Cybersecurity experts found a large-scale fraud campaign that used Telegram’s Mini App feature to launch crypto attacks, mimic famous brands and spread Android malware. FEMITBOT malware Research by CTM360 has dubbed the platform as FEMITBOT, it is based on…
Cisco cuts nearly 4,000 jobs to spend more on AI, reports ‘record quarterly revenue’
This is Cisco’s latest layoff in recent years, while the company’s chief executive touts record revenue and growth. This article has been indexed from Security News | TechCrunch Read the original article: Cisco cuts nearly 4,000 jobs to spend more…
New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation
The vulnerability, tracked as CVE-2026-46300, is similar to the recently disclosed exploits named Dirty Frag and Copy Fail. The post New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
HYCU aiR detects insider risk and AI activity from backups
HYCU has announced HYCU aiR (AI Resilience), an AI-native solution that turns backup data across dozens of applications into a live and actionable intelligence for security, compliance, and IT teams. aiR lets organizations search, query, and run purpose-built agents to…
Sandworm Hackers Shift From IT Breaches to Critical OT Targets
A new wave of cyber activity linked to the notorious Sandworm group is raising fresh alarms across global critical infrastructure. Security researchers warn that the Russian state-backed threat actor is no longer just infiltrating IT networks it is actively pivoting…
Critical WordPress Plugin Flaw Allows Unauthorized Access to Websites
A critical vulnerability in a widely used WordPress plugin has exposed more than 200,000 websites to potential takeover, raising urgent concerns across the security community. Security researchers at Wordfence, using their AI-driven PRISM platform, have uncovered a severe authentication bypass…
TeamPCP, BreachForums Launch $1K Supply-Chain Attack Contest
A new cybercrime campaign is turning supply chain attacks into a public competition, as TeamPCP and BreachForums operators launch a $1,000 contest that encourages hackers to compromise open-source packages. The initiative, first highlighted by Dark Web Informer, signals an escalation…
Google Launches Android Spyware Forensics Tool for High-Risk Users
Google’s Android Advanced Protection Mode is getting a new feature allowing trusted security experts to investigate potential spyware infections This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Launches Android Spyware Forensics Tool for High-Risk Users
EN, SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms.
LABScon25 Replay | Breach Alpha: Trading on Cyber Fallout
Mick Baccio and Scott Roberts examine whether public breach signals and market timing models can turn cyber incidents into actionable trading opportunities. This article has been indexed from SentinelLabs – We are hunters, reversers, exploit developers, and tinkerers shedding light…
Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution
Windows systems worldwide are at risk from a new critical flaw in the Windows DNS Client that could allow remote code execution without any user interaction. Tracked as CVE-2026-41096, the vulnerability has been rated critical with a CVSS base score…
Before the First Whistle: How Cyber Criminals Are Targeting World Cup 2026
The FIFA World Cup 2026 is one of the most anticipated sporting events in history, and cyber criminals are already capitalizing on excitement. As matches kick off across the United States, Canada, and Mexico, threat actors are flooding the internet with fake merchandise…
Akamai to Acquire AI and Browser Security Firm LayerX for $205 Million
The acquisition enables Akamai to expand its Zero Trust portfolio to add protection directly into the browser. The post Akamai to Acquire AI and Browser Security Firm LayerX for $205 Million appeared first on SecurityWeek. This article has been indexed…
Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere
Independent benchmarking finds Mythos highly effective for source code audits, reverse engineering, and native-code analysis, though its exploit validation and reasoning capabilities remain inconsistent. The post Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere appeared first on SecurityWeek. This…
IT Security News Hourly Summary 2026-05-14 15h : 19 posts
19 posts were published in the last hour 13:5 : New Fragnesia Flaw Hands Linux Local Users Root Access 13:4 : Cyber Briefing: 2026.05.14 12:35 : FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit 12:35 : Chinese…
New Fragnesia Flaw Hands Linux Local Users Root Access
New Fragnesia kernel flaw lets unprivileged local users escalate to root on Linux systems This article has been indexed from www.infosecurity-magazine.com Read the original article: New Fragnesia Flaw Hands Linux Local Users Root Access
Cyber Briefing: 2026.05.14
Attackers are leveraging legacy proxy tools for persistent access in a landscape where critical infrastructure and healthcare remain highly vulnerable to third-party supply chain failures and evolving This article has been indexed from CyberMaterial Read the original article: Cyber Briefing:…
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: FamousSparrow Targeted Oil…
Chinese APT Exploits Microsoft Exchange to Breach Energy Sector Network
Chinese state-aligned hackers compromised a Microsoft Exchange server at a major energy firm. They repeatedly reused that same entry point to run a months‑long espionage operation, deploying the Deed RAT and Terndoor backdoors to maintain deep access across the network.…
Palo Alto PAN-OS 0-Day Exploited to Execute Arbitrary Code With Root Privileges on Firewalls
A critical vulnerability in Palo Alto Networks PAN-OS is putting enterprise firewalls at risk, allowing unauthenticated attackers to execute arbitrary code with root privileges. Tracked as CVE-2026-0300, the flaw affects the User-ID Authentication Portal (Captive Portal) and has already seen…
Hackers Abuse Legitimate HWMonitor Binary to Load Malicious DLL Payload
Hackers are once again turning familiar tools against the very users who trust them. A new attack campaign has been discovered in which threat actors weaponized HWMonitor, a widely used hardware monitoring utility developed by CPUID, to silently deliver a…
Critical GitLab Vulnerabilities Enables XSS and Unauthenticated DoS Attacks
Threat actors are constantly hunting for infrastructure weaknesses, and a newly discovered batch of vulnerabilities in GitLab just handed them a dangerous roadmap. On May 13, 2026, GitLab rolled out emergency security updates to address multiple high-severity flaws. These bugs…
Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns
Salt Typhoon has hit an energy entity in Azerbaijan. Twill Typhoon has targeted Asian entities with an updated RAT. The post Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns appeared first on SecurityWeek. This article has been indexed from…
Cofense adds AI-powered campaign detection to stop phishing attacks
Cofense has announced new advancements to its Phishing Defense Platform aimed at improving detection and response to AI-powered phishing attacks. The updates include AI-driven phishing detection, enhanced triage automation, and AI-assisted training campaign creation designed to strengthen protection across the…
Foxconn confirms factory attacks, BitLocker zero-day accesses protected drives, MDASH patches Windows flaws
Foxconn confirms North American factory attack BitLocker zero-day accesses protected drives MDASH patches 16 Windows flaws Get the show notes here: https://cisoseries.com/cybersecurity-news-foxconn-factory-attacks-bitlocker-zero-day-accesses-protected-drives-mdash-patches-windows-flaws/↗ Huge thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal…