A critical unauthenticated remote code execution vulnerability in Weaver (Fanwei) E-cology is being actively exploited in the wild, with real-world intrusion activity traced back to mid-March 2026, weeks before public awareness. Tracked as CVE-2026-22679 with a CVSS score of 9.8, this flaw exposes…
Silver Fox Uses Fake Tax Notices to Drop ValleyRAT and ABCDoor Backdoor
Silver Fox is running a tax‑themed phishing campaign that abuses fake notices from Indian and Russian tax authorities to drop ValleyRAT and a new Python backdoor dubbed ABCDoor, using a customized RustSL loader to evade detection and enforce strict geofencing…
Attackers Abuse Amazon SES to Send Authenticated Phishing Emails That Bypass Security
Threat actors are increasingly turning to Amazon’s own cloud email infrastructure to deliver phishing messages that look completely genuine, passing every standard security check along the way. Phishing has always been about deception. Attackers craft emails designed to look real,…
Code of Conduct Phishing Emails Target 35,000 Users in Multi-Stage AiTM Attack
A large-scale phishing campaign has been caught using fake “code of conduct” emails to trick employees into giving up their account credentials. The attackers did not just steal passwords. They went a step further by hijacking active authentication sessions through…
Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft
Dubbed Bleeding Llama, the heap out-of-bounds read issue can be exploited remotely, without authentication. The post Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Conti ransomware gang member sentenced to 102 months in prison
A Latvian national who was part of a major Russian ransomware organization that stole from and extorted more than 54 companies has been sentenced to 102 months in prison. Deniss Zolotarjovs, 35, of Moscow, Russia, was part of a group…
Download: Secure Foundations for AI Workloads on AWS
Center for Internet Security helps organizations deploy AI and high-performance compute environments from a trusted, hardened operating system baseline. CIS Hardened Images help teams reduce misconfiguration risk, support compliance efforts, and move faster in AWS. What are AI-optimized CIS Hardened…
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new findings from VulnCheck. The vulnerability in question is CVE-2026-29014 (CVSS score: 9.8), a code injection flaw that could…
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with no expiration date, no automatic cleanup, and in most organizations, no one watching it. Your…
Ask Me Anything Cyber: Bolster AI – Protecting the Internet at Scale
Expert perspectives can make cybersecurity conversations more useful, more practical, and more grounded. This article has been indexed from CyberMaterial Read the original article: Ask Me Anything Cyber: Bolster AI – Protecting the Internet at Scale
IT Security News Hourly Summary 2026-05-05 15h : 14 posts
14 posts were published in the last hour 12:34 : Cisco Acquisition of Astrix Security Signals to Strengthen on Non-Human Identity Security 12:34 : Proton Mail rolls out post-quantum encryption for all users as industry braces for ‘harvest now, decrypt…
Cisco Acquisition of Astrix Security Signals to Strengthen on Non-Human Identity Security
Networking and security leader Cisco has announced its intent to acquire Astrix Security, a pioneer in Non-Human Identity (NHI) management. Announced in May 2026, this acquisition is designed to help enterprises secure the rapidly expanding “agentic workforce”, the growing ecosystem…
Proton Mail rolls out post-quantum encryption for all users as industry braces for ‘harvest now, decrypt later’ threat
Proton Mail has today announced the rollout of post-quantum encryption (PQC) across its email platform, making quantum-resistant key generation available to all users, including those on free plans, in what the company describes as a proactive step ahead of the…
ShinyHunters claims dump puts 119K Vimeo emails in the wild
Vimeo points finger at analytics supplier Anodot, says no logins or card data were touched More than 119,000 Vimeo users’s email addresses were extracted in a breach traced to a third-party analytics vendor, according to Have I Been Pwned.… This…
ScarCruft Compromises Gaming Platform
A North Korean state-sponsored hacking group known as ScarCruft has successfully compromised a video game platform in a supply chain espionage operation, according to recent threat intelligence findings. This article has been indexed from CyberMaterial Read the original article: ScarCruft…
New Attribution Framework for APT Campaign Tracking
Advanced Persistent Threat (APT) tracking faces a fundamental challenge: adversaries no longer behave as stable, predictable entities. This article has been indexed from CyberMaterial Read the original article: New Attribution Framework for APT Campaign Tracking
Instagram Discontinues End-to-End Encryption
Meta has announced it will shut down Instagram’s optional end-to-end encrypted direct messaging feature on May 8, 2026. This article has been indexed from CyberMaterial Read the original article: Instagram Discontinues End-to-End Encryption
Karakurt negotiator sentenced to 8.5 years
A Latvian citizen has been sentenced to 8.5 years in federal prison after being convicted for his role as a negotiator for the Karakurt ransomware group, a Russian cybercrime operation. This article has been indexed from CyberMaterial Read the original…
Carleton College launches student cybersecurity teams
Carleton College has established new student cybersecurity teams designed to provide hands-on security training and competitive opportunities. This article has been indexed from CyberMaterial Read the original article: Carleton College launches student cybersecurity teams
Cerberus Stalkerware Hits Google Play, Abuses Accessibility and Firebase for Remote Control
Cerberus Anti-theft, a long-running Android “security” app, is operating as full-featured stalkerware on Google Play, abusing accessibility services and Google Firebase to give abusers near-total remote control over victims’ phones. Once installed, Cerberus lets an abuser push a custom lock‑screen…
Update WhatsApp now: Two new flaws could expose you to malicious files
WhatsApp patches flaws that could expose users to malicious content and disguised malware. This article has been indexed from Malwarebytes Read the original article: Update WhatsApp now: Two new flaws could expose you to malicious files
Romance scammers turn sweet talk into £102M payday
Victims losing £280K a day to fake profiles and sob stories Romance fraudsters scammed Britons out of £102 million ($138 million) last year, according to the latest police figures.… This article has been indexed from The Register – Security Read…
Critical Remote Code Execution Vulnerability Patched in Android
CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction. The post Critical Remote Code Execution Vulnerability Patched in Android appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Critical…
Oracle rolls out monthly security patch updates
Oracle is changing how its security fixes are delivered: starting in May 2026, there will be a monthly Critical Security Patch Update. “Each [monthly] CSPU is smaller and more focused, making it easier to apply critical fixes quickly [to customer-managed…