Google has published the May 2026 Android Security Bulletin, alerting the ecosystem to a highly severe remote code execution (RCE) flaw. Tracked as CVE-2026-0073, this critical vulnerability resides deep within the core Android System component. It allows an attacker to…
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens. The multi-stage campaign, observed between April…
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under active exploitation in the wild. The vulnerability (CVE-2026-22679, CVSS score: 9.8) relates to a case of unauthenticated remote code execution affecting…
California Gets Power To Ticket Robotaxis
Police in California gain power to issue tickets directly to autonomous car manufacturers for moving violations, as issues escalate This article has been indexed from Silicon UK Read the original article: California Gets Power To Ticket Robotaxis
How Iranian Cyber Intrusions Unfold Inside Enterprise Networks
Iranian cyber operations have gone from being disruptive single events to ongoing campaigns against governments, infrastructure providers, technology companies, and research organizations. Their ability to operate inside the same tools and infrastructure that defenders rely on makes these intrusions difficult…
Apple Adds End-to-End Encryption for RCS Messaging Between iPhone and Android in iOS 26.5
Apple has announced that end-to-end encryption for RCS messaging between iPhone and Android devices will be included in iOS 26. Thank you for being a Ghacks reader. The post Apple Adds End-to-End Encryption for RCS Messaging Between iPhone and Android…
Instructure discloses breach, DigiCert revokes certificates, Silver Fox targets Indian and Russian orgs
Instructure discloses breach amid leak threats DigiCert revokes certificates Silver Fox targets Indian and Russian orgs Get the show notes here: Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do…
AI Hallucinations Slip Into Two South Africa Policy Documents
Two senior South African ministers suspended, communications minister apologises after policy documents compromised by AI This article has been indexed from Silicon UK Read the original article: AI Hallucinations Slip Into Two South Africa Policy Documents
Samsung’s Lee Family Pays £6bn Inheritance Tax Bill
Soaring value of Samsung allows Lee family to pay record inheritance tax bill while increasing control over country’s biggest chaebol This article has been indexed from Silicon UK Read the original article: Samsung’s Lee Family Pays £6bn Inheritance Tax Bill
Copy Fail lands in CISA KEV as actively exploited Linux flaw threatens widespread privilege escalation
The Cybersecurity and Infrastructure Security Agency (CISA) has added another Linux kernel vulnerability, CVE-2026-31431, also known as Copy Fail, to the Known Exploited Vulnerabilities (KEVs). Inclusion in the list implies active real-world attacks and increases the priority of patches. This particular vulnerability, which…
IT Security News Hourly Summary 2026-05-05 09h : 2 posts
2 posts were published in the last hour 6:34 : pnpm 11 Turns On Minimum Release Age by Default to Reduce npm Supply Chain Risk 6:7 : Fake “Notepad++ for Mac” Site May Pose Malware Risk for Mac Users
pnpm 11 Turns On Minimum Release Age by Default to Reduce npm Supply Chain Risk
The npm ecosystem has long been a target for supply chain attacks, where threat actors exploit the open nature of public package registries to push malicious code into developer environments. With pnpm 11, the package manager takes a direct step…
Fake “Notepad++ for Mac” Site May Pose Malware Risk for Mac Users
A deceptive website is circulating online that claims to offer an official “Notepad++ for Mac” download, and it has already misled some users and even tech media outlets into believing that Notepad++ has finally launched a native macOS version. The…
Apache HTTP Server Vulnerability Exposes Millions to Remote Code Execution Threats
The Apache Software Foundation has released an urgent security update for the Apache HTTP Server to patch a severe vulnerability. Tracked as CVE-2026-23918, this flaw could allow attackers to execute malicious code remotely on affected web servers, putting millions of…
Microsoft Edge Found Storing Saved Passwords in Cleartext Memory at Startup
A new security finding reveals that Microsoft Edge loads every saved password into its process memory as cleartext the moment the browser launches. Even more surprising to security professionals is Microsoft’s official response to the disclosure, which states that this…
DigiCert Hacked in Screensaver-Based Attack to Fraudulently Obtain EV Code Signing Certificates
DigiCert, a major Certificate Authority, recently suffered a significant security breach where hackers used a malicious screensaver file to steal 60 Extended Validation (EV) Code Signing certificates. These highly trusted certificates were subsequently used to sign the “Zhong Stealer” malware,…
pnpm 11 Enables Default Release-Age Guard to Curb npm Supply Chain Attacks
pnpm 11 has been released with a strong focus on reducing software supply chain risk, introducing security-first defaults that directly address modern package ecosystem threats. The most significant change in pnpm 11 is the introduction of a default Minimum Release…
Critical Apache HTTP Server Flaw Exposes Millions of Servers to RCE Attacks
The Apache Software Foundation has released a critical security update for Apache HTTP Server, patching five vulnerabilities, including a dangerous double-free flaw capable of enabling Remote Code Execution (RCE) in version 2.4.67, released on May 4, 2026. All users running…
Microsoft Edge Stores All Saved Passwords in Cleartext Process Memory at Launch
A security researcher has discovered that Microsoft Edge decrypts every stored password into process memory the moment the browser launches and keeps them there as cleartext, regardless of whether the user ever visits those sites. The finding, disclosed on April…
Global Surge in Military Grade Spyware Puts Personal Smartphones at Risk
Global cybersecurity discourse is emerging with a growing surveillance threat under the surface as the UK’s top cyber authority issues a stark assessment of the unchecked proliferation of commercial spyware capabilities. Initially restricted to tightly regulated law enforcement use,…
IT Security News Hourly Summary 2026-05-05 06h : 4 posts
4 posts were published in the last hour 3:34 : Scientists just created exotic new forms of matter that shouldn’t exist 3:34 : Apache HTTP Server Exposes Millions of Servers to Remote Code Execution Attacks 3:34 : AI Models Surpass…
Scientists just created exotic new forms of matter that shouldn’t exist
A new quantum physics study reveals that simply changing a magnetic field over time can unlock entirely new forms of matter that don’t exist under normal conditions. By carefully “driving” materials with timed magnetic shifts, researchers created exotic quantum states…
Apache HTTP Server Exposes Millions of Servers to Remote Code Execution Attacks
The Apache Software Foundation has released a critical security update for Apache HTTP Server, patching five vulnerabilities, including a dangerous double-free flaw capable of enabling Remote Code Execution (RCE) in version 2.4.67, released on May 4, 2026. All users running…
AI Models Surpass Doctors in Emergency Diagnosis, Harvard Study Finds
A contemporary study conducted by researchers at Harvard University has revealed that advanced artificial intelligence systems are now capable of exceeding human doctors in both diagnosing medical conditions and determining treatment strategies, including in fast-paced and high-stakes emergency room…