CIRT insights: How to help prevent unauthorized account removals from AWS Organizations
The AWS Customer Incident Response Team works with customers to help them recover from active security incidents. As part of this work, the team often…
Month: May 2026
At Mythos Speed: A Defender’s Playbook for the AI Vulnerability Surge in 2026
Key Takeaways Discovery has been commoditized. Frontier AI models like Mythos and GPT 5.5 are making vulnerability discovery cheap, fast, and broadly accessible. The defender’s…
Threat Advisory: Hackers Are Selling Access to MSPs
Our CEO, Kyle, recently received the ad below, found on an online forum frequented by cybercriminals. The body of the ad, translated into English, reads:…
Max-severity flaw in ChromaDB for AI apps allows server hijacking
A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers. The flaw…
UAC-0184 Malware Chain Uses bitsadmin and HTA Files for Gated Payload Delivery
A newly documented attack chain linked to the threat group UAC-0184 has been observed using Windows’ built-in bitsadmin tool and HTA files to sneak malicious…
The Invisible Workforce: Why Your Household Apps Now Have Their Own Digital IDs
Most people understand what it means to protect a human identity because the dangers of someone impersonating you online or stealing and cloning your card…
Criminal IP Showcases AI Security at Infosecurity Europe 2026
Torrance, United States / California, May 19th, 2026, CyberNewswire Criminal IP has announced its return to Infosecurity Europe 2026 with a focus on delivering more…
AI Agent Security: Automating Workflow Without Creating Prompt Injection or Data Leak Risks
AI agent security starts with a simple fact: the more authority an agent has, the tighter its access controls need to be. An AI agent…
Canonical ships Ubuntu Core 26 with 15 years of security maintenance
Operators of industrial sensors, edge AI controllers, and connected medical equipment now have a refreshed long-term Linux option for fleets that must stay patched for…
Facebook scam promises cheap Aldi meat boxes, steals payment info instead
Sometimes you spot posts on social media that make you wonder if any moderation takes place at all. Which is concerning, because two–thirds of all…
Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
Ravie LakshmananMay 19, 2026Malvertising / Mobile Security Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device…
Vulnerability exploitation now primary origin of data breaches
Approximately 31% – close to a third – of all data breaches now begin with the exploitation of some form of software vulnerability by a…