Unit 42 analyzes the evolution of Gremlin stealer. This variant uses advanced obfuscation, crypto clipping and session hijacking to compromise data. The post Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files appeared first on Unit 42. This…
CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
Microsoft Warns HPE Operations Agent Abused in Malware-Free Attacks
Microsoft has revealed a stealthy intrusion campaign where attackers bypassed traditional malware and exploits, instead abusing trusted enterprise tools to silently infiltrate networks. The technique highlights a growing shift in cyberattacks where adversaries rely on legitimate software and existing trust…
OpenAI caught in TanStack npm supply chain chaos after employee devices compromised
Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines This article has been indexed from www.theregister.com – Articles Read the original article: OpenAI caught in TanStack npm supply chain chaos…
Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still in the works. In the meantime, Microsoft provided temporary mitigations. About CVE-2026-42897 CVE-2026-42897 affects on-premises…
IT Security News Hourly Summary 2026-05-15 12h : 6 posts
6 posts were published in the last hour 10:2 : TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code 10:2 : Rocky Linux launches opt-in security repository for urgent fixes 9:32 : Microsoft Edge, Windows 11, and LiteLLM Fall to…
TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code
The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards. The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Rocky Linux launches opt-in security repository for urgent fixes
Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code exists and upstream patches are unavailable. “The repository is disabled by default. That’s intentional. The…
Microsoft Edge, Windows 11, and LiteLLM Fall to Exploits at Pwn2Own Berlin 2026
The world’s top ethical hackers wasted no time breaking into modern software and AI systems on the opening day of Pwn2Own Berlin 2026, exposing critical zero-day vulnerabilities in Microsoft Edge, Windows 11, LiteLLM, and NVIDIA platforms. On May 14, researchers…
Hackers Abuse Scheduled Tasks to Maintain Persistence in FrostyNeighbor Attacks
A state-aligned hacking group known as FrostyNeighbor has resurfaced with a fresh wave of cyberattacks targeting government organizations in Ukraine, using a carefully designed infection chain that is harder than ever to detect. The group, active since at least 2016,…
VMware Fusion Vulnerability Let Attackers Escalate Privilege to Root
A high-severity privilege escalation vulnerability has been discovered in VMware Fusion, Broadcom’s popular macOS virtualization software, allowing local attackers to gain root-level access on affected systems. Tracked as CVE-2026-41702, the flaw was privately reported to Broadcom and patched on May…
Microsoft Details Kazuar Malware’s Modular Architecture and P2P Botnet Operations
A nation-state malware known as Kazuar has resurfaced with a far more dangerous design than anyone expected. What once started as a relatively standard backdoor has now grown into a fully modular, peer-to-peer botnet specifically engineered for long-term, covert espionage…
Amazon Redshift JDBC Driver Flaws Expose Systems to RCE Attacks
Amazon Redshift users are facing a serious security risk after researchers uncovered a high-severity vulnerability that could allow attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2026-8178, affects the widely used Amazon Redshift JDBC Driver and…
Tycoon 2FA Operators Use OAuth Device Code Phishing to Bypass MFA
A new phishing campaign uncovered in late April 2026 shows how threat actors behind the Tycoon 2FA Phishing-as-a-Service (PhaaS) kit are evolving beyond traditional credential theft. This development comes just weeks after a global takedown effort led by Microsoft and…
Tenable warns AI adoption is outpacing governance as cloud exposure risks surge
A new report from Tenable is warning that organizations are creating what it describes as a growing “AI exposure gap,” as enterprises race to deploy AI tools and cloud-native services faster than security and governance teams can keep up. The “Cloud and AI…
Cyberattack on West Pharmaceutical halts manufacturing across multiple sites
West Pharmaceutical Services has disclosed a ransomware attack that disrupted manufacturing, shipping, and receiving operations across multiple global facilities after bad actors breached the company’s network on 4 May. The pharmaceutical packaging manufacturer said attackers exfiltrated data and encrypted systems, forcing the company to proactively shut down portions of…
Beyond deepfakes: Building identity resilience against AI impersonation
Generative AI is changing the economics of identity fraud. Voice cloning, real-time face animation, synthetic documents, and AI-assisted social engineering are making it easier for attackers to impersonate legitimate users across service desks, onboarding workflows, and remote account recovery. The…
MPs want social media treated more like unsafe toys than harmless apps
Parliamentary committee tells ministers the current online safety regime is failing children and warns ‘no action is not an option’ This article has been indexed from www.theregister.com – Articles Read the original article: MPs want social media treated more like…
Google Patches 79 Chrome Security Vulnerabilities, 14 Rated Critical
Google has rolled out a major Chrome security update, fixing 79 vulnerabilities in the Stable channel, including 14 critical flaws that could allow attackers to execute arbitrary code or crash systems. The update, now available as version 148.0.7778.167/168 for Windows…
Multiple cPanel Vulnerabilities Could Lead to Sensitive Resource Exposure
Multiple newly disclosed vulnerabilities in cPanel & WHM, including the critical CVE‑2026‑41940 authentication bypass bug and a cluster of May 2026 flaws, could allow attackers to access sensitive resources and hosting accounts if servers remain unpatched. Organizations running Internet‑facing cPanel…
Critical Next.js Vulnerability Exposes Cloud Credentials, API keys, and Admin Panels
A high-severity vulnerability in Next.js threatens self-hosted web applications with severe data breaches. Threat actors can now exploit a Server-Side Request Forgery (SSRF) flaw to silently steal cloud credentials, harvest API keys, and access sensitive internal admin panels. Organizations running…
Critical Microsoft Exchange Server Vulnerability Actively Exploited in Attacks
Microsoft issued an urgent security alert regarding a newly discovered vulnerability in Exchange Server that is currently being exploited in the wild. Tracked as CVE-2026-42897, this critical spoofing flaw carries a high CVSS 3.1 severity score of 8.1 and directly…
79 Chrome Vulnerabilities Patched, Including 14 Critical One’s – Update Now!
Google has rolled out a massive security update for its Chrome browser, sealing a staggering 79 vulnerabilities before threat actors can exploit them. With 14 of these flaws rated as critical, browsing the web on an outdated version leaves your…
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive toolkit This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer