ZiChatBot Malware Abuses Zulip APIs for Stealthy C2 Operations
A new cross‑platform malware family, dubbed ZiChatBot, that abuses the trusted Python Package Index (PyPI) ecosystem and the Zulip team chat platform to run a stealthy…
Month: May 2026
Why Outdated Maintenance Software Is a Growing Ransomware Risk
Maintenance software rarely gets the same security attention as finance, HR, or customer systems. Yet it often holds a detailed map of equipment, locations, vendors,…
Helping North Korean IT remote workers is becoming a fast track to prison
Two U.S. nationals were sentenced to 18 months in prison for operating “laptop farms” that helped North Korean IT workers gain employment at nearly 70…
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel. Dubbed Dirty Frag, it has been described as a…
MEPs call for greater scrutiny of Europol following concerns over shadow IT
Members of the European Parliament (MEPs) have called for the expansion of Europol to be paused following disclosures that the police organisation ran a shadow…
EU AI Act Deal Brings Nudifier App Ban And Rule Delays
The European Union has reached a provisional agreement to amend parts of the EU AI Act, introducing simplification measures for businesses while also expanding restrictions…
Dirty Frag LPE Hits Linux Distributions Worldwide Hard
A newly disclosed local privilege escalation (LPE) vulnerability known as Dirty Frag is raising serious concerns across the Linux ecosystem after researchers revealed that the…
‘ClickFix’ attack tricks users into hacking themselves, ACSC warns
The Australian Cyber Security Centre (ACSC) has stepped in to warn users of an active attack campaign targeting Windows users with Vidar Stealer malware, which…
‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials
A threat actor has launched a campaign to clean up environments infected by the infamous TeamPCP hacking group and deploy its own malicious tools, SentinelOne…
AI, Cyberwarfare, and Autonomous Weapons: Inside America’s New Military Strategy
AI, Cyberwarfare, and Autonomous Weapons: Inside America’s New Military Strategy Pierluigi Paganini May 08, 2026 The Pentagon is integrating AI into military operations, transforming cybersecurity,…
Fixing trivial passwords is as easy as 123456
How come it’s still possible to ‘secure’ an online account with a six-digit string? 07 May 2026 • , 4 min. read The most-used password…
13 new critical holes in JavaScript sandbox allow execution of arbitrary code
In both cases, the highest-risk users are organizations that run untrusted JavaScript and assume vm2 is containing it. Those [application development] teams should patch immediately and add…