Banana RAT Malware in Fake Invoices Hits Customers at 16 Brazilian Banks
A new threat called Banana RAT malware is targeting banking customers in Brazil, using fake documents and tools to compromise devices and steal funds. Cybersecurity…
Month: May 2026
Why AI changed the threat model for travel technology
In this Help Net Security interview, Devon Bryan, SVP, Global CSO at Booking Holdings, reflects on his path from Air Force network security engineer to…
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
Ravie LakshmananMay 21, 2026Supply Chain Attack / Developer Tools GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of…
Presight and Abu Dhabi Civil Defence build AI-driven public safety platform
The United Arab Emirates (UAE) has spent the past decade positioning itself as one of the world’s most ambitious adopters of artificial intelligence (AI), embedding…
CVE-2026–5140 Flaw Grants Root Access On Pardus Linux
A critical local privilege escalation vulnerability chain tracked as CVE-2026–5140 has exposed serious security weaknesses in Pardus Linux. Researchers revealed that the flaws allow any…
Account Theft Scheme Uncovered By Ukraine Cyber Police
The National Police of Ukraine has disclosed an international cybercrime operation tied to the theft of nearly 30,000 customer accounts belonging to a California-based online…
Singtel open to selling “meaningful minority stake” in Optus
Singtel is open to adding a local partner to its Optus operation in exchange for equity in the carrier. The Singtel Group, Optus’ owner, announced…
1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials
1Password has partnered with OpenAI to address one of the growing security concerns surrounding AI-powered software development: protecting enterprise credentials from leakage, theft, or misuse…
DirtyDecrypt: PoC Released for yet another Linux flaw
DirtyDecrypt: PoC Released for yet another Linux flaw Pierluigi Paganini May 20, 2026 DirtyDecrypt (CVE-2026-31635): working PoC out for a Linux kernel LPE flaw. Missing…
Microsoft is working on a patch for ‘YellowKey’ attack on Bitlocker, offers temporary fix
“Organizations should start by auditing their environment for the conditions that exist that leave them vulnerable to YellowKey,” said Eric Grenier, senior director analyst at Gartner.…
Exposed RDP: The Misconfiguration Attackers Keep Exploiting
There’s a skeleton lurking in business environments everywhere. It’s been there for years. It’s not glamorous, and it doesn’t make headlines like zero days. But…
Hackers bypass SonicWall VPN MFA due to incomplete patching
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. During the intrusions,…