Don’t Get Schooled: How to Catch a Phish
Threat actors love a good phish. In this year’s Data Breach Investigations Report released by Verizon, phishing is named as one of the top four…
Month: May 2026
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they…
CISA Admin Exposes AWS GovCloud Credentials on Public GitHub Repository
A major security lapse has exposed highly sensitive U.S. government cloud credentials after a contractor working with the Cybersecurity and Infrastructure Security Agency (CISA) accidentally…
Hackers Exploit Entra ID Accounts to Steal Microsoft 365, Azure Data
Hackers Abuse Microsoft Entra ID Accounts to Exfiltrate Microsoft 365 and Azure Data. A highly sophisticated cyberattack campaign carried out by a threat actor tracked…
Public Instagram posts provide raw material for AI phishing campaigns
A handful of public Instagram posts can give attackers enough material to generate convincing phishing emails with GenAI. Research from the University of Texas at…
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
Ravie LakshmananMay 19, 2026Software Security / Malware In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to…
Generative AI is changing the game in video gaming
Thank you for joining! Access your Pro+ Content below. 19 May 2026 Generative AI is changing the game in video gaming Share this item with…
Operation Ramz Targets MENA Cybercrime Networks
A large-scale cybercrime crackdown led by INTERPOL has resulted in 201 arrests and the identification of 3,867 victims across the Middle East and North Africa…
Microsoft Exposes Storm-2949 Azure And M365 Breach
Microsoft Threat Intelligence has disclosed details of a cyberattack carried out by a threat actor tracked as Storm-2949, which escalated from a targeted identity compromise into a…
Grafana refuses ransom demand after GitHub breach
Grafana Labs, the maker of popular open source monitoring and observability tooling, is resisting paying off a threat actor that gained access to its GitHub…
Critical Vulnerability Exposes Industrial Robot Fleets to Hacking
Universal Robots, a Danish company specializing in collaborative industrial robots, or cobots, has patched a critical vulnerability affecting one of its operating systems. Advisories published…
Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945
Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945 Pierluigi Paganini May 18, 2026 A critical NGINX flaw (CVE-2026-42945) is actively exploited, allowing crashes…