ClickFix Campaign Evolves With Targeting Of MacOS Users
ClickFix started as a Windows problem. It is no longer one. Microsoft’s Defender Security Research Team published a detailed analysis documenting an active ClickFix campaign…
Month: May 2026
Thomas Peer Solutions unveils data cloud platform and executive leadership forum for 2026
Fragmented technology stacks add complexity to data security, governance and utilisation, making AI projects more expensive and less likely to succeed. However, a new platform…
Attackers Could Exploit AI Vision Models Using Imperceptible Image Changes
Cisco’s AI Threat Intelligence and Security Research team has published the second installment of a study probing how vision-language models (VLM), AI systems that read…
From Android TVs to routers: the xlabs_v1 Mirai-based botnet built for DDoS attacks
From Android TVs to routers: the xlabs_v1 Mirai-based botnet built for DDoS attacks Pierluigi Paganini May 07, 2026 A new Mirai‑based botnet, xlabs_v1, hijacks ADB‑exposed…
One House Democrat is pressing Commerce on the government’s spyware use
A House Democrat who’s been at the forefront of congressional efforts to scrutinize the federal government’s use of commercial spyware wants the Commerce Department to…
Bots in translation: Can AI really fix SIEM rule sprawl across vendors?
“SIEM rules encode not only syntax, but also detection intent,” Ming Xu, lead author of the paper, told CSO. Different SIEM platforms implement distinct field…
dmXProtect: Stop, Drop, Shut Malware Down
Note from the author: I’d be remiss not to mention the strangeness of the blog title, a simple but albeit ludicrous spin-off of a DMX…
Palo Alto Networks firewall zero-day exploited for nearly a month
Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month. Tracked as CVE-2026-0300,…
Hackers Abuse Google Ads to Steal Users GoDaddy ManageWP login Credentials
Hackers are using fake Google ads to steal login credentials from ManageWP users, GoDaddy’s popular platform for managing WordPress websites from a single dashboard. The…
Spring Vulnerabilities Open Door to Arbitrary File Access and GCP Secret Leaks
Security researchers have identified four new vulnerabilities in the Spring Cloud Config Server, ranging from medium to critical severity. These newly disclosed flaws could allow…
Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams
Sublime Security has released a new analysis detailing a growing trend in email-based cyberattacks: a technique called indirect prompt injection. While social media is often…
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Ravie LakshmananMay 07, 2026Malware / Threat Intelligence Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily…