Threat Actors Weaponize Tiflux RMMs in Malspam Attacks
Acknowledgements: Huntress wishes to recognize the contributions of SOC analysts Tanner Filip, Jose Oregon, and Priscilla Ibarra, and Lindsey O’Donnell-Welch for help hunting telemetry for…
Month: May 2026
Funnel Builder WordPress plugin bug exploited to steal credit cards
A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. The flaw…
OpenClaw Chain Vulnerabilities Expose 245,000 Public AI Agent Servers to Attack
A chain of four critical vulnerabilities discovered in OpenClaw, one of the fastest-growing open-source platforms for autonomous AI agents, has left an estimated 245,000 publicly…
Shai-Hulud Worm Steals Dev Secrets Across npm, GitHub, AWS & Kubernetes
Shai-Hulud is a major cybersecurity threat targeting the open-source software supply chain. Security researchers are raising alarms over “Shai-Hulud,” a self-propagating npm worm designed to…
The Next Cybersecurity Challenge May Be Verifying AI Agents
For the past two decades, cybersecurity has largely been a story about protecting humans from machines blocking malware, filtering phishing emails, companies mitigating DDoS attacks,…
Thieves unlock stolen iPhones using cheap tools sold on Telegram
Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishing infrastructure used to monetize stolen…
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Ravie LakshmananMay 15, 2026Vulnerability / AI Security Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve…
Interview: AI optimism and upskilling for a shifting job market
The mention of artificial intelligence (AI) can instil both fear and excitement in the hearts of tech executives and jobseekers alike, as the latest wave…
American Lending Center Data Breach Affects 123,000 Individuals
American Lending Center this week revealed that a data breach discovered last year has impacted more than 123,000 individuals. American Lending Center (ALC) is a…
Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall
Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall Pierluigi Paganini May 15, 2026 Pwn2Own Berlin 2026 day one saw 22 entries and…
MSPs need AI to fight AI-fueled cyberthreats: Guardz
Entry points haven’t changed, but the speed and scale of attacks have intensified, the security vendor found. Source link
Here’s how the FTC plans to enforce the Take It Down Act
The Federal Trade Commission is set to begin enforcing a key provision of the Take Down Act on May 19, requiring websites and online services…