Threat actors are abusing legitimate RMM tools as a means of creating persistence inside victims’ systems, using the Tiflux RMM tool. Tiflux is a reputable Brazilian software platform used by IT departments and Managed Service Providers (MSPs) for managing IT…
MicrosoftSystem64 Malware Abuses Hugging Face for Stealthy Data Theft
A sophisticated supply chain attack targeting the npm ecosystem has been uncovered, involving a malicious package named js-logger-pack that evolved into a powerful cross-platform malware loader. First observed in early April 2026, the package went through 29 incremental versions, gradually transforming from…
Hackers Exploit Microsoft Teams’ Collaboration Features to Impersonate IT Helpdesk Staff
A growing wave of vishing (voice phishing) campaigns in which threat actors abuse Microsoft Teams’ external collaboration features to impersonate IT helpdesk personnel and investigators is now turning to the Microsoft 365 Unified Audit Log (UAL) as a critical forensic…
VS Code Remote-SSH RCE Lets Attackers Pivot From Developer Machines to Cloud Servers
A newly disclosed vulnerability in Visual Studio Code’s Remote-SSH extension exposes a critical post-compromise attack path that allows threat actors to pivot from infected developer machines into cloud and production environments. Given the extension’s widespread adoption across modern development workflows,…
Google Employee Charged for Making $1.2 Million With Confidential Information
A Google software engineer has been charged in the United States for allegedly using confidential internal data to generate more than $1.2 million in profits through prediction market trading. The case highlights growing concerns around insider threats and misuse of…
The behavioral signals that sharpen Trojan malware detection
Malware analysts spend a lot of time deciding which signals from a sandbox run are worth keeping. A sample executed in a controlled environment can generate hundreds of measurable attributes covering file structure, registry edits, process behavior, and network traffic.…
Carnival Cruise Breach Leaks Sensitive Customer Information
Carnival Corporation has disclosed a significant data breach impacting approximately 5.99 million individuals, raising serious concerns about data security within the global travel and hospitality sector. The incident, officially reported to the Maine Attorney General’s office, involved unauthorized access to…
Product showcase: TotalAV helps iOS users clean up their digital mess
TotalAV Mobile Security helps protect devices from malicious websites, SMS scams, unsafe public Wi-Fi networks, and exposed credentials. The app is available for Windows, Android, macOS, and iOS devices. After downloading the app from the App Store, users provide an…
New Gogs 0-Day Flaw Enables Remote Code Execution on Servers
A new 0-day vulnerability in Gogs, a popular self-hosted Git service, allows authenticated users to run arbitrary commands on the server and potentially take full control of the system. The flaw was discovered by Rapid7 Labs and is rated Critical…
Malicious RVTools Installer Uses Sectigo Cert to Evade SmartScreen
A malicious fake RVTools installer is abusing a legitimately issued Sectigo code‑signing certificate to slip past Microsoft Defender SmartScreen and many endpoint controls, ultimately deploying a multi‑stage Python‑based RAT with deep AD reconnaissance and persistent C2 access. For VMware‑heavy environments,…
New infosec products of the month: May 2026
Here’s a look at the most interesting products from the past month, featuring releases from Alation, AppOmni, Apricorn, ASAPP, Babel Street, Checksum, Cogent, CTERA, Forward, LastPass, Operant AI, Riverbed, Sysdig, Trust3 AI, TrustCloud, VIAVI, Versa Networks, and XM Cyber. Operant…
Building a risk-based vulnerability management program that scales
In this Help Net Security video, Shankar Somasundaram, CEO at Asimily, explains how to build a risk-based vulnerability program. He notes that vulnerabilities are exploding by an order of magnitude in the age of AI-driven attacks, with one customer finding…
IT Security News Hourly Summary 2026-05-29 06h : 1 posts
1 posts were published in the last hour 4:2 : Typosquatted npm packages used to steal cloud and CI/CD secrets
Typosquatted npm packages used to steal cloud and CI/CD secrets
The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack chain, detection opportunities, and mitigation guidance to help organizations identify and disrupt related activity. The post Typosquatted npm…
ISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, May 29th, 2026…
Why and how to migrate to a Transit Gateway-attached AWS Network Firewall
AWS Network Firewall now supports native attachment to AWS Transit Gateway. Customers commonly use Transit Gateway to route traffic from Amazon Virtual Private Cloud (Amazon VPC) networks to a centralized inspection VPC (a VPC dedicated to hosting firewall endpoints for…
Charter – 4,851,517 breached accounts
In May 2026, the telecommunications company Charter Communications (the parent company behind the consumer broadband and cable brand Spectrum) was named by the ShinyHunters group in a “pay or leak” extortion campaign. The group later published the data, which exposed…
Troops’ phones gave away location data to foreign adversaries
Lawmakers push DoD to tighten smartphone controls after adversaries exploited commercial tracking data This article has been indexed from www.theregister.com – Articles Read the original article: Troops’ phones gave away location data to foreign adversaries
IT Security News Hourly Summary 2026-05-29 00h : 1 posts
1 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-05-28
IT Security News Daily Summary 2026-05-28
167 posts were published in the last hour 20:36 : Krispy Kreme Settlement Deadline Nears: Eligible Members Could Claim Up to $3,500 20:36 : Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers 20:36 : Disgruntled 0-day hunter…
Krispy Kreme Settlement Deadline Nears: Eligible Members Could Claim Up to $3,500
Krispy Kreme data breach settlement claims are due June 22. See who qualifies, payment options, key deadlines, and what eligible people need to file. The post Krispy Kreme Settlement Deadline Nears: Eligible Members Could Claim Up to $3,500 appeared first…
Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers
Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people after a data breach exposed personal information. According to the notification shared with…
Disgruntled 0-day hunter ‘humiliated’ by Microsoft pledges ‘bone shattering drop’ as Redmond calls cops
Six 0-days, three under active exploitation, more to come on July 14? This article has been indexed from www.theregister.com – Articles Read the original article: Disgruntled 0-day hunter ‘humiliated’ by Microsoft pledges ‘bone shattering drop’ as Redmond calls cops
Analysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)
Using the data collected over the past year and using Kibana these two ES|QL query to summarize the data, this shows the list of the most uploaded threat to two DShield sensors (local and cloud) over the past year. I…