breach involved email…
Businesses eager but unprepared for AI to transform their security strategies
Meanwhile, a new report found, companies are neglecting other basic security tools. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Businesses eager but unprepared for AI to transform their security strategies
Majority of IT Leaders Struggle to Manage Growing Identity Footprint Amid AI Expansion
New research from Keeper Security reveals that 89% of IT leaders struggle to manage the growing identity footprint amid AI expansion. The Identity Security at Machine Speed Report features insight from 200 cybersecurity decision-makers and senior IT leaders across Europe,…
Autonomous Offensive Security Firm XBOW Raises $35 Million
The company raised another $35 million as an extension to its previously announced Series C funding round. The post Autonomous Offensive Security Firm XBOW Raises $35 Million appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
CloudZ Malware Abuses Phone Link to Steal SMS OTPs
Cisco Talos uncovers CloudZ RAT and Pheno plugin abusing Microsoft Phone Link to intercept SMS OTPs This article has been indexed from www.infosecurity-magazine.com Read the original article: CloudZ Malware Abuses Phone Link to Steal SMS OTPs
NIST will test three major tech firms’ frontier AI models for cybersecurity risks
After Anthropic’s announcement of Claude Mythos, agencies across the government are racing to get ahead of new AI models’ potential dangers. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: NIST will test three…