The EtherRAT malware family was first reported by Sysdig back in December 2025. At that time, the initial access vector was exploitation of CVE-2025-55182 (React2Shell) targeting Linux servers. In March 2026, a Windows variant campaign was reported by Atos, with…
Trending Hugging Face Repo With 200k Downloads Executes Malware on Windows Machines
A popular artificial intelligence repository on Hugging Face was recently found hiding dangerous malware that targeted Windows users. The repository, named “Open-OSS/privacy-filter,” had racked up over 200,000 downloads before the platform’s team stepped in and removed it. The malicious package…
Crimenetwork Takedown Exposes 22,000 Users and Over 100 Illegal Sellers
In a massive, internationally coordinated operation, the Frankfurt am Main Public Prosecutor’s Office – Central Office for Combating Internet Crime (ZIT) and the Federal Criminal Police Office (BKA) have successfully dismantled the relaunched “Crimenetwork” platform. Law enforcement officers arrested the…
ShinyHunters Breaches Instructure Canvas LMS Through Free-For-Teacher Account Program
The infamous hacking group ShinyHunters has struck again, this time targeting Instructure, the company behind Canvas Learning Management System (LMS). In early May 2026, Instructure confirmed unauthorized activity on its Canvas platform after detecting suspicious access on April 29, 2026.…
Build Application Firewalls Aim to Stop the Next Supply Chain Attack
Rather than scanning code alone, Build Application Firewalls inspect runtime behavior inside the software build pipeline. The post Build Application Firewalls Aim to Stop the Next Supply Chain Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Rushed Patches Follow Broken Embargo on New Linux Kernel Vulnerabilities
Two new high-severity vulnerabilities, dubbed ’Dirty Frag’ when chained, have been found in the Linux kernel, affecting most Linux distributions This article has been indexed from www.infosecurity-magazine.com Read the original article: Rushed Patches Follow Broken Embargo on New Linux Kernel…
Cyber Briefing: 2026.05.11
Threat actors are increasingly weaponizing trusted ecosystems, to deploy information stealers across Windows and macOS, while ransomware groups like Lynx continue to target public infrastructure …. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.05.11
How to Secure Secrets in CI/CD Pipelines
CI/CD pipelines are the foundation of modern software delivery. Every code change, no matter how small or large, always goes through automated build, test, and deployment workflows prior to production delivery, and then becomes available to end users. These CI/CD…
⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago — the same old holes, same lazy access…
Fake Claude Code Page Pushes PowerShell Stealer at Devs
Ontinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome’s IElevator2 This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Claude Code Page Pushes PowerShell Stealer at Devs
Romanian Man Faces Up to 30 Years in US Prison Over Vishing Scams
Romanian national Gavril Sandu faces up to 30 years in a US prison after extradition over a VOIP vishing and fake debit card fraud scheme. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More…
fsnotify Maintainer Access Change Sparks Supply Chain Security Concerns
A dispute over maintainer access in the widely used Go library fsnotify has triggered temporary supply chain concerns after contributors were removed from the project’s GitHub organization and recent releases came under scrutiny. While no evidence suggests that any version of fsnotify…
Yarbo responds to robot flaws that could mow down their owners
A researcher found a host of vulnerabilities in Yarbo garden robots that could expose Wi-Fi passwords, hijack cameras, and run over their owners on command. This article has been indexed from Malwarebytes Read the original article: Yarbo responds to robot…
Google Detects First AI-Generated Zero-Day Exploit
The zero-day was designed to bypass 2FA and it was developed by a prominent cybercrime group. The post Google Detects First AI-Generated Zero-Day Exploit appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Google…
Alation AI Governance creates a system of record for AI oversight
Alation has introduced Alation AI Governance, a new offering that gives enterprises the system of record they are missing for AI compliance. Enterprises are deploying AI models, agents, and tools faster than they can govern them. As a result, when…
Google researchers uncover criminal zero-day exploit likely built with AI
Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source web-based system administration tool. It allowed attackers to bypass two-factor authentication once they had valid user credentials. The…
GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access
Executive Summary Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based…
9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems
The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: 9-Year-Old…
SailPoint Agentic Fabric expands identity governance to autonomous AI agents
SailPoint has introduced SailPoint Agentic Fabric, a new platform designed to help enterprises secure AI agents and other non-human identities at scale. As organizations deploy autonomous AI agents across cloud environments, applications, and endpoints, they face a growing governance gap.…
Linux developers weigh emergency “killswitch” for vulnerable kernel functions
Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnerable kernel functions at runtime. The proposal, submitted by Linux kernel developer/maintainer Sasha Levin, arrives in the wake of the…
Hackers Observed Using AI to Develop Zero-Day for the First Time
Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day targeting open-source software This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Observed Using AI to Develop Zero-Day for the…
Lynx ransomware gang claims St Anne’s School attack
St Anne’s Catholic School in Southampton, UK, has become the latest victim claimed by the Lynx ransomware gang, which alleges it stole confidential information, financial data, and contracts during a March 2026 attack. This article has been indexed from CyberMaterial…
WEF: AI adoption in cybersecurity reaches 77%
Three-quarters of organizations have integrated artificial intelligence into their cybersecurity operations, according to a new World Economic Forum white paper titled “Empowering Defenders: AI for Cybersecurity.” The survey found that 77% of organizations currently use AI tools, while an overwhelming…
Police Shut Down Relaunched Crimenetwork Dark Web Marketplac
Law enforcement agencies in Germany and Spain have dismantled a relaunched version of the Crimenetwork dark web marketplace, arresting its operator at his home in Mallorca. This article has been indexed from CyberMaterial Read the original article: Police Shut Down…