Lens by Mirantis has announced Lens Agents, a governed platform for running AI agents across enterprise systems, giving organizations a unified, policy-driven way to run, secure, and scale AI agents across desktop and cloud environments. Available in early access, Lens…
NordVPN Adds On-Device AI Voice Detector to Chrome Extension to Identify Synthetic Audio
NordVPN has introduced an AI Voice Detector feature to its Chrome browser extension. Thank you for being a Ghacks reader. The post NordVPN Adds On-Device AI Voice Detector to Chrome Extension to Identify Synthetic Audio appeared first on gHacks. This…
Telegram Mini Apps malware, cPanel is Sorry, patch wave warning
Telegram Mini Apps deliver Android malware CISA orders Federal agencies to patch cPanel bug by Sunday British cyber agency warns of looming ‘patch wave’ due to speedy AI flaw discovery Get the show notes here: https://cisoseries.com/cybersecurity-news-telegram-mini-apps-malware-cpanel-is-sorry-patch-wave-warning/ Thanks to our episode…
DigiCert Root Certificates Incorrectly Detected as Malware by Microsoft Defender
On May 3, 2026, system administrators and everyday users worldwide experienced a sudden, massive spike in severe security alerts from Microsoft Defender. The native Windows security platform began aggressively flagging system files as “Trojan:Win32/Cerdigent.A!dha.” This unexpected detection caused widespread panic…
Trellix Source Code Breach Exposes Repository to Unauthorized Access
Leading cybersecurity firm Trellix has announced a security incident involving unauthorized access to a portion of its source code repository. The breach highlights a growing trend of threat actors targeting top-tier security vendors to uncover potential software vulnerabilities. The Breach…
FreeBSD Systems at Risk From DHCP Client RCE Vulnerability
The FreeBSD Project has issued a critical security advisory (FreeBSD-SA-26:12.dhclient) to address a severe Remote Code Execution (RCE) vulnerability in its default IPv4 DHCP client. Tracked as CVE-2026-42511, this flaw allows local network attackers to execute arbitrary code with root…
MOVEit Authentication Bypass Vulnerability Sparks Security Concerns
Progress Software has issued a critical security alert for its MOVEit Automation software. Two severe vulnerabilities have been discovered that could allow attackers to bypass authentication and escalate their privileges. Because of the critical nature of these flaws, administrators are…
IT Security News Hourly Summary 2026-05-04 09h : 4 posts
4 posts were published in the last hour 6:34 : Visual data is the blind spot in enterprise security: that’s about to change 6:34 : True Threats and True Crimes – Those Memes You Post Might Be Crimes 6:34 :…
Visual data is the blind spot in enterprise security: that’s about to change
Most enterprise security teams can tell you exactly how their databases are encrypted. They know who has access to their CRM and can pull audit logs for every sensitive document that’s been opened, copied, or shared in the last 90…
True Threats and True Crimes – Those Memes You Post Might Be Crimes
Does reposting a “86 47” meme constitute a criminal threat? Analyzing the James Comey indictment through the lens of Counterman v. Colorado and Elonis v. United States. The post True Threats and True Crimes – Those Memes You Post Might…
Brush shell 0.4.0 tightens script safety, widens platform support
Rust-based alternatives to traditional Unix shells continue to attract users who want bash compatibility alongside built-in features like syntax highlighting and history-based suggestions. Brush, a bash- and POSIX-compatible shell written in Rust, sits in that group, and version 0.4.0 brings…
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam centers used for cryptocurrency investment fraud schemes targeting Americans, resulting in millions of dollars in losses. The crackdown was led…
Reborn Gaming – 126 breached accounts
In April 2026, the gaming community Reborn Gaming suffered a data breach due to a vulnerability in cPanel and WebHost Manager (WHM). The breach exposed 126 unique email addresses along with IP addresses and Steam IDs. Reborn Gaming self-submitted the…
Identity Risk Intelligence vs Threat Intelligence: What’s the Difference?
Introduction: Two terms, one growing confusion In cybersecurity conversations today, two terms are showing up more frequently: Threat Intelligence Identity Risk Intelligence At a glance, they sound similar. Both deal with data, risk, and security insights. But they solve fundamentally…
Pipelock: Open-source AI agent firewall
AI coding agents run with shell access, environment variables containing API keys, and unrestricted internet connectivity, creating a single point of failure where one compromised tool call can leak credentials to an attacker-controlled domain. Pipelock, an open-source security harness developed…
Microsoft Just Broke Trust — And It Might Be the Right Move
Most people never think about root certificates. But almost everything online depends on them. This week, Microsoft Defender made a move that sounds small on the surface — removing a root certificate from Windows computers. In reality, it’s the kind of…
What researchers learned about building an LLM security workflow
Security operations centers are running into the same wall everywhere. Detection tools generate more alerts than analysts can work through, and the early stages of any investigation involve pulling together logs from several sources to decide whether something is worth…
Spotting third-party cyber risk before attackers do
In this Help Net Security video, Jeffrey Wheatman, SVP and Cyber Strategist at Black Kite, discusses how organizations can identify and manage third-party cyber exposures before attackers exploit them. He argues that businesses should move beyond a data-loss mindset toward…
Nvidia China Market Share Zero
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Cybersecurity Today Read the original article: Nvidia China Market Share Zero
Your work apps are quietly handing 19 data points to someone
Office work in 2026 runs through a stack of mobile apps that sit on the same phones people use for banking, messaging family, and tracking their location. Ten of the most common workplace apps in use across U.S. companies, including…
IT Security News Hourly Summary 2026-05-04 06h : 1 posts
1 posts were published in the last hour 3:11 : Five Eyes spook shops warn agentic is too wonky for rapid rollout
Five Eyes spook shops warn agentic is too wonky for rapid rollout
Prioritize resilience over productivity, say CISA, NCSC and their friends from Oz, NZ, Canada Information security agencies from the nations of the Five Eyes security alliance have co-authored guidance on the use of agentic AI that warns the technology will…
ISC Stormcast For Monday, May 4th, 2026 https://isc.sans.edu/podcastdetail/9916, (Mon, May 4th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, May 4th, 2026…
Marcus & Millichap – 1,837,078 breached accounts
In April 2026, the commercial real estate brokerage firm Marcus & Millichap was named as one of multiple alleged victims of the ShinyHunters hacking and extortion group. Data alleged to have been obtained from the company was subsequently released publicly…