Two American cybersecurity professionals were sentenced to four years each in federal prison on April 30, 2026, for carrying out ransomware attacks against multiple U.S. businesses using the ALPHV BlackCat ransomware. The U.S. Department of Justice confirmed the sentencing of…
AI Coding Agents Are Redefining Cyber Risk — Is Your Exposure Strategy Ready?
AI coding tools have allowed engineering teams to double their output, and 64% of organizations… AI Coding Agents Are Redefining Cyber Risk — Is Your Exposure Strategy Ready? on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration…
Celebrating 15th Years of HackersOnlineClub – Hello HOCSEC
For 15 years, HackersOnlineClub (HOC) has served as a trusted learning hub—dedicated to delivering a neutral, professional, and… The post Celebrating 15th Years of HackersOnlineClub – Hello HOCSEC appeared first on Hackers Online Club. This article has been indexed from…
Cybersecurity M&A Roundup: 33 Deals Announced in April 2026
Significant cybersecurity M&A deals announced by Airbus, Cyera, Fortra, Palo Alto Networks, Silverfort, and Socket. The post Cybersecurity M&A Roundup: 33 Deals Announced in April 2026 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Cisco Launches AI Provenance Tool to Strengthen Security and Compliance
Artificial intelligence models are integrated into countless enterprise applications, but knowing exactly where these models come from remains a major security hurdle. Cisco recently launched the Model Provenance Kit, an open-source tool for tracing the exact lineage of AI models.…
Bluekit Phishing Kit Streamlines Domains, 2FA Lures, and Session Hijacking
A newly discovered phishing kit called “Bluekit” is reshaping how cybercriminals run phishing campaigns by combining multiple attack stages into a single, centralized platform. Instead, Bluekit integrates these capabilities into one operator panel, streamlining the entire attack lifecycle from setup…
Celebrating 15 Years of HackersOnlineClub – Hello HOCSEC
For 15 years, HackersOnlineClub (HOC) has served as a trusted learning hub—dedicated to delivering a neutral, professional, and… The post Celebrating 15 Years of HackersOnlineClub – Hello HOCSEC appeared first on Hackers Online Club. This article has been indexed from…
DigiCert Revokes Certificates After Support Portal Hack
Hackers delivered malware via a customer chat channel, infected an analyst’s system, and accessed the internal support portal. The post DigiCert Revokes Certificates After Support Portal Hack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Handling User Documents Securely in Authentication and Onboarding Systems
Learn how to securely handle user documents in authentication and onboarding systems to protect data, ensure compliance, and prevent breaches. The post Handling User Documents Securely in Authentication and Onboarding Systems appeared first on Security Boulevard. This article has been…
ShinyHunters Targets Instructure in Massive Data Breach Affecting Millions
Instructure officially disclosed the security incident after the ShinyHunters extortion group listed the company on their data leak site. This article has been indexed from CyberMaterial Read the original article: ShinyHunters Targets Instructure in Massive Data Breach Affecting Millions
Salt Typhoon Linked to IBM Subsidiary Breach
The breach targeted a central pillar of Italy’s digital framework, as Sistemi Informativi manages critical IT infrastructure for a wide range of public agencies and private sector giants. This article has been indexed from CyberMaterial Read the original article: Salt…
AI accelerates vulnerability discovery and forces rapid updates according to UK NCSC
The National Cyber Security Centre warns that artificial intelligence is significantly shortening the time it takes for attackers to find and exploit software vulnerabilities. This article has been indexed from CyberMaterial Read the original article: AI accelerates vulnerability discovery and…
Russian cyber operative admits to sabotaging international energy infrastructure
A Russian hacker linked to state-sponsored attacks on global oil and gas systems has pleaded guilty in a U.S. This article has been indexed from CyberMaterial Read the original article: Russian cyber operative admits to sabotaging international energy infrastructure
Google Shifts Bug Bounty Focus Toward High Impact Exploits and Android Security
Google is significantly restructuring its security rewards to keep pace with the rapid evolution of generative artificial intelligence in the cybersecurity sector. This article has been indexed from CyberMaterial Read the original article: Google Shifts Bug Bounty Focus Toward High…
IT Security News Hourly Summary 2026-05-04 15h : 8 posts
8 posts were published in the last hour 12:34 : Canvas Confirms Data Breach Following ShinyHunters Claim 12:34 : Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia 12:34 : 2026: The Year of AI-Assisted Attacks 12:34…
Canvas Confirms Data Breach Following ShinyHunters Claim
Instructure, the educational technology company behind the widely used Canvas Learning Management System (LMS), has officially confirmed a major data breach. This confirmation directly follows recent claims made by the notorious threat actor group known as ShinyHunters. Canvas is a…
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor. The activity involved using phishing emails that mimic correspondence from the Income Tax…
2026: The Year of AI-Assisted Attacks
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan’s largest internet cafe…
CISA Adds Major Linux Kernel Vulnerability to Known Exploited Vulnerabilities Catalog
The Cybersecurity and Infrastructure Security Agency recently expanded its Known Exploited Vulnerabilities catalog to include CVE-2026-31431, a logic flaw in the Linux kernel’s cryptographic template. This article has been indexed from CyberMaterial Read the original article: CISA Adds Major Linux…
Cybercrime Syndicates Exploit Vishing and SSO Vulnerabilities for High-Speed Cloud Extortion
The evolution of these tactics marks a significant shift in the cybercrime landscape, as threat actors move away from slow, malware-heavy infections toward agile, identity-based intrusions. This article has been indexed from CyberMaterial Read the original article: Cybercrime Syndicates Exploit…
Ubuntu Infrastructure Disruptions Linked to Coordinated DDoS Campaign
Canonical recently confirmed that its web infrastructure is currently enduring a sustained cross-border attack. This article has been indexed from CyberMaterial Read the original article: Ubuntu Infrastructure Disruptions Linked to Coordinated DDoS Campaign
Malicious TanStack Package Abuses Postinstall Script to Steal Developer Secrets
A malicious npm package named “tanstack” has been discovered deploying a stealthy data exfiltration campaign, targeting developers through a deceptive naming strategy and a hidden postinstall script. The package, impersonating the well-known TanStack ecosystem, was weaponized to steal sensitive environment files immediately…
Thousands of Facebook accounts stolen by phishing emails sent through Google
In an ongoing operation, hackers are hijacking Facebook accounts using Google AppSheet to send phishing emails that pass security checks. This article has been indexed from Malwarebytes Read the original article: Thousands of Facebook accounts stolen by phishing emails sent…
U.S. CISA adds a flaw in Linux Kernel to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Linux Kernel to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in the Linux Kernel, tracked as CVE-2026-31431 (CVSS score of 7.8),…