Security researchers have exposed critical sandbox escape vulnerabilities in Sandboxie and Sandboxie-Plus that allow attackers to gain full SYSTEM-level privileges. We strongly urge users to update to version 1.17.5, which was recently patched, to mitigate these severe execution threats. A…
Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack
A malicious version of the plugin was published to the Jenkins Marketplace late last week. The post Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Google reCAPTCHA Update Blocks Privacy-Focused Android Users From Sites
Google has rolled out a significant update to its reCAPTCHA verification system that fundamentally alters how websites verify human traffic. Announced on April 22 at the Google Cloud Next 2026 conference, the new mechanism operates through Google’s Cloud Fraud Defense…
Vidar Malware Targets Browser Credentials, Cookies, Crypto Wallets, and System Data
A long-active information stealer is making headlines again, and this time it is targeting more than just passwords. Vidar malware, a credential-harvesting tool in circulation since late 2018, has been observed running through a sophisticated multi-stage attack chain designed to…
The scam economy has found its AI upgrade
Scam attempts continue to reach consumers via email, text messages, social media, online advertising, and phone calls. The volume of exposure has remained stable over the past year, with more than half of consumers encountering scam attempts at least monthly,…
Identity is the new perimeter as rapid NHI proliferation threatens visibility and control
NHIs are linked to diverse assets across the enterprise technology ecosystem, creating a highly fragmented architecture and making it challenging for security teams to maintain visibility and control. This article has been indexed from Cybersecurity Dive – Latest News Read…
Canvas System Is Online After a Cyberattack Disrupted Thousands of Schools
Tens of thousands of students studying for final exams around the world have regained access to a key online learning system after a cyberattack had earlier knocked it offline. The post Canvas System Is Online After a Cyberattack Disrupted Thousands…
Zara Data Breach Impacts Nearly 200,000 Customers
ShinyHunters gets away with emails and other data on 200,000 Zara customers This article has been indexed from www.infosecurity-magazine.com Read the original article: Zara Data Breach Impacts Nearly 200,000 Customers
Silicon In Focus Podcast: Identity Under Siege: Why Credentials Are the New Battleground
Discover why identity is the new cybersecurity battleground as experts explore zero trust, MFA weaknesses, AI threats, and credential attacks. This article has been indexed from Silicon UK Read the original article: Silicon In Focus Podcast: Identity Under Siege: Why…
Apple Tests AI-Powered AirPods With Cameras
Apple reportedly in late testing stage for AirPods with cameras that could feed visual information to upgraded Siri assistant This article has been indexed from Silicon UK Read the original article: Apple Tests AI-Powered AirPods With Cameras
OpenClaw Malware Targets Crypto Wallets and Bitwarden Credentials
OpenClaw users are being targeted in a fresh malware campaign that abuses a fake installer to steal credentials from popular crypto wallets and password managers, including MetaMask, Phantom, and Bitwarden. The archive contains a 130MB Rust executable padded with fake…
Taiwan’s train cyber-trauma reveals a global system that’s coming off the tracks
That’s not a radio. THIS is a radio This article has been indexed from www.theregister.com – Articles Read the original article: Taiwan’s train cyber-trauma reveals a global system that’s coming off the tracks
New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks
Also called Copy Fail 2 and tracked as CVE-2026-43284 and CVE-2026-43500, the exploit was disclosed before a patch was released. The post New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks appeared first on SecurityWeek. This article has been indexed…
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
A malicious Hugging Face repository managed to take a spot in the platform’s trending list by impersonating OpenAI’s Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users. The project, named Open-OSS/privacy-filter, masqueraded as its legitimate counterpart,…
Police Shut Relaunched Crimenetwork Dark Web Marketplace
Spanish police have arrested the suspected administrator of German dark web marketplace Crimenetwork This article has been indexed from www.infosecurity-magazine.com Read the original article: Police Shut Relaunched Crimenetwork Dark Web Marketplace
New cPanel vulnerabilities, JDownloader delivers malware, Schumer pushes DHS
CPanel, WHM release fixes for three new vulnerabilities Official JDownloader site serves malware to Windows and Linux users Sen. Schumer seeks DHS plan on AI cyber coordination Get the show notes here: https://cisoseries.com/cybersecurity-news-new-cpanel-vulnerabilities-jdownloader-delivers-malware-schumer-pushes-dhs/ Huge thanks to our episode sponsor, Doppel…
China-Founded MiroMind Halts Mainland AI Services
China-founded, Singapore-based AI start-up MiroMind halts services in China amid business restructure prompted by Manus buyout rejection This article has been indexed from Silicon UK Read the original article: China-Founded MiroMind Halts Mainland AI Services
Crimenetwork Bust Reveals 22,000 Members and Over 100 Illicit Vendors
Law enforcement authorities have successfully dismantled the relaunched version of “Crimenetwork,” a prominent criminal online trading platform. A 35-year-old German citizen, suspected of operating the illicit platform, was apprehended at his residence in Mallorca, Spain, by a special unit of…
Amazon Launches Drone Deliveries In UK
Small area around Amazon warehouse in County Durham open for airborne deliveries, with drones dropping packages 12ft onto lawns This article has been indexed from Silicon UK Read the original article: Amazon Launches Drone Deliveries In UK
ShinyHunters Exploits Canvas LMS Free Teacher Accounts in New Breach
In early May 2026, ShinyHunters breached Instructure’s Canvas LMS by abusing the Free-For-Teacher (FFT) account program, triggering an active extortion campaign and exposing student and faculty data across thousands of schools worldwide. ShinyHunters claimed responsibility on 3 May and published…
Instagram removed end-to-end encryption for DMs. What should users do?
Instagram removes direct messages (DM) end-to-end encryption May 8, 2026, letting Meta access chats. Users should download backups amid privacy concerns and U.S. law pressure. Starting May 8, 2026, Instagram users who previously enabled end-to-end encryption in direct messages will…
JDownloader Downloader Hacked to Infect Users With New Python RAT
JDownloader, the popular open-source download manager trusted by millions of users worldwide, was at the center of a serious supply chain attack in early May 2026. Attackers quietly compromised the official jdownloader.org website and replaced legitimate installer download links with…
A week in security (May 4 – May 10)
A list of topics we covered in the week of May 4 to May 10 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (May 4 – May 10)
Resurrected ‘Crimenetwork’ Marketplace Taken Down, Administrator Arrested
The second iteration of the German-speaking online crime marketplace had over 22,000 users and more than 100 sellers. The post Resurrected ‘Crimenetwork’ Marketplace Taken Down, Administrator Arrested appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…