A recent intrusion uncovered by security researchers revealed a calculated attack campaign that used a legitimate enterprise management tool as a weapon. The threat actor gained access through a compromised third-party IT services provider, then quietly moved through the victim’s…
Hackers Use OrBit Rootkit to Harvest SSH and Sudo Credentials From Linux Systems
A dangerous rootkit called OrBit has been quietly targeting Linux systems for years, stealing login credentials and hiding deep inside infected machines without triggering most security tools. New research reveals that what was once believed to be a custom-built threat…
Attackers replaced JDownloader installer downloads with malware
The JDownloader website was compromised and installer download links served malware for several days. This article has been indexed from Malwarebytes Read the original article: Attackers replaced JDownloader installer downloads with malware
IT Security News Hourly Summary 2026-05-15 15h : 19 posts
19 posts were published in the last hour 13:3 : Shai-Hulud Worm Steals Dev Secrets Across npm, GitHub, AWS & Kubernetes 13:3 : VMware Fusion Flaw Could Allow Attackers to Gain Root Privileges 13:3 : The Case for a Vulnerability…
Shai-Hulud Worm Steals Dev Secrets Across npm, GitHub, AWS & Kubernetes
Shai-Hulud is a major cybersecurity threat targeting the open-source software supply chain. Security researchers are raising alarms over “Shai-Hulud,” a self-propagating npm worm designed to steal sensitive developer credentials from GitHub, AWS, Kubernetes, and local environments. The campaign, tracked by…
VMware Fusion Flaw Could Allow Attackers to Gain Root Privileges
A newly disclosed vulnerability in VMware Fusion has raised serious security concerns after researchers confirmed it could allow attackers to escalate privileges to root on affected systems. The flaw, tracked as CVE-2026-41702, has been rated high severity with a CVSS…
The Case for a Vulnerability Operations Center
Vulnerability remediation has become an execution problem. Security teams are generating more findings than ever, but too often those findings do not translate into timely risk reduction. The gap between newly introduced exposure and effective remediation continues to widen. Addressing that gap requires more than improved…
Illicit Enterprise: An Anatomy of the Modern Underground Phishing Marketplace
Intel 471 analysts examined the evolving ecosystem of cybercriminal phishing marketplaces. The post Illicit Enterprise: An Anatomy of the Modern Underground Phishing Marketplace appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article:…
Cybersecurity Insider Survey: AI Is Fueling a New Generation of Threat Actors
A recent survey shows cybersecurity professionals increasingly believe AI is making cybercriminals more capable and attacks more scalable. The post Cybersecurity Insider Survey: AI Is Fueling a New Generation of Threat Actors appeared first on eSecurity Planet. This article has…
The Hidden Risk For IT Subcontractors: When Insurance, Not Security, Costs You The Contract
IT subcontractors have spent years preparing for cyberattacks. Data breaches, ransomware and supply chain vulnerabilities all remain constant threats. But in 2026, a different problem is costing firms and contractors… The post The Hidden Risk For IT Subcontractors: When Insurance,…
Meta’s confusing new approach to chat privacy
WhatsApp now offers disappearing AI chats Meta says it cannot read. While Instagram just removed the feature that stopped Meta reading your messages. This article has been indexed from Malwarebytes Read the original article: Meta’s confusing new approach to chat…
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cyber threat actor”. About CVE-2026-20182 CVE-2026-20182 – affecting both Cisco Catalyst SD-WAN Controller (the “brain” of the…
Google lets Workspace admins apply one policy across all SAML apps
Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third-party or internal applications that use the Security Assertion Markup Language (SAML) protocol to enable single sign-on (SSO) with…
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
OpenAI Compromised in TanStack Supply Chain Attack
OpenAI disclosed that two employee devices were compromised following a supply chain attack on TanStack, a widely used JavaScript library framework. This article has been indexed from CyberMaterial Read the original article: OpenAI Compromised in TanStack Supply Chain Attack
Japan’s Banks Use Claude for Cybersecurity Testing
Japan’s largest banks and financial regulators have begun using Anthropic’s Claude artificial intelligence system to test their cybersecurity defenses and identify potential vulnerabilities. This article has been indexed from CyberMaterial Read the original article: Japan’s Banks Use Claude for Cybersecurity…
UK King’s Speech Emphasizes Cyber Resilience
The UK government has announced new cybersecurity legislation in the King’s Speech, with particular emphasis on preparing organizations for post-quantum cryptographic threats. This article has been indexed from CyberMaterial Read the original article: UK King’s Speech Emphasizes Cyber Resilience
OpenAI faces class-action privacy lawsuit over data sharing
OpenAI Global LLC is defending against a class-action lawsuit filed in the Southern District of California that accuses the company of embedding Meta’s Facebook Pixel and Google Analytics tracking code into ChatGPT’s web interface, allegedly transmitting users’ sensitive conversations to…
Scott Lashway Named to Cybersecurity Docket’s 2026 Elite Lis
Cybersecurity Docket has recognized Scott Lashway, co-chair of Mintz’s Privacy & Cybersecurity Practice, on its 2026 Incident Response Elite list. This article has been indexed from CyberMaterial Read the original article: Scott Lashway Named to Cybersecurity Docket’s 2026 Elite Lis
Hackers Exploit OAuth Device Flow to Steal Microsoft 365 Tokens
Hackers are rapidly weaponizing a little-known Microsoft authentication feature to hijack enterprise accounts, as device code phishing surges across the threat landscape. The spike in activity is closely tied to the public release of criminal toolkits and phishing-as-a-service (PhaaS) platforms,…
Google Project Zero Details Pixel 10 Zero-Click Exploit Chain
A powerful zero-click exploit chain for the Pixel 10 that can take an attacker from a remote Dolby decoding bug to full kernel control through a single vulnerable video processing driver. The work shows both how quickly Google can now…
Your Identity Governance Is Lying to You
There’s a specific kind of compliance theater that anyone who’s worked in enterprise security will recognize. It’s quarterly access review season. A manager opens their inbox, sees 400 certification tasks due by Friday, and starts clicking “Approve” — not because…
Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild
Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions. The post Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article has been indexed from…
PraisonAI Vulnerability Actively Exploited Within Hours of Being Made Public
A high-severity vulnerability in PraisonAI is drawing urgent attention after security researchers observed exploitation attempts within hours of public disclosure. The flaw, tracked as CVE-2026-44338 and documented in the GitHub advisory GHSA-6rmh-7xcm-cpxj, exposes a critical authentication bypass in the platform’s…