Uphill Security

Updates every 30 minutes - Generated via RSS feed on: 2026-05-27 18:30:03 UTC Feedback and suggestions for other sources are welcome.

2026-05-27 #

• 18:16 UTC - [Cyber Security News] Hackers Use Fake ChatGPT and Claude Installers to Deploy DinDoor Backdoor
• 18:07 UTC - [Cyber Security News] Hackers Push 22 Versions of npm RAT With Wallet Theft and Persistent Backdoor
• 17:35 UTC - [Latest from TechRadar in Security] 'Adversaries are no longer just targeting products, they're targeting the developers who build them': CrowdStrike takes down major botnet targeting developers across the world
• 17:32 UTC - [SecurityWeek] UK Cyberspying Chief Calls AI ‘an Unstoppable Force’ and Warns About Russia
• 16:47 UTC - [Cyber Security News] How Top CISOs Increase Risk Visibility for Zero Critical Incidents 
• 16:19 UTC - [darkreading] Latin American Cybercriminals Hoover Up Government Data
• 16:13 UTC - [Cyber Security News] Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links
• 16:11 UTC - [darkreading] AI-Assisted Exploit Development Outpaces Scanner Detection
• 16:10 UTC - [The Hacker News] Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
• 16:05 UTC - [Latest from TechRadar in Security] Worrying open-source security issue 'BadHost' could affect millions of AI agents, experts warn
• 15:44 UTC - [The Hacker News] Malicious npm Package Stole Files From Claude AI User Directory via GitHub
• 15:39 UTC - [Cyber Security News] Motorola Phones Preinstalled App Found Hijacking Amazon App to Inject Affiliate Codes
• 15:22 UTC - [Cyber Security News] Attackers Can Exploit BadHost to Access Sensitive AI Agent Server Endpoints
• 15:15 UTC - [Latest from TechRadar in Security] Charter Communications confirms data breach — ShinyHunters blamed after threat to leak user info online
• 15:13 UTC - [Cybersecurity Dive - Latest News] Coordinated operation takes down Glassworm botnet
• 15:01 UTC - [Cyber Security News] New BTMOB Malware Lets Attackers Remotely Control Android Devices
• 15:00 UTC - [Proofpoint Threat Insight] More CVEs, Same Playbook: 2026 Vulnerability Exploitation in the Wild
• 14:54 UTC - [Cyber Security News] CISA Warns of LiteSpeed cPanel Plugin Vulnerability Exploited in Attacks
• 14:48 UTC - [Cyber Security News] GitHub Enterprise Server 3.20.3 Released With Fox for Critical Vulnerabilities
• 14:40 UTC - [Cybersecurity Dive - Latest News] Leading AI models are more vulnerable to malicious prompts than vendors claim
• 14:38 UTC - [Cyber Security News] Windows Kernel Vulnerability Allows Attackers to Modify Kernel Memory Counters
• 14:30 UTC - [SecurityWeek] Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate
• 14:12 UTC - [Latest from TechRadar in Security] The shocking reason 43% of UK businesses have been hit by cyber attacks last year
• 14:02 UTC - [Schneier on Security] FBI’s 2025 Internet Crime Report
• 14:00 UTC - [BleepingComputer] Can you enforce strong Active Directory password rules without frustrating users?
• 14:00 UTC - [Black Hills Information Security, Inc.] Bad Habits: An ANTISOC Operation
• 13:39 UTC - [DataBreaches.Net] NL: Schiphol cargo worker arrested over alleged data leaks to drug networks
• 13:35 UTC - [CyberScoop] CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
• 13:28 UTC - [BleepingComputer] Glassworm botnet disrupted after resilient C2 infrastructure takedown
• 13:05 UTC - [Latest from TechRadar in Security] UK Visa Portal website leaks thousands of user passport data and photos online
• 13:00 UTC - [Cyber Security News] Link11 is fully committed to Europe and is opening a Customer Excellence Hub in Lisbon
• 13:00 UTC - [SecurityWeek] SecurityWeek to Host AI Risk Summit August 11-12 at the Ritz-Carlton, Half Moon Bay
• 12:42 UTC - [DataBreaches.Net] Silent Ransom Group Impersonating IT Personnel through Social Engineering
• 12:24 UTC - [DataBreaches.Net] UK Visa Portal spilled thousands of applicants’ passports and selfies online — and hasn’t fixed the leak
• 12:22 UTC - [Cyber Security News] Seedworm APT Abuses Signed Fortemedia and SentinelOne Binaries for DLL Sideloading
• 12:11 UTC - [darkreading] Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security
• 12:11 UTC - [DataBreaches.Net] Malware seller known as “Venom” extradited to France
• 12:10 UTC - [DataBreaches.Net] Lithuania investigates theft of 600,000 state registry records
• 11:52 UTC - [SecurityWeek] RevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software Binaries
• 11:51 UTC - [BleepingComputer] FBI warns of in-person data theft attacks from extortion gang
• 11:48 UTC - [The Hacker News] GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
• 11:45 UTC - [The Hacker News] 3 SOC Steps that Shut Down Incident Risks Early
• 11:37 UTC - [SecurityWeek] Romanian Hacker Sentenced to Prison in US for Selling Access to State Network
• 11:30 UTC - [The Hacker News] 5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
• 11:08 UTC - [Cyber Security News] ROADtools Misused in Cloud Attacks to Steal Tokens and Bypass MFA Controls
• 11:06 UTC - [Latest from TechRadar in Security] AI has slashed coding time in 2026, but it’s sacrificed software stability
• 11:01 UTC - [SecurityWeek] Lastwall Raises $11.5 Million for Quantum-Resilient Identity Platform
• 10:43 UTC - [Cyber Security News] Hackers Abuse Trusted Google Domains to Hide Phishing Links From Email Gateways
• 10:38 UTC - [Latest from TechRadar in Security] The real cost of insider threats is not the incident: It’s the frequency
• 10:30 UTC - [SecurityWeek] The Credential Crisis: How Stolen Credentials Defeat Modern Security
• 10:15 UTC - [SecurityWeek] ‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems
• 10:10 UTC - [SecurityWeek] GlassWorm Botnet Disrupted
• 10:06 UTC - [The Hacker News] Gitea Vulnerability Exposes Private Container Images without Authentication
• 10:06 UTC - [BleepingComputer] CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
• 09:41 UTC - [bellingcat] The ‘Lost’ Villages of Myanmar’s Rakhine
• 09:33 UTC - [SecurityWeek] LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers
• 09:31 UTC - [Cyber Security News] Apple’s New Anti-Snatching Feature Will Auto-Lock iPhones When Stolen From Your Hand
• 09:09 UTC - [BleepingComputer] Dutch police arrests suspect linked to Ajax football club hack
• 08:33 UTC - [BleepingComputer] Windows 11 KB5089573 update released with performance improvements
• 08:33 UTC - [SecurityWeek] FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data
• 08:08 UTC - [Cyber Security News] Developer-Targeting Glassworm Malware Abuses npm, PyPI, OpenVSX, and GitHub
• 07:45 UTC - [The Hacker News] AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
• 07:40 UTC - [Cyber Security News] Attackers Abuse Open RDP Ports to Gain Initial Access Into Business Networks
• 07:34 UTC - [Cyber Security News] New 0-Click WhatsApp Account Takeover Attack Targeting iOS 16 Users
• 06:55 UTC - [SecurityWeek] CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day
• 06:43 UTC - [SecurityWeek] Anthropic Releases New Claude Sandbox, Security Guidance Plugin
• 05:17 UTC - [Have I Been Pwned latest breaches] Mytheresa - 84,108 breached accounts
• 04:24 UTC - [Cyber Security News] GitLab Suspends Windows Exploit Researcher Nightmare-Eclipse After GitHub Ban
• 03:56 UTC - [Cyber Security News] BIND 9 Software Vulnerabilities Exposes Resolvers and Authoritative Servers to Remote Exploits
• 03:55 UTC - [Cyber Security News] India’s CERT-In Asks Organizations to Patch Vulnerabilities in Systems Within 12 hours
• 02:50 UTC - [Cyber Security News] Anthropic Releases Free Security Plugin for Claude Code Terminal to Detect Vulnerabilities
• 02:50 UTC - [Cyber Security News] Anthropic Releases Free Security Plugin for Claude Code Terminal to Catch Vulnerabilities in Real Time
• 01:05 UTC - [Latest from TechRadar in Security] Linux backlash leads to California law change on age verification — with the original lawmaker forced to make a humbling step back

2026-05-26 #

• 22:03 UTC - [Have I Been Pwned latest breaches] Ameriprise - 502,597 breached accounts
• 21:35 UTC - [Microsoft Security Blog] From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
• 20:07 UTC - [BleepingComputer] KnowledgeDeliver flaw exploited as a zero-day to install web shells
• 19:47 UTC - [darkreading] Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
• 19:46 UTC - [BleepingComputer] Charter confirms data breach after ShinyHunters extortion threat
• 19:40 UTC - [CyberScoop] Apple open-sources quantum-resistant encryption code
• 19:35 UTC - [Latest from TechRadar in Security] Hackers claim to be selling 340 million stolen OnlyFans records — but experts are already skeptical on how serious hack is
• 19:29 UTC - [darkreading] State Cyber Leaders Beg Congress for More Funding, Support
• 19:18 UTC - [darkreading] The Hackers Behind Shai-Hulud: Lucky or Skilled?
• 19:18 UTC - [darkreading] Shai-Hulud Hackers TeamPCP: Lucky or Skilled?
• 19:12 UTC - [darkreading] For Enterprises, Security Remains Agentic AI's Biggest Challenge
• 19:09 UTC - [CyberScoop] White House charts new course for federal agencies and cybersecurity logging
• 18:25 UTC - [darkreading] Microsoft Issues Out-of-Band SharePoint Patch
• 18:20 UTC - [Latest from TechRadar in Security] Kash Patel's 'BasedApparel' website is apparently hosting ClickFix malware
• 17:30 UTC - [Cyber Security News] Multiple Angular Language Service Extension Vulnerabilities Enable RCE Attacks
• 17:26 UTC - [Cyber Security News] How Tier 1 Can Process Alerts 3x Faster with Threat Intelligence 
• 17:26 UTC - [Cyber Security News] How Tier 1 Can Process Alerts 3x Faster with Threat Intelligence
• 17:01 UTC - [bellingcat] Banned Russian Submunitions Found After Mali’s Military Announces Airstrikes
• 16:49 UTC - [Cyber Security News] Quasar Linux RAT Targets Developers With Fileless Execution and eBPF Rootkit
• 16:24 UTC - [Graham Cluley] FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts – no password required
• 16:08 UTC - [Cyber Security News] China-Linked Hackers Target Southeast Asian Edge Routers With Custom Linux Implant
• 15:48 UTC - [The Hacker News] MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
• 15:29 UTC - [Cybersecurity Dive - Latest News] Iranian government, not hacktivist group, breached LA Metro system, security firm says
• 15:15 UTC - [CyberScoop] Anthropic: Mythos finds more than 10,000 software flaws in first month
• 15:15 UTC - [Latest from TechRadar in Security] Trump Mobile probing second major data leak — additional breach allegedly exposes personal info of 27,000 pre-order customers
• 15:02 UTC - [Schneier on Security] Identifying People Using Wi-Fi Routers
• 14:59 UTC - [Cybersecurity Dive - Latest News] FBI warns about PhaaS platform used to access Microsoft 365 environments
• 14:02 UTC - [Latest from TechRadar in Security] Reported ransomware incidents are just the tip of the iceberg
• 14:01 UTC - [BleepingComputer] How Varonis Atlas integrates Claude Compliance API for AI governance
• 14:00 UTC - [SecurityWeek] AppOmni’s Marlin AI Brings Autonomous Investigation to SaaS Security
• 13:58 UTC - [Cyber Security News] Microsoft Defender Now Automatically Isolates Compromised Devices to Stop Ransomware
• 13:58 UTC - [Cyber Security News] Microsoft Defender Now Automatically Isolates Compromised Devices to Stop Ransomware Spread
• 13:33 UTC - [Cyber Security News] Microsoft SharePoint Server Vulnerability Enables Remote Code Execution Attacks
• 13:26 UTC - [SecurityWeek] Iranian APT Targets Aviation, Software Companies With Updated Tools
• 13:05 UTC - [Latest from TechRadar in Security] Ghost CMS flaw hijacked to target hundreds of websites with ClickFix attacks — here's how to stay safe
• 13:00 UTC - [All Fortinet Blog | Latest Posts] Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data
• 12:39 UTC - [Cyber Security News] GitHub Down – Global Outage Disrupting CI/CD Pipelines Worldwide
• 12:29 UTC - [Cyber Security News] NightSpire Ransomware Uses RDP Access and Remote Admin Tools for Stealthy Persistence
• 12:27 UTC - [Cyber Security News] GitHub Down – Authentication Issues Denying Access to Actions 
• 12:24 UTC - [Cyber Security News] Hackers Exploit Ghost CMS CVE-2026-26980 to Poison 700 Websites With ClickFix Malware
• 12:19 UTC - [BleepingComputer] Microsoft Defender can now automatically isolate hacked endpoints
• 12:16 UTC - [BleepingComputer] Webinar: Too many tools are slowing network incident response
• 12:00 UTC - [darkreading] Remembering Tim Wilson, Whose Legacy Lives on at Dark Reading
• 11:59 UTC - [SecurityWeek] 185,000 Likely Impacted by 7-Eleven Data Breach
• 11:58 UTC - [The Hacker News] [THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back
• 11:58 UTC - [The Hacker News] New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar
• 11:49 UTC - [The Hacker News] Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
• 11:47 UTC - [Cyber Security News] Windows Server 2016 Domain Controller May Fail with 15-Character Hostname
• 11:44 UTC - [SecurityWeek] Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations
• 11:35 UTC - [Latest from TechRadar in Security] AI-generated threats are hitting businesses harder than ever - do you know what to look out for?
• 11:16 UTC - [Cyber Security News] Hackers Use SEO Poisoning to Impersonate Gemini CLI and Claude Code Installers
• 11:14 UTC - [SecurityWeek] Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment
• 11:00 UTC - [SecurityWeek] Watch on Demand: Threat Detection & Incident Response Summit – All Sessions Available
• 10:47 UTC - [Cyber Security News] Critical Memcached SASL Vulnerability Let Attackers Infer Valid Usernames
• 10:45 UTC - [SecurityWeek] Open Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker Images
• 10:43 UTC - [Cyber Security News] Apache CXF LDAP Injection Vulnerability Let Attacker Retrieve Arbitrary Certificates
• 10:38 UTC - [Cyber Security News] ConnectWise Automate Vulnerability Let Attackers Bypass Security Checks
• 10:30 UTC - [The Hacker News] MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
• 10:26 UTC - [SecurityWeek] Lithuania Suspects Foreign Involvement in Data Leak of Over 600,000 National Register Entries
• 10:22 UTC - [Latest from TechRadar in Security] How .BRANDs improve domain security and user trust – even in an AI world
• 09:47 UTC - [SecurityWeek] Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands
• 09:13 UTC - [The Hacker News] CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
• 09:13 UTC - [The Hacker News] CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
• 09:12 UTC - [Cyber Security News] EU Finalizes Record DMA Fine Against Google Over Search Self-Preferencing Abuse
• 09:00 UTC - [Latest from TechRadar in Security] ‘When things are moving fast, people make mistakes — and those mistakes cost’: Formula 1 fans are doing everything they can to watch motorsport, but it might cost them more than they'd expect
• 08:46 UTC - [BleepingComputer] CISA orders feds to patch actively exploited Drupal vulnerability
• 08:41 UTC - [Cyber Security News] Phishing Services Use RCS and iMessage to Bypass Traditional SMS Security Filters
• 08:08 UTC - [Latest from TechRadar in Security] AI agents are creating a major security blind spot in financial services
• 07:44 UTC - [Cyber Security News] Payload Ransomware Uses ChaCha20 and Curve25519 ECDH to Encrypt Windows Files
• 07:43 UTC - [Cyber Security News] PuTTY 0.84 Released With Fix for SSH KEX Crashes and Telnet Prompt Spoofing Flaw
• 07:41 UTC - [BleepingComputer] Microsoft: Domain Controller lookup may fail on Windows Server 2016
• 07:13 UTC - [The Hacker News] Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
• 07:01 UTC - [BleepingComputer] 7-Eleven data breach exposes personal information of 185,000 people
• 05:19 UTC - [The Hacker News] KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
• 04:05 UTC - [Cyber Security News] New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems
• 02:29 UTC - [Cyber Security News] Anthropic’s Restricted Claude Mythos Moves Toward Public Release via Claude Code and Security
• 01:30 UTC - [Latest from TechRadar in Security] Forget stolen passwords — this is how hackers are actually breaking into US companies in 2026

2026-05-25 #

• 22:15 UTC - [Latest from TechRadar in Security] 'Security of your network is essential to security of your robot': Industrial robots targeted by malware, which could open them up to hacking — is this how the revolution begins?
• 21:10 UTC - [Latest from TechRadar in Security] New 'scareware' attack hits 2.8 million victims, pretending to lock them out of your browser — here’s how you can stay safe
• 20:40 UTC - [Latest from TechRadar in Security] FBI warns of Kali phishing scam hitting Microsoft OAuth tokens — warns 'Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures'
• 19:50 UTC - [Cyber Security News] InvisibleFerret Malware Now Ships as .pyd and .so Files to Evade Script Detection
• 19:48 UTC - [Cyber Security News] Cloud Atlas APT Group Modifies termsrv.dll to Enable Multiple RDP Sessions on Victim Hosts
• 19:40 UTC - [Latest from TechRadar in Security] Trend Micro users beware - dangerous Apex One zero-day exploited in the wild
• 19:08 UTC - [Cyber Security News] Cybercriminals Use Telegram Channels to Sell Verified Bank and Fintech Mule Accounts
• 18:24 UTC - [Latest from TechRadar in Security] 'This is a sales tactic': Experts warn ransomware hackers will often lower their prices - with some giving discounts up to 96%
• 18:14 UTC - [Cyber Security News] Hackers Hide Linux Payload Under SSH-Like Filename During Package Installation
• 17:23 UTC - [Cyber Security News] Russian Hacker Used Jailbroken Gemini to Steal Admin Credentials and Drain Crypto Wallets
• 17:16 UTC - [Cyber Security News] Hackers Abuse Shared CDN Infrastructure to Bypass Domain Reputation Security Controls
• 17:07 UTC - [BleepingComputer] Anthropic’s restricted Claude Mythos model may be coming to Claude Code
• 17:00 UTC - [Latest from TechRadar in Security] She handed a repair tech her iPhone and then the worst happened — here's how to protect your data and yourself
• 15:30 UTC - [Cyber Security News] KnowledgeDeliver LMS Zero-Day Exploited to Deploy BLUEBEAM Web Shell
• 15:15 UTC - [Cyber Security News] Iranian APT Uses SEO Poisoning to Deliver Fake SQL Developer Malware Installer
• 15:05 UTC - [Latest from TechRadar in Security] GitHub hit with another major attack — Megalodon hits over 5,000 repos with malware-laden commits
• 14:13 UTC - [The Hacker News] ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
• 13:27 UTC - [SecurityWeek] Ghost CMS Vulnerability Exploited to Hack Over 700 Websites
• 13:21 UTC - [Krebs on Security] Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
• 13:13 UTC - [Cyber Security News] Kazuar Malware Evolves Into Modular Espionage Ecosystem for Secret Blizzard Operations
• 12:59 UTC - [DataBreaches.Net] PowerSchool’s $17.25 Million Settlement Exposes Years of Student Data Tracking
• 12:45 UTC - [BleepingComputer] FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
• 12:17 UTC - [SecurityWeek] Oncology Institute Discloses Data Breach
• 12:02 UTC - [The Hacker News] Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
• 11:35 UTC - [Latest from TechRadar in Security] 'After one month, most partners have each found hundreds of critical- or high-severity vulnerabilities': Anthropic claims Mythos has found over ten thousand major security vulnerabilities across 'the most systemically important software in the world'
• 11:30 UTC - [The Hacker News] The Alert Firehose Finally Meets Its Match
• 11:17 UTC - [SecurityWeek] 266,000 Affected by Data Breach at Radiology Associates of Richmond
• 10:58 UTC - [SecurityWeek] Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects
• 10:57 UTC - [Latest from TechRadar in Security] Most ransomware attacks are opportunistic. Here’s how you can stop attackers
• 10:49 UTC - [Cyber Security News] Hackers Actives Scanning SonicWall Firewall Interfaces – 597,000 Sessions Observed
• 10:41 UTC - [SecurityWeek] Laravel-Lang Packages Poisoned for Malware Delivery
• 10:35 UTC - [Latest from TechRadar in Security] The new cyber gap is response latency
• 10:31 UTC - [Cyber Security News] Italian Authorities Dismantled CINEMAGOAL App that Enables Access to Various Streaming Platforms
• 10:28 UTC - [Latest from TechRadar in Security] Why self-running agents are creating the biggest security crisis of 2026
• 09:48 UTC - [Latest from TechRadar in Security] AI is making everyone web app builders - but leaving teams exposed
• 09:43 UTC - [Cyber Security News] MiniUpdate RAT Uses Azure-Hosted C2 Domains for Targeted Espionage Campaigns
• 09:37 UTC - [SecurityWeek] DocketWise Data Breach Impacts 143,000
• 09:32 UTC - [The Hacker News] Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
• 09:14 UTC - [Cyber Security News] WhatsApp Chat Histories Stored Unencrypted on macOS and iOS
• 09:12 UTC - [Cyber Security News] Authorities Seized 800 Servers of Hosting Company Used to Launch Cyberattacks
• 09:02 UTC - [Latest from TechRadar in Security] What election polling teaches us about ML-based email security
• 07:40 UTC - [SecurityWeek] Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
• 06:52 UTC - [Cyber Security News] CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks
• 06:51 UTC - [Cyber Security News] GitHub Adds Staged Publishing to npm to Block Automated Supply Chain Attacks
• 06:38 UTC - [Cyber Security News] Hackers Use Browser-Locking CypherLoc Kit to Push Fake Microsoft Support Calls
• 05:59 UTC - [The Hacker News] TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
• 02:37 UTC - [Cyber Security News] Pentest Agent Suite – Bug Bounty Framework for Claude Code and 6 AI Coding Tools
• 02:18 UTC - [Cyber Security News] Wireshark 4.6.6 Released With Fix for Dissector Crash via Malformed Packet Injection
• 01:12 UTC - [Cyber Security News] Hackers Compromised 34 Packages in npm, PyPI, and Crates in New Supply Chain Attack

2026-05-24 #

• 14:12 UTC - [BleepingComputer] Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
• 12:53 UTC - [DataBreaches.Net] France Sees More Violent Attacks on Crypto Holders Than Any Other Country
• 11:54 UTC - [Cyber Security News] Top 10 Best Malware Sandbox Tools for Security Teams in 2026
• 05:15 UTC - [Have I Been Pwned latest breaches] 7-Eleven - 185,256 breached accounts
• 02:40 UTC - [Cyber Security News] PyrsistenceSniper – Tool that Detects 117 Persistence Malware Techniques on Windows, Linux, and macOS
• 01:05 UTC - [Latest from TechRadar in Security] 'Mainstream malware now regularly affects macOS users' — inside the relentless rise of the AMOS infostealer, one of the most dangerous macOS malware ever developed

2026-05-23 #

• 23:22 UTC - [DataBreaches.Net] UK: £355,880.10 confiscation order secured following proceeds of crime hearing
• 20:48 UTC - [BleepingComputer] Laravel Lang packages hijacked to deploy credential-stealing malware
• 16:49 UTC - [DataBreaches.Net] Rhode Island’s workers’ compensation notifies those affected by January data breach
• 16:35 UTC - [The Hacker News] npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
• 16:07 UTC - [The Hacker News] Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
• 14:58 UTC - [DataBreaches.Net] UK: Victims feel ‘violated’ after water firm’s data breach
• 14:23 UTC - [BleepingComputer] Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes
• 11:55 UTC - [The Hacker News] Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
• 11:49 UTC - [Cyber Security News] Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks — Patch Now!
• 11:00 UTC - [SecurityWeek] ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
• 09:51 UTC - [The Hacker News] Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
• 09:29 UTC - [Cyber Security News] Hackers Exploit F5 BIG-IP Appliance to Gain SSH Access and Pivot Into Enterprise Linux Networks
• 07:35 UTC - [The Hacker News] LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
• 07:23 UTC - [The Hacker News] Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
• 05:34 UTC - [Cyber Security News] Hackers Compromised 233 Versions of Laravel-Lang Packages by Hacking 700 GitHub Repos
• 03:40 UTC - [Cyber Security News] Anthropic’s Claude Mythos Preview Uncovers 10,000+ 0-Days in Project Glasswing
• 01:20 UTC - [Latest from TechRadar in Security] Another major Linux security flaw revealed — nine-year old issue could spell disaster for users

2026-05-22 #

• 23:10 UTC - [Cyber Security News] Hackers Abuse Middle East Telecom Networks for Large-Scale Command-and-Control Operations
• 23:08 UTC - [Cyber Security News] World Cup Phishing Campaign Nearly Triples With 203 Unique IP Addresses
• 22:08 UTC - [Cyber Security News] Russian Threat Groups Use RDP, VPN, Supply Chain Attacks, and Social Engineering for Initial Access
• 22:08 UTC - [Cyber Security News] Hackers Backdoor Popular art-template npm Package to Launch Watering-Hole Attacks
• 21:04 UTC - [Schneier on Security] Friday Squid Blogging: Regulating Squid Fishing in the South Pacific
• 21:02 UTC - [Cyber Security News] Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
• 20:41 UTC - [CyberScoop] FBI warns about fast-growing phishing kit targeting Microsoft 365 users
• 20:20 UTC - [Cyber Security News] Hackers Use NF-e Invoice Lures to Deliver Banana RAT Through Malicious Batch Files
• 19:25 UTC - [Latest from TechRadar in Security] Cisco tried using AI to write security incident reports — and things didn't really go as planned
• 18:35 UTC - [Latest from TechRadar in Security] 'You have no way to revoke it faster or confirm when it stops working': Experts find Google API keys are still usable, even after you delete them
• 17:58 UTC - [Cyber Security News] Ubiquiti Patches Critical UniFi OS Vulnerabilities Allowing Remote Privilege Escalation
• 17:35 UTC - [The Hacker News] First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
• 17:24 UTC - [BleepingComputer] Netherlands seizes 800 servers of hosting firm enabling cyberattacks
• 17:16 UTC - [Cyber Security News] LiteSpeed cPanel Plugin 0-Day Exploited in the wild to Gain Server Root Access
• 17:15 UTC - [SecurityWeek] Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
• 17:05 UTC - [Latest from TechRadar in Security] Microsoft confirms two major Defender security issues — so update now or face possible attack
• 17:00 UTC - [Microsoft Security Blog] Microsoft recognized as a Leader in The Forrester Wave™ for Workforce Identity Security Platforms
• 16:53 UTC - [Microsoft Security Blog] From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence
• 16:46 UTC - [DataBreaches.Net] Radiology Associates of Richmond discloses second data breach; 266k people affected
• 16:37 UTC - [Cyber Security News] CISA adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
• 16:34 UTC - [Cyber Security News] Deleted Google API Keys Continue Accessing Gemini, BigQuery, and Maps APIs
• 16:34 UTC - [Krebs on Security] Lawmakers Demand Answers as CISA Tries to Contain Data Leak
• 16:20 UTC - [The Hacker News] Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
• 16:09 UTC - [Cyber Security News] CISA Warns of Microsoft Defender 0-Day Vulnerabilities Exploited in Attacks
• 16:00 UTC - [Microsoft Security Blog] Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations
• 15:43 UTC - [darkreading] Akamai Joins Growing Chorus of Vendors Betting Big on Secure Enterprise Browsers
• 15:32 UTC - [BleepingComputer] Former US execs plead guilty to aiding tech support scammers
• 15:23 UTC - [Cyber Security News] Android Malware Silently Subscribes Victims to Premium Services Without Consent
• 15:01 UTC - [Cybersecurity Dive - Latest News] Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
• 14:46 UTC - [DataBreaches.Net] Trump Mobile confirms it exposed customers’ personal data, unclear whether it will notify those affected
• 14:44 UTC - [Cyber Security News] Operation Dragon Whistle Uses Malicious LNK Files to Target Changzhou University
• 14:24 UTC - [Cybersecurity Dive - Latest News] New York regulator calls for additional cyber mitigation amid heightened threat environment
• 14:07 UTC - [SecurityWeek] In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
• 14:01 UTC - [Cyber Security News] Canadian Man Arrested for Operating KimWolf DDoS Botnet Hacking 2 Million Devices
• 13:58 UTC - [Schneier on Security] CISA Security Leak
• 13:53 UTC - [DataBreaches.Net] Proposed State Laws For Breach Notification Could Reshape Incident Response Plans
• 13:52 UTC - [DataBreaches.Net] How a consultant and a concert pianist from the Netherlands were arrested on suspicion of aiding NoName057(16)
• 13:52 UTC - [DataBreaches.Net] Hackers steal patient and billing data from German hospitals via third-party provider
• 13:52 UTC - [DataBreaches.Net] Verus Hacker Returns $8.5M After Bridge Exploit Deal
• 13:52 UTC - [DataBreaches.Net] Hugging Face Hiding Second-Stage Malware for npm Supply Chain Attack
• 13:52 UTC - [DataBreaches.Net] Hackers breach two Vietnamese ministerial systems in major cyberattack
• 13:51 UTC - [DataBreaches.Net] U.S. officials seeking extradition of Ottawa man accused of record cyberattack
• 13:50 UTC - [DataBreaches.Net] Murphy measure to protect Illinois consumers’ sensitive data advances in Senate
• 13:39 UTC - [BleepingComputer] Trend Micro warns of Apex One zero-day exploited in the wild
• 13:17 UTC - [darkreading] Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
• 13:14 UTC - [BleepingComputer] Drupal: Critical SQL injection flaw now targeted in attacks
• 13:14 UTC - [Latest from TechRadar in Security] Stop chasing shadow IT. Start governing around It
• 13:09 UTC - [BleepingComputer] Why Chargebacks are Just One Piece of the Fraud Puzzle
• 13:00 UTC - [Unit 42] Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
• 12:54 UTC - [Cyber Security News] Hackers Hide Malware Payloads Inside Nested macOS-Like Folders to Evade Scanning
• 12:11 UTC - [SecurityWeek] Canadian Man Arrested for Operating Kimwolf Botnet
• 12:00 UTC - [BleepingComputer] Ubiquiti patches three max severity UniFi OS vulnerabilities
• 11:55 UTC - [The Hacker News] Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
• 11:45 UTC - [Latest from TechRadar in Security] AI-generated code is outpacing every manual remediation model in existence': Nearly all firms admit they have shipped code they know is vulnerable
• 11:38 UTC - [The Hacker News] Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective
• 11:35 UTC - [Latest from TechRadar in Security] Could your CEO be the weakest link when it comes to AI security? New study warns execs are 'knowingly bypassing safeguards because the perceived benefits outweigh the risks'
• 11:00 UTC - [Latest from TechRadar in Security] AI code security risk: The need for a smarter layer between detection and remediation
• 10:28 UTC - [Latest from TechRadar in Security] Why account recovery is now the weakest link in security
• 10:00 UTC - [Unit 42] Paved With Intent: ROADtools and Nation-State Tactics in the Cloud
• 09:51 UTC - [Latest from TechRadar in Security] How AI agents are wrecking havoc in legacy security setups and enterprises are catching up
• 09:48 UTC - [Cyber Security News] Splunk Patches Multiple Vulnerabilities that Enable DOS Attacks and Expose Sensitive Data
• 09:48 UTC - [Cyber Security News] Splunk Patches Multiple Vulnerabilities that Enable DOS Attack and Exposes Sensitive Data
• 09:35 UTC - [Cyber Security News] CISA Warns of Trend Micro Apex One Vulnerability Exploited in Attacks
• 09:31 UTC - [Cyber Security News] FBI Warns of Kali365 Attacking Microsoft 365 Users to Steal Logins and Bypass MFA
• 09:24 UTC - [SecurityWeek] ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested
• 09:22 UTC - [Cyber Security News] Hackers Use Hugging Face to Host Second-Stage Malware for npm Supply Chain Attack
• 09:01 UTC - [BleepingComputer] US and Canada arrest and charge suspected Kimwolf botnet admin
• 08:54 UTC - [Cyber Security News] Google Publishes Exploit Code for Unfixed Chromium Bug Exposing Millions of Users
• 08:52 UTC - [Latest from TechRadar in Security] Vibe coding works best when we treat it like a 3D printer – you read that right
• 08:50 UTC - [The Hacker News] Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
• 08:19 UTC - [SecurityWeek] TrendAI Patches Apex One Zero-Day Exploited in the Wild
• 07:49 UTC - [SecurityWeek] Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
• 07:38 UTC - [Cyber Security News] Hackers Can Weaponize Lenovo Driver to Terminate EDR Processes
• 07:01 UTC - [darkreading] China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.
• 07:01 UTC - [darkreading] China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments
• 06:24 UTC - [Cyber Security News] Mini Shai-Hulud Attack Forces npm to Reset Bypass-2FA Publishing Tokens
• 05:47 UTC - [The Hacker News] CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
• 05:36 UTC - [The Hacker News] Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
• 03:08 UTC - [Cyber Security News] Discord Announces End-to-End Encryption by Default for Video and Voice Messages
• 02:31 UTC - [Cyber Security News] Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours
• 00:05 UTC - [Latest from TechRadar in Security] Bizarre Facebook scam falsely offers Aldi “meat boxes” for under $10 — but just steals your card details
• 00:00 UTC - [The GreyNoise Blog] The Coverage Gap: Why Your Blocklist Is Missing 119,000 Malicious IPs Today

2026-05-21 #

• 23:24 UTC - [CyberScoop] Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
• 21:50 UTC - [Krebs on Security] Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
• 21:11 UTC - [darkreading] How CISOs Should Prep for Agentic-Ready AI BOMs
• 20:07 UTC - [darkreading] Google API Keys Remain Active After Deletion
• 20:02 UTC - [CyberScoop] Lawmakers from both parties say CISA cuts have gone too far
• 19:47 UTC - [Cyber Security News] Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware
• 19:41 UTC - [Cyber Security News] TamperedChef Malware Uses Signed Productivity Apps to Deliver Stealers and RATs
• 18:54 UTC - [Cyber Security News] Fake Invitation Phishing Campaign Targets U.S. Organizations With Credential Theft
• 18:37 UTC - [CyberScoop] Trump postpones executive order focused on AI security 
• 18:13 UTC - [BleepingComputer] Google accidentally exposed details of unfixed Chromium flaw
• 18:03 UTC - [Cyber Security News] Indian Student Data Weaponized for Phishing, Social Engineering, and Financial Fraud
• 17:45 UTC - [Latest from TechRadar in Security] Android users beware — this huge fraud scam campaign hit millions of victims around the world, make sure you're not next
• 17:19 UTC - [DataBreaches.Net] Operation Saffron: Bitdefender Joins “First VPN” Takedown
• 17:17 UTC - [DataBreaches.Net] Kaspersky, Group-IB Detail Role in INTERPOL Cyber Operation Involving Morocco
• 17:16 UTC - [Cyber Security News] Critical Chrome Vulnerabilities Enables Remote Code Execution Attacks – Patch Now!
• 17:16 UTC - [Cyber Security News] Critical Chrome Vulnerabilities Enable Remote Code Execution Attacks – Patch Now!
• 17:13 UTC - [Graham Cluley] Defenders fall behind, as AI rewrites the rules of a data breach
• 17:05 UTC - [CyberScoop] CISA chief frets about open-source vulnerabilities, delayed security improvements
• 16:56 UTC - [Cyber Security News] Authorities Have Taken Down “First VPN” Used in Ransomware Attacks
• 16:49 UTC - [Cyber Security News] Mini Shai-Hulud Compromises @antv npm Packages to Steal CI/CD Credentials
• 16:05 UTC - [CyberScoop] European authorities take down prolific cybercrime VPN service
• 16:05 UTC - [Latest from TechRadar in Security] Nvidia tells users to update GPU drivers now or face possible attack — here's what we know
• 16:03 UTC - [Schneier on Security] macOS Kernel Memory Corruption Exploit
• 16:00 UTC - [Microsoft Security Blog] What’s new in Microsoft Security: May 2026
• 15:56 UTC - [DataBreaches.Net] UK plans for cybercrime law reform would protect almost no one, experts warn
• 15:43 UTC - [darkreading] AI Agents Are Shifting Identity Security Budget Dynamics
• 15:30 UTC - [Unit 42] The npm Threat Landscape: Attack Surface and Mitigations (Updated May 21)
• 15:11 UTC - [BleepingComputer] Apple blocked over $11 billion in App Store fraud in 6 years
• 15:05 UTC - [Latest from TechRadar in Security] Top arcade game maker leaks nearly 19 million user records via WeChat mini app
• 15:00 UTC - [Cybersecurity Dive - Latest News] CISA asks cybersecurity community to alert it to vulnerability exploitation
• 14:49 UTC - [Cybersecurity Dive - Latest News] Grafana Labs links GitHub environment breach to TanStack npm supply chain attack
• 14:17 UTC - [The Hacker News] Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
• 14:00 UTC - [BleepingComputer] Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
• 14:00 UTC - [darkreading] Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
• 14:00 UTC - [BleepingComputer] Chinese hackers target telcos with new Linux, Windows malware
• 13:58 UTC - [BleepingComputer] Max severity Cisco Secure Workload flaw gives Site Admin privileges
• 13:20 UTC - [Latest from TechRadar in Security] GitHub confirms breach — thousands of internal repositories hit after employee installs malicious VS Code extension
• 13:09 UTC - [BleepingComputer] Police seize “First VPN” service used in ransomware, data theft attacks
• 13:05 UTC - [darkreading] Content Delivery Exploit Opens Websites to Brand Hijacking
• 13:00 UTC - [All Fortinet Blog | Latest Posts] Defending Critical Infrastructure: Why OT Security Demands a Threat-Informed Approach
• 12:55 UTC - [Cyber Security News] Flipper Unveils New Flipper One Modular Linux Cyberdeck
• 12:34 UTC - [DataBreaches.Net] Today’s reminder to terminate employees’ credentials when their employment ends
• 12:27 UTC - [Cyber Security News] P2PInfect Botnet Compromises Kubernetes Clusters Through Exposed Redis Instances
• 12:26 UTC - [DataBreaches.Net] GitHub confirms breach of 3,800 repos via malicious VSCode extension
• 12:04 UTC - [SecurityWeek] Cisco Patches Critical Vulnerability in Secure Workload
• 11:52 UTC - [The Hacker News] ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
• 11:45 UTC - [SecurityWeek] Ocean Emerges From Stealth With $28M for Agentic Email Security Platform
• 11:17 UTC - [SecurityWeek] Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention
• 11:00 UTC - [BleepingComputer] Flipper One project needs community help to build open Linux platform
• 10:58 UTC - [SecurityWeek] Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
• 10:55 UTC - [The Hacker News] Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
• 10:44 UTC - [Latest from TechRadar in Security] Why our national sovereignty depends on cyber resilience
• 10:32 UTC - [SecurityWeek] Socket Raises $60 Million at $1 Billion Valuation
• 10:30 UTC - [The Hacker News] When Identity is the Attack Path
• 10:28 UTC - [Latest from TechRadar in Security] The building blocks to construct a cyber-first culture
• 10:27 UTC - [Cyber Security News] GitHub Internal Repositories Breached Via Weaponized VS Code Extension
• 10:00 UTC - [CyberScoop] The readiness paradox: Why a false sense of cyber confidence is becoming a liability
• 09:57 UTC - [Cyber Security News] Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys
• 09:52 UTC - [SecurityWeek] Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
• 09:50 UTC - [Cyber Security News] New Microsoft Defender 0‑Days Actively Exploited in the Wild
• 09:41 UTC - [Latest from TechRadar in Security] AI-driven cyber discovery signals a new era of systemic risk for banks
• 09:38 UTC - [Cyber Security News] BadIIS Malware Turns Hijacks IIS Servers and Redirect Users to Illicit Sites
• 09:37 UTC - [SecurityWeek] Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
• 09:20 UTC - [Cyber Security News] Critical Cisco Secure Workload Vulnerability Enables Unauthorized API Access
• 09:13 UTC - [Cyber Security News] Critical Drupal Core Security Vulnerability Exposes Websites to Cyberattack
• 09:00 UTC - [Latest from TechRadar in Security] Patch window is officially dead as AI finds bugs faster than humans can squash them
• 08:14 UTC - [SecurityWeek] Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility
• 08:01 UTC - [Cyber Security News] New NGINX 0-Day RCE “nginx-poolslip” Affects Millions of NGINX Servers
• 08:00 UTC - [darkreading] Shifting Budget Dynamics for Identity Security and AI Agents
• 07:49 UTC - [BleepingComputer] Microsoft warns of new Defender zero-days exploited in attacks
• 07:35 UTC - [The Hacker News] 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
• 07:30 UTC - [Cyber Security News] WantToCry Ransomware Abuses SMB Services to Remotely Encrypt Files
• 06:54 UTC - [BleepingComputer] GitHub links repo breach to TanStack npm supply-chain attack
• 04:59 UTC - [Cyber Security News] Two U.S. Executives Plead Guilty in India-Based Tech-Support Fraud Schemes
• 04:41 UTC - [Have I Been Pwned latest breaches] Dragonica Lunaris - 126,293 breached accounts
• 04:27 UTC - [The Hacker News] GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
• 04:16 UTC - [Cyber Security News] New GhostTree Attack Causing EDR Products to Hang and Leave Files Unscanned
• 03:45 UTC - [Have I Been Pwned latest breaches] Windows93 / Myspace93 - 46,105 breached accounts
• 03:44 UTC - [The Hacker News] Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
• 02:45 UTC - [Cyber Security News] Claude Code’s Network Sandbox Vulnerability Exposes User Credentials and Source Code
• 02:01 UTC - [Cyber Security News] Gremlin Stealer Stores C2 URLs and Exfiltration Paths in Encrypted Resource Sections
• 01:50 UTC - [Cyber Security News] Dark Web Brokers Repackage Old Breaches as Fresh Corporate Data Leaks
• 00:20 UTC - [Latest from TechRadar in Security] 'This reveals a broader security problem': Experts warn a key Microsoft legacy tool is still being abused to launch malware campaigns

2026-05-20 #

• 23:04 UTC - [Graham Cluley] Smashing Security podcast #468: High-speed train hacks and homicidal lawnmowers
• 22:13 UTC - [Cyber Security News] Hackers Use Fake Income Tax Assessment Pages to Infect Windows Systems
• 21:38 UTC - [Cyber Security News] Void Botnet Uses Ethereum Smart Contracts for Seizure-Resistant C2 Infrastructure
• 21:36 UTC - [BleepingComputer] Ukraine identifies infostealer operator tied to 28,000 stolen accounts
• 21:19 UTC - [BleepingComputer] Hackers bypass SonicWall VPN MFA due to incomplete patching
• 20:52 UTC - [darkreading] Cyber Pros Can't Decide If AI Is a Good or a Bad Thing
• 20:51 UTC - [darkreading] GitHub Confirms Breach, 4K Internal Repos Stolen
• 20:35 UTC - [darkreading] Fake Android Apps Commit Carrier Billing Fraud for Premium Svcs.
• 20:35 UTC - [darkreading] Fake Android Apps Commit Carrier Billing Fraud for Premium Services
• 20:25 UTC - [CyberScoop] Meet Rampart and Clarity, Microsoft’s new red team combo AI agents
• 20:08 UTC - [Cyber Security News] Trapdoor Android Ad Fraud Operation Uses 455 Malicious Apps to Generate Fake Clicks
• 19:30 UTC - [Unit 42] The npm Threat Landscape: Attack Surface and Mitigations (Updated May 20)
• 18:05 UTC - [Latest from TechRadar in Security] Microsoft warns hackers are exploiting password resets to gain access to user accounts - here's how to stay safe
• 17:58 UTC - [FreshRSS releases] FreshRSS 1.29.1
• 17:48 UTC - [Microsoft Security Blog] Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft
• 17:42 UTC - [darkreading] Processes and Culture Top Reasons Behind Data Breaches
• 17:42 UTC - [darkreading] Processes & Culture Top Reasons Behind Data Breaches
• 17:37 UTC - [Cyber Security News] DevilNFC Android Malware Uses Kiosk Mode to Trap Victims During NFC Relay Attacks
• 17:22 UTC - [Cyber Security News] PinTheft Linux Vulnerability Let Attackers Gain Root Access – PoC Released
• 17:06 UTC - [The Hacker News] Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
• 16:44 UTC - [Cyber Security News] How to Close the Most Expensive Gap in Your SOC 
• 16:30 UTC - [Latest from TechRadar in Security] Microsoft takes down 'Fox Tempest' cybercrime service which used legitimate platforms to hide dangerous malware
• 16:12 UTC - [darkreading] Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control
• 16:00 UTC - [Microsoft Security Blog] Securing the gaming culture of cultures
• 16:00 UTC - [Cisco Security Advisory] Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability
• 16:00 UTC - [Cisco Security Advisory] Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability
• 16:00 UTC - [Cisco Security Advisory] Cisco Secure Workload Unauthorized API Access Vulnerability
• 16:00 UTC - [Cisco Security Advisory] Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability
• 15:46 UTC - [BleepingComputer] Grafana breach caused by missed token rotation after TanStack attack
• 15:45 UTC - [SecurityWeek] Quantum Bridge Raises $8 Million for Quantum-Safe Key Distribution Solution
• 15:39 UTC - [SecurityWeek] Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
• 15:35 UTC - [Latest from TechRadar in Security] Mini Shai-Halud hackers publish over 600 compromised npm packages — developers warned to be on their guard
• 15:00 UTC - [Microsoft Security Blog] Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow
• 14:57 UTC - [Cybersecurity Dive - Latest News] 7-Eleven hit by data breach
• 14:48 UTC - [CyberScoop] GitHub says internal repositories were taken in poisoned VS Code extension attack
• 14:48 UTC - [CyberScoop] GitHub says internal repositories were impacted in poisoned VS Code extension attack
• 14:48 UTC - [Cybersecurity Dive - Latest News] Microsoft disrupts cybercrime operation that hid behind legitimate software
• 14:43 UTC - [Cybersecurity Dive - Latest News] Compromised coding tool helped hackers breach thousands of GitHub repositories
• 14:37 UTC - [SecurityWeek] AI-Powered App Attacks Are Faster, More Frequent and Harder to Stop
• 14:36 UTC - [The Hacker News] Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
• 14:32 UTC - [Latest from TechRadar in Security] What’s keeping IT leaders up at night in the AI era?
• 14:21 UTC - [Schneier on Security] On AI Security
• 14:19 UTC - [Cyber Security News] Grafana GitHub Breach Linked to TanStack npm Supply Chain Ransomware
• 14:14 UTC - [Cyber Security News] Pardus Linux Local Privilege Escalation Flaw Allows Silent Root Access
• 14:12 UTC - [Cyber Security News] FreePBX Vulnerability Allow Attackers to Gain Access to User Portals
• 14:05 UTC - [Cyber Security News] Critical ExifTool Vulnerability Allows Attackers to Compromise Macs via Single Malicious Image
• 14:02 UTC - [BleepingComputer] Identity Alone Isn't Enough: Why Device Security Has to Share the Load
• 14:00 UTC - [Black Hills Information Security, Inc.] Same Problem, Different Angles: When Red Team and Blue Team Actually Talk to Each Other
• 13:59 UTC - [Latest from TechRadar in Security] Cyber resilience defines SME competitiveness
• 13:34 UTC - [SecurityWeek] 1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials
• 13:00 UTC - [SecurityWeek] Anthropic Silently Patches Claude Code Sandbox Bypass
• 13:00 UTC - [All Fortinet Blog | Latest Posts] Misconfigured, Enrolled and Dormant: Anatomy of a P2Pinfect Kubernetes Compromise
• 12:52 UTC - [BleepingComputer] Drupal critical update to fix bug with high exploitation risk
• 12:52 UTC - [Latest from TechRadar in Security] 'The detection surface is significantly reduced': Sophos report warns new "WantToCry" ransomware could pose a major risk to your business, here's what we know
• 12:51 UTC - [The Hacker News] Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
• 12:30 UTC - [Cyber Security News] Hackers Use Single-Letter Go Module Typosquat to Deploy DNS-Based Backdoor
• 11:58 UTC - [The Hacker News] Agent AI is Coming. Are You Ready?
• 11:24 UTC - [Cyber Security News] Microsoft Python Client DurableTask Compromised by TeamPCP Hackers
• 11:20 UTC - [Cyber Security News] Hackers Abuse MSHTA Legacy Windows Tool to Deliver LummaStealer and Amatera Malware
• 11:06 UTC - [SecurityWeek] Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack
• 11:00 UTC - [SecurityWeek] Caught Off Guard: Securing AI After It Hits Production
• 10:52 UTC - [BleepingComputer] Exploit released for new PinTheft Arch Linux root escalation flaw
• 10:37 UTC - [Latest from TechRadar in Security] Cyber attackers have a new favorite, the browser
• 10:30 UTC - [The Hacker News] Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem
• 10:29 UTC - [Cyber Security News] GraphWorm Malware Uses Microsoft OneDrive as Command-and-Control Infrastructure
• 10:24 UTC - [Latest from TechRadar in Security] Convergence isn’t optional: The new mandate for IT and security
• 10:15 UTC - [SecurityWeek] Real-World ICS Security Tales From the Trenches
• 10:00 UTC - [Unit 42] Tracking TamperedChef Clusters via Certificate and Code Reuse
• 10:00 UTC - [SecurityWeek] Virtual Event Today: Threat Detection & Incident Response Summit
• 09:28 UTC - [SecurityWeek] GitHub Confirms Hack Impacting 3,800 Internal Repositories
• 09:25 UTC - [Cyber Security News] Microsoft Releases Mitigation for Windows BitLocker Security Feature Bypass 0-Day Vulnerability
• 09:25 UTC - [Cyber Security News] Microsoft Releases Mitigation for Windows BitLocker Security Bypass 0-Day Vulnerability
• 08:57 UTC - [Cyber Security News] New NGINX Vulnerability Allows Remote Attackers to Trigger Malicious Code
• 08:57 UTC - [Cyber Security News] New NGINX Vulnerability Allow Remote Attackers to Trigger Malicious Code
• 08:28 UTC - [Graham Cluley] FBI warns students and staff that ShinyHunters may come knocking after Canvas breach
• 08:28 UTC - [The Hacker News] Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
• 08:14 UTC - [BleepingComputer] GitHub confirms breach of 3,800 repos via malicious VSCode extension
• 08:10 UTC - [Cyber Security News] Fox Tempest Malware-Signing Service Abused Microsoft Artifact Signing to Certify Malware
• 07:31 UTC - [BleepingComputer] Microsoft shares mitigation for YellowKey Windows zero-day
• 07:00 UTC - [darkreading] Interpol's 'Operation Ramz' Pioneers Cross-Region Collabs in Middle East
• 05:12 UTC - [The Hacker News] Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
• 05:08 UTC - [BleepingComputer] GitHub investigates internal repositories breach claimed by TeamPCP
• 04:47 UTC - [Cyber Security News] GitHub Hacked – Internal Source Code Repositories Compromised via Employee Device
• 04:47 UTC - [Cyber Security News] GitHub Confirms Breach of Internal Repositories Via Hacked Employee Device
• 04:26 UTC - [Cyber Security News] PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability
• 04:01 UTC - [The Hacker News] GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
• 04:01 UTC - [The Hacker News] GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos
• 03:51 UTC - [Cyber Security News] ShinyHunters Claims Credit for Cyber-Attack on Online Learning Management System
• 03:44 UTC - [darkreading] What It'll Take to Make AI BOMs Usable in a Modern Security Program
• 02:39 UTC - [Cyber Security News] GitHub Source Code Breach – TeamPCP Claims Access to Internal Source Code
• 02:39 UTC - [Cyber Security News] GitHub Source Code Breach – TeamPCP Claims Access to 4,000 Repositories
• 00:04 UTC - [SecurityWeek] Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector
• 00:00 UTC - [The GreyNoise Blog] A New SonicWall Scanning Spike Echoes the Pattern That Preceded CVE-2026-0400

2026-05-19 #

• 23:28 UTC - [CyberScoop] CISA credential leak raises alarms, and Capitol Hill demands answers
• 22:25 UTC - [BleepingComputer] Max-severity flaw in ChromaDB for AI apps allows server hijacking
• 22:17 UTC - [darkreading] What Will Make AI BOMs Real?
• 22:07 UTC - [Cyber Security News] UAC-0184 Malware Chain Uses bitsadmin and HTA Files for Gated Payload Delivery
• 21:55 UTC - [darkreading] Verizon DBIR: Enterprises Face a Dangerous Vulnerability Glut
• 21:50 UTC - [Cyber Security News] macOS Malware Installs Fake Google Software Update LaunchAgent for Persistence
• 21:47 UTC - [BleepingComputer] Cybercrime service disrupted for abusing Microsoft platform to sign malware
• 21:19 UTC - [CyberScoop] Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches
• 21:06 UTC - [darkreading] Windows Zero-Day Barrage Continues After Patch Tuesday
• 20:37 UTC - [BleepingComputer] Discord rolls out end-to-end encryption on voice, video calls
• 20:12 UTC - [Cyber Security News] The Gentlemen Ransomware Attacks Windows, Linux, NAS, BSD, and ESXi Attacks
• 19:49 UTC - [darkreading] CISA Exposes Secrets, Credentials in 'Private' Repo
• 19:45 UTC - [BleepingComputer] FBI: Americans lost over $388 million to scams using crypto ATMs in 2025
• 19:35 UTC - [BleepingComputer] Microsoft Self-Service Password Reset abused in Azure data theft attacks
• 18:51 UTC - [Cyber Security News] Kimsuky Hackers Use LNK and JSE Lures to Target Recruiters, Crypto Users, and Defense Officials