Telco giant says no sensitive data was taken, though names, addresses, phones, and emails are now out there This article has been indexed from www.theregister.com – Articles Read the original article: ShinyHunters adds Charter to trophy shelf after 4.9M customer…
Chrome 148 Update Patches 151 Vulnerabilities
The browser update resolves critical-severity security defects that could potentially lead to remote code execution. The post Chrome 148 Update Patches 151 Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Chrome 148…
LinkedIn-themed phishing abuses Adobe’s A/B testing platform
A newly documented phishing campaign is targeting professionals with fake LinkedIn business emails and abusing a trusted service operated by Adobe. The attack from the victim’s perspective The attack starts with an email that looks, at first glance, like a…
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil’s largest cooperative financial systems, to siphon client IDs and PFX certificates. According to Socket, versions 2.0.0 through 2.0.4 of…
IT Security News Hourly Summary 2026-05-29 12h : 5 posts
5 posts were published in the last hour 10:2 : The Deliverability Problem: How New Platforms Are Solving Inbox Placement 10:2 : GitLab Patches Multiple Duo AI, DoS, and Authorisation Vulnerabilities 10:2 : Infosecurity Europe: CyCOS Project Expands to Support…
The Deliverability Problem: How New Platforms Are Solving Inbox Placement
Email still reaches more people than any other digital channel. Getting it to actually land in the inbox… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: The Deliverability Problem:…
GitLab Patches Multiple Duo AI, DoS, and Authorisation Vulnerabilities
GitLab has released patch versions 19.0.1, 18.11.4, and 18.10.7 to fix seven security issues affecting GitLab CE and EE, including Duo AI workflow runner access control, a Wiki denial-of-service flaw, and several authorization bugs across GraphQL, Duo Workflows, Operations, Pipelines,…
Infosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec Takes Over
From a research-driven pilot, the Cybersecurity Communities of Support (CyCOS) is about to be handed over to CIISec This article has been indexed from www.infosecurity-magazine.com Read the original article: Infosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec…
BTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone
BTMOB sells Android full-device takeover as a kit, no coding needed. It steals data, records screens, and hands attackers remote control for $5,000 lifetime. Most Android malware requires at least some technical competence to deploy, but the BTMOB doesn’t. The…
Microsoft 365 Copilot redesign brings context and actions into one workspace
Microsoft 365 Copilot, an AI assistant that helps people write, summarize, analyze information, and complete work tasks, has been redesigned. It now serves as a single, flexible entry point to Copilot across Microsoft 365 apps, suggesting relevant actions based on…
Fake Adobe Document Cloud Pages Spread ScreenConnect Malware
Hackers are actively exploiting trust in Adobe Document Cloud by using fake delivery pages to install remote access malware. The campaign leverages a sophisticated phishing kit named “RatPressto,” which abuses compromised WordPress sites and legitimate software to evade detection while…
Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies
ESET’s 2026 APT Activity Report suggests China-backed APTs are using instability in the region to target victims, as well as continuing activity against organizations around the globe This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers…
Google Patches 151 Vulnerabilities in Chrome, Including 22 Critical Ones
Google has pushed a major Chrome Stable update that fixes 151 security flaws, including 22 critical vulnerabilities affecting core graphics, networking, media, and UI components across Windows, macOS, and Linux. The Stable channel has been updated to version 148.0.7778.216/217 for…
Critical Samba Vulnerability Enables Remote Code Execution Attacks
A critical vulnerability in the Samba printing subsystem, tracked as CVE-2026-4480, has been disclosed, allowing unauthenticated attackers to achieve remote code execution (RCE) on affected systems. The flaw carries a maximum CVSS v3.1 score of 10.0, highlighting its severe impact…
Malicious RVTools Installer Abuses Sectigo Certificate to Bypass SmartScreen Warnings
A trusted tool for VMware administrators has been weaponized. Attackers built a fake version of RVTools, a widely used utility for managing virtual infrastructure, and disguised it with a real digital certificate to slip past Windows security warnings without raising…
AI-Generated npm Malware Leaks Its Own GitHub Token
Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Generated npm Malware Leaks Its Own GitHub Token
Are hackers using AI personalities to attack?
Yes, hackers are continually using AI personas to provide helpful advice on how to commit cybercrimes. AI chatbots are susceptible to manipulation. And after a… The post Are hackers using AI personalities to attack? appeared first on Panda Security Mediacenter.…
Samba Security Flaw Lets Attackers Execute Code Remotely
A critical security vulnerability in Samba’s printing subsystem has been disclosed, allowing unauthenticated attackers to execute arbitrary code remotely on affected servers. Tracked as CVE-2026-4480, the flaw carries a maximum CVSS score of 10.0, highlighting its severe impact on confidentiality,…
Anthropic launches Claude Opus 4.8, prepares Mythos-class models for all customers
Anthropic has released Claude Opus 4.8 and outlined plans for broader access to its Mythos-class models, which the company expects to make available to all customers in the coming weeks. Claude Opus 4.8 (Source: Anthropic) Claude Opus 4.8 is available…
Claude Opus 4.8 Released With Advanced Engineering-Level Coding Capabilities
Anthropic has announced the release of Claude Opus 4.8, a major upgrade to its flagship AI model that introduces advanced engineering-level coding capabilities and improved autonomous task execution. The latest version builds on Opus 4.7, focusing on enhanced reasoning, longer…
OpenVPN Connect macOS Vulnerability Allows Remote Command Execution
OpenVPN has released a critical security update for its macOS client after researchers uncovered a vulnerability that could allow remote command execution on affected systems. The issue, tracked as CVE-2026-9560, impacts the privileged helper component in OpenVPN Connect and has…
Zapocalypse Attack Lets Threat Actors Hijack Zapier Accounts
“Zapocalypse” is a newly disclosed attack chain that shows how attackers could have abused Zapier’s “Code by Zapier” feature to move from a single sandboxed Python step to a potential full-scale Zapier account takeover. The research, carried out by Token…
Humanix expands detection to identify live violations of security procedures
Humanix has announced a capability to identify live violations of organization-defined procedures governing IT support workflows. Designed to prevent unauthorized access, these procedures typically require help desk and service desk agents to follow identity verification steps before fulfilling sensitive requests,…
Claroty targets cyber-physical system risks with AI-powered security agent
Claroty has launched Claroty Claire, a CPS-native AI security agent designed to help organizations defend mission-critical infrastructure. Claire is powered by a CPS language model trained on more than a decade of industry expertise and CPS-related data. The launch expands…