ASD warns of device code phishing as Proofpoint tracks growing criminal toolkits
The Australian Signals Directorate (ASD) has issued a public warning to Microsoft 365 users about device code phishing, saying it has received a number of…
Month: May 2026
AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks
According to analysis by SafeDep, the account in question, atool (i@hust.cc), which publishes the timeago.js JavaScript library, had rights to a large catalog of packages,…
Google publishes exploit code threatening millions of Chromium users
Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and…
Wasion Americas and Crytica bring endpoint cyber detection to utility smart meters
Wasion Americas announced a partnership with Crytica Security to integrate Crytica’s Rapid Detection Alert and Isolation (RDAi) technology into the Wasion Americas Aventa electric meter.…
Inside the RaaS Ecosystem: Operators, Affiliates & Attack Tradecraft
Ransomware actors following a ransomware-as-a-service (or RaaS) model are often described as one cohesive threat actor. But reality – and what we see in actual…
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting…
Hackers Use Fake Income Tax Assessment Pages to Infect Windows Systems
A new threat campaign is targeting Windows users in India by disguising malicious files as official income tax documents. Researchers have tracked the operation under…
Check Point Wants AI Agents to Do What Security Teams Can’t: Manage Networks at Machine Speed
Check Point has launched an agentic orchestration platform that can end the policy drift, stalled Zero Trust projects, and manual configuration backlogs that have plagued…
A Bipartisan Amendment Would End Police License Plate Tracking Nationwide
US lawmakers plan to introduce an amendment Thursday at a House committee markup hearing that would prohibit any recipient of federal highway funding from using…
Critical ExifTool Vulnerability Lets Hackers Compromise Macs via Malicious Images
A newly disclosed vulnerability in ExifTool, tracked as CVE-2026-3102, exposes macOS systems to command execution attacks through malicious image metadata, highlighting ongoing risks in widely…
GitHub Breach: TeamPCP Steals 3,800 Repositories via VS Code Extension
GitHub is the newest target of a data breach in which hackers from the infamous TeamPCP hackers bypassed its security to gain access to internal…
Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach…