CyberHappenings logo

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

News Summary

Hide ▲
Last updated: 18:00 20/05/2026 UTC
  • Unauthorized access to GitHub internal repositories reported; TeamPCP claims data sale and expands malware campaign GitHub confirmed the unauthorized access to internal repositories stemmed from a trojanized VS Code extension installed by an employee, affecting approximately 3,800 repos, with containment measures including removal of the malicious extension, device isolation, and critical secret rotation. TeamPCP claimed responsibility, offering the alleged GitHub data dump for sale with a minimum price of $50,000 and explicitly stating this is not a ransom operation, while also threatening free release if no buyer is found. TeamPCP expanded operations by compromising the durabletask PyPI package with a Linux infostealer targeting credentials across cloud environments and forming partnerships with extortion and ransomware actors including Lapsus$ and Vect ransomware. TeamPCP's malware campaign, known as Mini Shai-Hulud, has impacted multiple entities beyond GitHub, including Grafana Labs. Grafana Labs confirmed a breach was caused by a missed GitHub workflow token rotation following the TanStack npm supply-chain attack, resulting in the exfiltration of operational information such as business contact names and email addresses. No customer production systems or operations were compromised, and the company stated that the codebase was not modified and users are not required to take any action. Read
  • Shift in breach vectors: unpatched vulnerabilities surpass credential theft as leading intrusion entry point in 2025 In 2025, unpatched vulnerabilities became the dominant access vector for confirmed data breaches, overtaking credential abuse for the first time in Verizon’s Data Breach Investigations Report (DBIR) series. Analysis of 31,000 security incidents (22,000+ confirmed breaches) revealed 31% of breaches stemmed from exploited unpatched flaws, while credential abuse accounted for 13%. Ransomware involvement rose to 48% of confirmed breaches, with median ransom payments dropping below $140,000. Threat actors increasingly weaponized AI to accelerate vulnerability exploitation, shrinking the defensive window from months to hours. Organizations’ median patching time increased to 43 days, with only 26% of CISA KEV catalog vulnerabilities patched in 2025. Third-party breaches surged 60%, reaching 48% of total incidents, driven by expanded attack surfaces and inadequate MFA enforcement. Gen-AI integration into attack chains and enterprise Shadow AI usage further strained defenses. Mobile-centric phishing attacks achieved a 40% higher success rate than email-based phishing in simulations. Read
  • Remote code execution flaw in Universal Robots PolyScope 5 Dashboard Server enables unauthenticated takeover of collaborative robots A critical command injection vulnerability (CVE-2026-8153) in Universal Robots PolyScope 5 Dashboard Server allows unauthenticated attackers with network access to execute arbitrary commands on the robot’s Linux-based controller, achieving remote code execution (RCE) and full administrative control. The flaw resides in improper input neutralization within the Dashboard Server interface, enabling attackers to manipulate OT environments where collaborative robots (cobots) are deployed across manufacturing, logistics, automotive, healthcare, and other industrial sectors. Exploitation risks sabotage of manufacturing workflows, production shutdowns, ransomware deployment, data destruction, and manipulation of robotic precision and calibration. Safety hazards include disabling safeguards, altering programmed movements, or interrupting safety logic, potentially endangering human operators and causing physical harm or environmental incidents. CVE-2026-8153 carries a CVSS 3.1 base score of 9.8 and requires the Dashboard Server to be enabled and reachable via its network port; direct internet exposure is not typical due to standard OT network segmentation practices. Read
  • Quantum Bridge secures $8M Series A for Distributed Symmetric Key Establishment protocol deployment Quantum Bridge, a Toronto-based cybersecurity firm specializing in quantum-safe cryptography, announced $8 million in Series A funding, bringing total investment to $16 million. The company’s Distributed Symmetric Key Establishment (DSKE) protocol automates symmetric key creation and distribution using pre-shared random data and secret-sharing across Security Hubs, ensuring no single hub holds the complete key. This architecture mitigates both classical and quantum computing threats. Quantum Bridge’s Symmetric-Key Distribution System (SDS) combines DSKE with post-quantum cryptography (PQC) and quantum key distribution (QKD) into a crypto-agile platform deployable on existing network infrastructure via Ansible-based automation. Read
  • Microsoft-disrupted Fox Tempest’s malware-signing-as-a-service infrastructure Microsoft’s Digital Crimes Unit (DCU), in collaboration with the FBI and Europol’s EC3, has disrupted Fox Tempest’s malware-signing-as-a-service (MSaaS) infrastructure that provided fraudulent code-signing certificates for ransomware and malware operations. The takedown involved legal action in the US District Court for the Southern District of New York, sinkholing malicious domains, disabling hundreds of virtual machines on Cloudzy, and suspending roughly 1,000 accounts. Fox Tempest’s MSaaS platform abused Microsoft’s Artifact Signing to issue short-lived certificates valid for 72 hours, sold at tiered pricing from $5,000 to $9,000. The group collaborated with multiple ransomware operations, including Rhysida (Vanilla Tempest), Storm-2501, Storm-0249, INC, Qilin, BlackByte, and Akira, with attacks targeting critical sectors across the U.S., France, India, and China. The service evolved in February 2026 to offer pre-configured Cloudzy VMs, streamlining malicious binary signing and distribution. Microsoft’s operation, codenamed OpFauxSign, includes ongoing efforts to identify and pursue the group’s operators through undercover engagements and legal mechanisms. Read
  • Microsoft releases RAMPART and Clarity frameworks to harden AI agent development lifecycle Microsoft released two open-source tools, RAMPART and Clarity, to integrate security testing and design validation directly into the AI agent development process. RAMPART is a Pytest-native framework for writing and executing safety and security tests against AI agents, addressing adversarial and benign issues including cross-prompt injections and data exfiltration risks. Clarity serves as an "AI thinking partner" to help developers clarify design intent, explore failure modes, and track decisions before code is written. Together, the tools aim to shift AI safety from post-build review to a continuous, lifecycle-integrated practice by making assumptions testable and incidents reproducible. Read
  • Large-scale Android carrier-billing fraud campaign leveraging fake apps and hidden WebView automation A 10-month Android malware campaign used nearly 250 counterfeit apps to enroll victims in premium services via carrier billing, targeting users in Malaysia, Thailand, Romania and Croatia. The operation, codenamed Premium Deception by Zimperium zLabs, ran from March 2025 to mid-January 2026 and maintained portions of its infrastructure online at the time of disclosure. Malware variants automated end-to-end subscription enrollment by exploiting legitimate Android APIs, hidden WebViews and operator-specific billing portals to bypass user interaction and detection. Read
Last updated: 14:30 20/05/2026 UTC
  • OpenAI, TanStack, and Mistral AI Impacted in Escalating Mini Shai-Hulud Supply Chain Campaign The Mini Shai-Hulud supply chain campaign escalated with a new wave of over 600 compromised npm packages—primarily in the @antv ecosystem but also affecting widely used libraries like echarts-for-react and timeago.js—deploying a heavily obfuscated credential-stealing payload targeting developer workstations and CI/CD environments (GitHub Actions, GitLab CI, Jenkins, Azure DevOps, CircleCI, Vercel, Netlify). The malware harvests and exfiltrates credentials (GitHub, npm, cloud providers, Kubernetes, Vault, Docker, database, SSH) using AES-256-GCM and RSA-OAEP encryption, with fallback exfiltration to GitHub repositories under victim accounts. A critical advance in this variant is its abuse of OIDC tokens from compromised CI environments to forge valid Sigstore provenance attestations via Fulcio and Reko, enabling malicious packages to bypass standard provenance verification despite containing the credential-stealer. The self-propagation mechanism validates stolen npm tokens, enumerates victim packages, injects the payload, and republishes infected versions with incremented numbers. Researchers observed 639 malicious versions across 323 packages in one hour, with over 2,700 rogue repositories created using stolen tokens. This development follows prior compromises of TanStack, Mistral AI, OpenAI, PyPI packages (Lightning, intercom-client), and GitHub Actions workflows ('actions-cool/issues-helper', 'actions-cool/maintain-one-comment'), reflecting the campaign's continued evolution and cross-platform reach. The campaign originated with the public release of the Shai-Hulud source code by TeamPCP, enabling rapid cloning and weaponization into variants such as 'chalk-tempalte', '@deadcode09284814/axios-util', 'axois-utils', and 'color-style-utils'. These earlier variants combined credential theft with additional threats like the 'Phantom Bot' DDoS botnet and leveraged developer tooling (VS Code, Claude Code) and CI/CD pipelines for persistence and propagation. Victims include OpenAI (two employee devices breached via TanStack), Mistral AI (trojanized SDKs released), SAP (four npm packages compromised), PyPI (Lightning 2.6.2/2.6.3, intercom-client 7.0.4), UiPath, Guardrails AI, OpenSearch, and hundreds of npm packages across multiple ecosystems. The malware's destructive sabotage component targets systems in Israel or Iran, activating a 1-in-6 probability payload that plays maximum-volume audio before deleting files. Attackers have established over 2,200 GitHub repositories marked with the campaign's exfiltration signature ('Shai-Hulud: Here We Go Again'), underscoring the scale and persistence of this multi-vector, multi-ecosystem intrusion set. Read
  • Widespread OAuth Device Code Phishing Campaign Targets Microsoft 365 via EvilTokens PhaaS Since mid-February 2026, a large-scale device code phishing campaign has targeted Microsoft 365 across at least 340 organizations in over 10 countries, escalating 37.5x in early April. The campaign abuses OAuth device authorization flows via the EvilTokens PhaaS platform and at least 10 additional phishing kits (VENOM, DOCUPOLL, SHAREFILE, etc.), granting persistent access tokens even after password resets. Attacks incorporate anti-bot evasion, multi-hop redirect chains via vendor services, and SaaS-themed lures, while mitigation focuses on disabling device code flows and monitoring anomalous authentications. Credential exposures like the Figure breach (967,200 email records) enable follow-on campaigns—credential stuffing, AI-generated phishing, and help desk social engineering—that bypass legacy MFA through real-time phishing relays and social engineering. Legacy MFA and even FIDO2 passkeys are structurally unable to prevent these attacks, which rely on human judgment at critical control points. Phishing-resistant authentication requires cryptographic origin binding, hardware-bound keys, and live biometric verification to close relay and delegation vectors. New research emphasizes how EvilTokens and similar kits exploit OAuth consent screens to trick users into granting scoped refresh tokens, bypassing MFA entirely and maintaining persistence even after password resets. The attack vector, termed consent phishing or OAuth grant abuse, operates below traditional identity controls, with refresh tokens surviving tenant policy changes unless explicitly revoked. The article also highlights the rise of 'toxic combinations'—unauthorized bridges between SaaS applications via OAuth grants—that create interconnected risk surfaces, exemplified by the 2025 Salesloft-Drift incident. Mitigation strategies now include platforms like Reco that map OAuth grants and AI agents into identity graphs, enabling continuous monitoring and token-level revocation to address these emergent attack pathways. Read
  • Upcoming webinar on automating and coordinating network incident response workflows A live webinar scheduled for June 2, 2026, will address systemic gaps in network incident response workflows that exacerbate incident escalation despite existing monitoring and security tooling. The session, titled "From alert to resolution: Fixing the gaps in network incident response," is hosted by BleepingComputer in partnership with Tines and will be presented by Edgar Ortiz, a Solutions Engineering Leader and Computer Scientist at Tines. It highlights how reliance on manual triage, alert routing, and coordination across disparate systems—rather than visibility limitations—drives incident escalation and service disruption during high-pressure scenarios. Read
  • Unauthenticated SQL Injection and Arbitrary File Read Vulnerabilities in Avada Builder WordPress Plugin Affect One Million Sites Two vulnerabilities in the Avada Builder WordPress plugin—CVE-2026-4782 (arbitrary file read) and CVE-2026-4798 (unauthenticated SQL injection)—have exposed approximately one million WordPress sites to credential theft and full site compromise. The arbitrary file read flaw allows authenticated subscribers to access sensitive server files, including wp-config.php, via the plugin’s shortcode-rendering functionality and custom_svg parameter. Access to wp-config.php can lead to full site takeover by enabling compromise of an administrator account. The unauthenticated SQL injection flaw, rated CVSS 7.5, impacts sites where WooCommerce was enabled and then deactivated, enabling attackers to extract database contents such as password hashes. The vulnerabilities were discovered by security researcher Rafie Muhammad under the Wordfence Bug Bounty Program and reported to the vendor on March 24, 2026, following submission to Wordfence on March 21. The vendor released patches in versions 3.15.2 (April 13) and 3.15.3 (May 12), with site administrators urged to update immediately. Read
  • Tycoon2FA Phishing-as-a-Service Takedown Tycoon2FA, a subscription-based phishing-as-a-service (PhaaS) platform that bypasses MFA using adversary-in-the-middle techniques, has expanded its capabilities to include device-code phishing attacks targeting Microsoft 365 accounts via OAuth 2.0 device authorization grant flows. The platform, active since August 2023, offers subscription-based access for bypassing multi-factor authentication, targeting major services like Microsoft 365 and Google. It was linked to over 64,000 phishing incidents and facilitated unauthorized access to nearly 100,000 organizations globally by mid-2025. The primary operator, identified as 'SaaadFridi' and 'Mr_Xaad,' remains at large. The platform’s infrastructure relies on adversary-in-the-middle techniques, AI-generated decoy pages, and short-lived domains to evade detection, while customers employ tactics like ATO Jumping to distribute phishing URLs. The platform was disrupted in a March 4, 2026 global takedown led by Europol’s EC3 and law enforcement from six European countries, but rapidly resumed operations within days to pre-disruption levels. Post-disruption, Tycoon2FA operators have continued to develop the kit, adding device-code phishing capabilities that abuse Trustifi click-tracking URLs and OAuth 2.0 flows. The phishing kit now includes a four-layer in-browser delivery chain, fake Microsoft CAPTCHA pages, and extensive anti-analysis protections to evade detection and analysis. Post-compromise activities include business email compromise (BEC), email thread hijacking, cloud account takeovers, and malicious SharePoint links, with old infrastructure remaining active and new domains registered quickly. Read
  • Shamos Infostealer Targeting Mac Devices via ClickFix Attacks Since June 2025, the COOKIE SPIDER group’s Shamos infostealer and Atomic macOS Stealer (AMOS) variants have targeted Mac devices via evolving ClickFix social engineering campaigns, stealing data and credentials from browsers, Keychain, Apple Notes, and cryptocurrency wallets. Early campaigns used malvertising, fake GitHub repositories, and signed Swift applications hosted on legitimate platforms, while also leveraging Terminal-based ClickFix tactics and obfuscated payloads. In March 2026, Apple introduced a Terminal security feature in macOS Tahoe 26.4 to disrupt ClickFix attack chains by blocking pasted command execution and warning users of risks. A major evolution emerged in April 2026 when Jamf researchers observed attackers abusing the built-in Script Editor application to bypass these protections using fake Apple-themed disk cleanup guides and malicious applescript:// URL scheme execution. The Script Editor-based ClickFix variation enabled theft of Keychain data, browser autofill, cryptocurrency wallet extensions, and system details without Terminal interaction, and introduced a backdoor component for persistent access. Most recently, SentinelOne has identified a new SHub macOS infostealer variant, dubbed Reaper, which further refines the Script Editor-based ClickFix attack vector. Reaper uses a fake Apple security update message displayed via the applescript:// URL scheme to launch Script Editor with a malicious AppleScript payload dynamically constructed and hidden under ASCII art. The malware bypasses Apple’s Terminal mitigations, performs device fingerprinting to evade sandboxes, and targets extensive data across browsers, wallets, password managers, iCloud, Telegram, and developer files. It includes a Filegrabber module for collecting sensitive documents and a wallet hijacking mechanism that replaces legitimate application files with malicious payloads. Reaper establishes persistence via a Google software update impersonation script registered as a LaunchAgent, enabling periodic beaconing to the C2 server and remote payload execution. Notably, the malware includes geofencing to avoid infecting Russian systems and represents an escalation in capabilities, incorporating remote access functionality to allow additional malware deployment on compromised macOS devices. Read
  • Phishing-to-outage lifecycle focus of upcoming MSP cyber resilience webinar featuring Kaseya On May 14, 2026 at 2:00 PM ET, BleepingComputer and Kaseya will host a live technical webinar titled "From phishing to fallout: Why MSPs must rethink both security and recovery." Led by Austin O'Saben and Adam Marget, the session will present advanced strategies for MSPs to integrate detection, response, and recovery to mitigate phishing-driven cyber incidents. Modern threat actors increasingly combine AI-generated phishing, business email compromise, ransomware, and SaaS abuse to bypass traditional defenses and disrupt operations. The webinar emphasizes that reliance on prevention alone is insufficient; instead, organizations must strengthen both security posture and recovery readiness, including SaaS backups and business continuity planning. Kaseya experts will detail how integrating backup and disaster recovery (BCDR) into security strategies is critical to reduce downtime and limit incident impact during such attacks. Building on prior coverage, a May 13, 2026 BleepingComputer article highlights that brand impersonation in AI-driven phishing is outpacing traditional email security, and that recovery delays after compromise can prolong operational disruption and increase recovery costs even after containment. Organizations are urged to prepare not only to defend against attacks but also to recover from them quickly. A separate May 7, 2026 article by The Hacker News promotes another webinar, "One Click, Total Shutdown: The 'Patient Zero' Webinar on Killing Stealth Breaches," which focuses on immediate breach containment strategies for AI-driven phishing attacks, including the "Patient Zero" concept and the 5-minute critical window for containment. Read

Latest updates

Browse →

Microsoft releases RAMPART and Clarity frameworks to harden AI agent development lifecycle

Updated: · First: 20.05.2026 20:06 · 📰 1 src / 1 articles

Microsoft released two open-source tools, RAMPART and Clarity, to integrate security testing and design validation directly into the AI agent development process. RAMPART is a Pytest-native framework for writing and executing safety and security tests against AI agents, addressing adversarial and benign issues including cross-prompt injections and data exfiltration risks. Clarity serves as an "AI thinking partner" to help developers clarify design intent, explore failure modes, and track decisions before code is written. Together, the tools aim to shift AI safety from post-build review to a continuous, lifecycle-integrated practice by making assumptions testable and incidents reproducible.

Remote code execution flaw in Universal Robots PolyScope 5 Dashboard Server enables unauthenticated takeover of collaborative robots

Updated: · First: 20.05.2026 19:12 · 📰 1 src / 1 articles

A critical command injection vulnerability (CVE-2026-8153) in Universal Robots PolyScope 5 Dashboard Server allows unauthenticated attackers with network access to execute arbitrary commands on the robot’s Linux-based controller, achieving remote code execution (RCE) and full administrative control. The flaw resides in improper input neutralization within the Dashboard Server interface, enabling attackers to manipulate OT environments where collaborative robots (cobots) are deployed across manufacturing, logistics, automotive, healthcare, and other industrial sectors. Exploitation risks sabotage of manufacturing workflows, production shutdowns, ransomware deployment, data destruction, and manipulation of robotic precision and calibration. Safety hazards include disabling safeguards, altering programmed movements, or interrupting safety logic, potentially endangering human operators and causing physical harm or environmental incidents. CVE-2026-8153 carries a CVSS 3.1 base score of 9.8 and requires the Dashboard Server to be enabled and reachable via its network port; direct internet exposure is not typical due to standard OT network segmentation practices.

Unauthorized access to GitHub internal repositories reported; TeamPCP claims data sale and expands malware campaign

Updated: 20.05.2026 18:46 · First: 20.05.2026 07:01 · 📰 5 src / 5 articles

GitHub confirmed the unauthorized access to internal repositories stemmed from a trojanized VS Code extension installed by an employee, affecting approximately 3,800 repos, with containment measures including removal of the malicious extension, device isolation, and critical secret rotation. TeamPCP claimed responsibility, offering the alleged GitHub data dump for sale with a minimum price of $50,000 and explicitly stating this is not a ransom operation, while also threatening free release if no buyer is found. TeamPCP expanded operations by compromising the durabletask PyPI package with a Linux infostealer targeting credentials across cloud environments and forming partnerships with extortion and ransomware actors including Lapsus$ and Vect ransomware. TeamPCP's malware campaign, known as Mini Shai-Hulud, has impacted multiple entities beyond GitHub, including Grafana Labs. Grafana Labs confirmed a breach was caused by a missed GitHub workflow token rotation following the TanStack npm supply-chain attack, resulting in the exfiltration of operational information such as business contact names and email addresses. No customer production systems or operations were compromised, and the company stated that the codebase was not modified and users are not required to take any action.

Quantum Bridge secures $8M Series A for Distributed Symmetric Key Establishment protocol deployment

Updated: · First: 20.05.2026 18:45 · 📰 1 src / 1 articles

Quantum Bridge, a Toronto-based cybersecurity firm specializing in quantum-safe cryptography, announced $8 million in Series A funding, bringing total investment to $16 million. The company’s Distributed Symmetric Key Establishment (DSKE) protocol automates symmetric key creation and distribution using pre-shared random data and secret-sharing across Security Hubs, ensuring no single hub holds the complete key. This architecture mitigates both classical and quantum computing threats. Quantum Bridge’s Symmetric-Key Distribution System (SDS) combines DSKE with post-quantum cryptography (PQC) and quantum key distribution (QKD) into a crypto-agile platform deployable on existing network infrastructure via Ansible-based automation.

Large-scale Android carrier-billing fraud campaign leveraging fake apps and hidden WebView automation

Updated: · First: 20.05.2026 18:30 · 📰 1 src / 1 articles

A 10-month Android malware campaign used nearly 250 counterfeit apps to enroll victims in premium services via carrier billing, targeting users in Malaysia, Thailand, Romania and Croatia. The operation, codenamed Premium Deception by Zimperium zLabs, ran from March 2025 to mid-January 2026 and maintained portions of its infrastructure online at the time of disclosure. Malware variants automated end-to-end subscription enrollment by exploiting legitimate Android APIs, hidden WebViews and operator-specific billing portals to bypass user interaction and detection.

OpenAI, TanStack, and Mistral AI Impacted in Escalating Mini Shai-Hulud Supply Chain Campaign

Updated: 20.05.2026 18:00 · First: 29.04.2026 19:26 · 📰 15 src / 23 articles

The Mini Shai-Hulud supply chain campaign has escalated with a new wave of 639 compromised npm packages tied to the AntV ecosystem, including high-download dependencies such as echarts-for-react and timeago.js. The attack ran for roughly one hour on May 19, 2026, beginning at 01:56 UTC, publishing malicious versions from the compromised “atool” maintainer account that held rights for over 500 packages. Each compromised package added an obfuscated Bun bundle preinstall hook to harvest and exfiltrate credentials (cloud, CI/CD, SSH, Kubernetes, and password manager vaults) via GitHub repositories marked with Dune-themed names and the campaign's reversed signature. Earlier waves targeted TanStack and Mistral AI SDKs, SAP npm packages, and PyPI ecosystems (Lightning, intercom-client), while compromising GitHub Actions workflows ('actions-cool/issues-helper', 'actions-cool/maintain-one-comment') and hundreds of npm packages across multiple ecosystems. Affected organizations include OpenAI (two employee devices breached via TanStack), UiPath, Guardrails AI, OpenSearch, SAP, and hundreds of npm and PyPI packages. The malware harvests over 20 credential types, abuses OIDC tokens to forge Sigstore provenance attestations, implements self-propagation via stolen npm tokens, and includes a destructive sabotage payload targeting systems in Israel or Iran. The campaign is attributed to TeamPCP, which publicly released the Shai-Hulud source code, enabling rapid cloning and weaponization by other actors.

Microsoft-disrupted Fox Tempest’s malware-signing-as-a-service infrastructure

Updated: 20.05.2026 17:36 · First: 19.05.2026 18:00 · 📰 2 src / 2 articles

Microsoft’s Digital Crimes Unit (DCU), in collaboration with the FBI and Europol’s EC3, has disrupted Fox Tempest’s malware-signing-as-a-service (MSaaS) infrastructure that provided fraudulent code-signing certificates for ransomware and malware operations. The takedown involved legal action in the US District Court for the Southern District of New York, sinkholing malicious domains, disabling hundreds of virtual machines on Cloudzy, and suspending roughly 1,000 accounts. Fox Tempest’s MSaaS platform abused Microsoft’s Artifact Signing to issue short-lived certificates valid for 72 hours, sold at tiered pricing from $5,000 to $9,000. The group collaborated with multiple ransomware operations, including Rhysida (Vanilla Tempest), Storm-2501, Storm-0249, INC, Qilin, BlackByte, and Akira, with attacks targeting critical sectors across the U.S., France, India, and China. The service evolved in February 2026 to offer pre-configured Cloudzy VMs, streamlining malicious binary signing and distribution. Microsoft’s operation, codenamed OpFauxSign, includes ongoing efforts to identify and pursue the group’s operators through undercover engagements and legal mechanisms.

Evolving Zero Trust: Continuous Device Verification Required to Combat Credential and Session Token Theft

Updated: · First: 20.05.2026 17:02 · 📰 1 src / 1 articles

A growing body of evidence indicates that identity-centric security architectures are insufficient against increasingly sophisticated cyber threats, particularly when attackers weaponize AI-enhanced phishing kits and session hijacking. Multi-factor authentication (MFA) alone is being bypassed via real-time adversary-in-the-middle (AiTM) phishing, allowing attackers to proxy authentication and steal session tokens post-authentication. As organizations adopt SaaS, BYOD, and hybrid work models, a valid credential no longer guarantees a safe connection without ongoing validation of device security posture. Zero Trust frameworks, especially NIST SP 800-207, emphasize that access decisions must be dynamic and include continuous verification of both user identity and device health throughout the session lifecycle. Historically, identity verification was treated as a one-time event, creating a persistent blind spot where session tokens remain valid even on compromised or unmanaged endpoints. Many Zero Trust deployments have become overly identity-focused, with device posture checks inconsistently applied, limited to modern browser workflows, or absent for legacy protocols, remote access tools, and API integrations. This fragmentation enables attackers to maintain persistence using stolen credentials or intercepted tokens on unmanaged or non-compliant devices.

Drupal core vulnerability disclosure with imminent exploitation risk prompts urgent updates across multiple versions

Updated: · First: 20.05.2026 15:52 · 📰 1 src / 1 articles

Drupal announced an imminent critical security update for core versions 8 and later, with exploitation expected within hours of public disclosure. Administrators are advised to prioritize updates between 17:00–21:00 UTC on May 20, 2026, migrating to supported versions where possible. Non-supported versions (Drupal 8, 9, 11.1x, 10.4x) receive last-minute hotfixes due to severity, while supported versions (10.6.x, 11.3.x) are strongly recommended. No technical details are available yet, and misleading claims online are cautioned against.

China-nexus Webworm expands toolset with EchoCreep and GraphWorm backdoors leveraging Discord and Microsoft Graph API for C2

Updated: · First: 20.05.2026 15:51 · 📰 1 src / 1 articles

A China-aligned threat actor tracked as Webworm has deployed two new custom backdoors, EchoCreep and GraphWorm, using Discord and Microsoft Graph API respectively for command-and-control (C2) communications during 2025 activities. The group, active since at least 2022 and previously associated with RATs such as Trochilus, Gh0st, and 9002, has shifted toward stealthier (semi-)legitimate utilities including SOCKS proxies and custom proxy tools like WormFrp, ChainWorm, SmuxProxy, and WormSocket. Targeting spans government agencies and enterprises in Russia, Georgia, Mongolia, European countries including Belgium, Italy, Serbia, and Poland, and a university in South Africa, often blending operations using SoftEther VPN and GitHub-hosted malware staging. Initial access vectors remain unclear though brute-forcing of web server files and directories using open-source tools like dirsearch and nuclei has been observed.

Surge in unmanaged identity exposures complicates Agent AI adoption across enterprises

Updated: · First: 20.05.2026 14:58 · 📰 1 src / 1 articles

Analysis of the Orchid Security Identity Gap: Snapshot 2026 released on May 19, 2026 reveals a critical imbalance in enterprise identity management landscapes. Visible identity elements constitute only 43% of total identities while 'identity dark matter'—unmanaged or invisible identities—now accounts for 57%, highlighting systemic gaps in IAM practices. This imbalance coincides with widespread enterprise adoption of Agent AI systems, which, by design, seek shortcuts to complete assigned tasks, often exploiting unmanaged credentials, excessive permissions, or orphan accounts to bypass intended access controls. The lack of intrinsic ethical or control mechanisms in AI agents amplifies the risk of unauthorized access or lateral movement, underscoring the need for robust identity governance as a prerequisite for safe Agent AI integration.

Webworm APT expands operations with new backdoors and proxy toolkit targeting European governments

Updated: · First: 20.05.2026 14:30 · 📰 1 src / 1 articles

The China-linked APT group Webworm has expanded its targeting to include governmental organizations in Europe, compromising entities in Belgium, Italy, Poland, Serbia, and Spain, alongside a university in South Africa. The group has introduced two new backdoors—EchoCreep, leveraging Discord for C2, and GraphWorm, using Microsoft Graph API and OneDrive endpoints for command-and-control and data exfiltration. Initial access vectors include exploitation of a now-discontinued SquirrelMail vulnerability in at least one confirmed case. Webworm also employs a suite of custom proxy tools (WormFrp, ChainWorm, SmuxProxy, WormSocket) to expand its operational network, with ChainWorm specifically used to extend proxy infrastructure and WormFrp configured to retrieve configurations from an AWS S3 bucket.

Public exploit for PinTheft Linux kernel privilege escalation vulnerability released

Updated: · First: 20.05.2026 13:52 · 📰 1 src / 1 articles

A proof-of-concept exploit for the PinTheft Linux kernel privilege escalation vulnerability has been publicly released, enabling local attackers to gain root access on Arch Linux systems. The flaw is a zero-copy double-free bug in the Linux kernel's Reliable Datagram Sockets (RDS) implementation that allows page-cache overwrites through io_uring fixed buffers. Exploitation requires the RDS kernel module to be loaded, io_uring enabled, a readable SUID-root binary, and x86_64 support. Successful exploitation leads to arbitrary root shell acquisition via stolen FOLL_PIN references.

Supply chain subversion via trojanized browser extensions and npm packages enables silent runtime data interception

Updated: · First: 20.05.2026 13:30 · 📰 1 src / 1 articles

Between December 2024 and December 2025, threat actors evolved typosquatting into a supply chain attack vector by compromising developer credentials and injecting malicious code into widely used browser extensions and npm packages. Attackers exploited inherited trust in dependency chains by pushing trojanized versions of legitimate packages or extensions through official distribution channels, including the Chrome Web Store. Malicious payloads executed silently at runtime within users' browsers, intercepting sensitive data such as seed phrases, payment card information, and private keys before the legitimate application processed them. No server breaches or user misdirection were required; the compromise originated from within trusted software supply chains. Detection was evaded because existing security controls—firewalls, WAFs, EDR, and CSP—lack visibility into post-execution runtime behavior within the browser. The Trust Wallet Chrome extension incident in December 2025 resulted in $8.5 million stolen from 2,500 wallets within 48 hours. Similar attacks targeted npm packages like chalk/debug and @solana/web3.js, demonstrating scalability and cross-platform impact beyond cryptocurrency ecosystems.

Browser-locking CypherLoc scareware campaign observed in 2.8 million attacks since January 2026

Updated: · First: 20.05.2026 13:00 · 📰 1 src / 1 articles

A large-scale browser-based scareware campaign named CypherLoc has targeted approximately 2.8 million users since the start of 2026, locking browsers and coercing victims into contacting fraudulent technical support lines. The attack begins via phishing emails that direct victims to malicious web pages, which only activate the full scareware payload under specific conditions to evade detection. Once triggered, CypherLoc disables browser controls, displays fake security alerts, and bombards victims with popups and audio cues to escalate panic. The scareware retrieves the user’s IP address and presents a fake login prompt, while prominently displaying a fraudulent support phone number. Victims who call the number are connected to human operators posing as Microsoft support staff, continuing the social engineering scam via live interaction.

Shift in breach vectors: unpatched vulnerabilities surpass credential theft as leading intrusion entry point in 2025

Updated: 20.05.2026 11:40 · First: 20.05.2026 03:04 · 📰 2 src / 2 articles

In 2025, unpatched vulnerabilities became the dominant access vector for confirmed data breaches, overtaking credential abuse for the first time in Verizon’s Data Breach Investigations Report (DBIR) series. Analysis of 31,000 security incidents (22,000+ confirmed breaches) revealed 31% of breaches stemmed from exploited unpatched flaws, while credential abuse accounted for 13%. Ransomware involvement rose to 48% of confirmed breaches, with median ransom payments dropping below $140,000. Threat actors increasingly weaponized AI to accelerate vulnerability exploitation, shrinking the defensive window from months to hours. Organizations’ median patching time increased to 43 days, with only 26% of CISA KEV catalog vulnerabilities patched in 2025. Third-party breaches surged 60%, reaching 48% of total incidents, driven by expanded attack surfaces and inadequate MFA enforcement. Gen-AI integration into attack chains and enterprise Shadow AI usage further strained defenses. Mobile-centric phishing attacks achieved a 40% higher success rate than email-based phishing in simulations.

BitLocker bypass technique YellowKey leveraging FsTx files disclosed with mitigation available

Updated: · First: 20.05.2026 11:28 · 📰 1 src / 1 articles

A bypass technique dubbed YellowKey for Microsoft BitLocker Device Encryption was publicly disclosed, enabling attackers with physical access to bypass encryption on certain Windows systems. The technique abuses a Windows Recovery Environment (WinRE) behavior via specially crafted FsTx files on USB or EFI partitions, allowing unauthenticated shell access when triggering WinRE with the CTRL key. Microsoft issued mitigations and recommends switching from TPM-only to TPM+PIN protectors to neutralize the bypass.

Authentication bypass flaw in ChromaDB vector database enables remote code execution via model loading

Updated: · First: 20.05.2026 01:25 · 📰 1 src / 1 articles

A critical authentication bypass vulnerability (CVE-2026-45829) in ChromaDB, a widely used open-source vector database for AI applications, allows unauthenticated attackers to remotely execute arbitrary code on exposed servers. The flaw stems from an improperly placed authentication check in the Python FastAPI implementation, enabling attackers to force the system to load and execute a malicious model from Hugging Face before authentication is enforced. Impacted deployments are those exposing the ChromaDB API over HTTP, with nearly 14 million monthly downloads of the PyPI package at risk. Local deployments or those using the Rust frontend are unaffected.

Global Push for AI Bill of Materials (AI BOM) Standards and Visibility Accelerates Ahead of 2026 Regulatory Deadlines

Updated: 20.05.2026 01:17 · First: 19.05.2026 00:44 · 📰 2 src / 2 articles

Regulatory and industry momentum for AI BOMs has accelerated with concrete tooling, standards extensions, and enforcement timelines. Standards bodies OWASP and the Linux Foundation have released AI-specific extensions to their SBOM frameworks, while organizations like the OpenSSF formalized model-signing specifications. Commercial platforms such as Manifest Cyber, Cycode, and JFrog now integrate AI BOM generation, and regulatory pressure is intensifying with the EU AI Act’s August 2026 deadline and new US mandates for defense contractors and financial sector examinations. Cyber insurers are also signaling AI governance as a coverage prerequisite. This follows prior emphasis on AI BOMs as a critical tool for managing AI supply chain risks, with regulatory bodies in the EU and US requiring documentation for high-risk systems and the G7 outlining minimum AI BOM elements. The open-source ecosystem’s rapid growth and documented threats like backdoored models have underscored the urgency for visibility tools, while standards bodies such as CISA, NIST, OWASP, and the Linux Foundation converge on core AI BOM elements including model artifacts, data lineage, and deployment context.

Discord enables default end-to-end encryption for voice and video calls via DAVE protocol rollout

Updated: · First: 19.05.2026 23:37 · 📰 1 src / 1 articles

Discord has rolled out default end-to-end encryption (E2EE) for all voice and video calls across its platform, completing deployment in March 2026. The encryption layer covers direct messages, group chats, voice channels, and Go Live streams, while excluding Stage channels due to their public broadcast nature. The implementation leverages the DAVE protocol, an open-source framework extended to support all client platforms, including desktop, mobile, web browsers, PlayStation, Xbox, and SDKs. E2EE is now active by default, with unencrypted fallback client code being removed. This shift impacts approximately 200 million monthly active users and 690 million registered accounts globally, elevating privacy protections for real-time communications amid growing concerns over surveillance and data exposure risks in collaboration platforms.

Crypto ATM fraud losses exceed $388 million in 2025 amid surge in nationwide regulatory bans

Updated: · First: 19.05.2026 22:45 · 📰 1 src / 1 articles

Criminals exploited cryptocurrency ATMs to defraud U.S. victims of over $388 million in 2025, according to the FBI’s Internet Crime Complaint Center (IC3). Victims—often directed by fraudsters via phone, email, or social media—were instructed to deposit cash at standalone crypto kiosks, which converted funds into attacker-controlled wallets. Losses surged 58% year-over-year, with over 13,400 complaints filed, disproportionately affecting individuals over 50. The scam vector relies on the irreversible nature of crypto transactions and the relative anonymity of kiosks, which often lack robust identity verification. States including Minnesota, Indiana, and Tennessee moved to ban crypto ATMs in response, citing consumer protection and money laundering risks.

Storm-2949 leverages Microsoft Self-Service Password Reset to exfiltrate data from Azure and Microsoft 365 environments

Updated: · First: 19.05.2026 22:35 · 📰 1 src / 1 articles

A newly identified threat actor, tracked as Storm-2949, is actively targeting Microsoft 365 and Azure production environments to exfiltrate sensitive data using legitimate applications and administration features. The actor employs social engineering to compromise privileged accounts, primarily by abusing the Microsoft Entra ID Self-Service Password Reset (SSPR) flow. After tricking victims into approving multi-factor authentication (MFA) prompts, the attacker resets passwords, removes MFA controls, and enrolls their own device in Authenticator. This enables persistent access to Microsoft 365 applications, including OneDrive and SharePoint, where VPN configurations and IT operational files are targeted for data theft. Storm-2949 subsequently pivots to Azure infrastructure, compromising identities with privileged RBAC roles to extract secrets from Key Vaults, Azure SQL databases, and Storage accounts, and to deploy remote access tools such as ScreenConnect. The actor also modifies firewall rules, creates rogue administrator accounts, and disables security protections to evade detection.

Trapdoor Android ad fraud operation leveraging 455 malicious apps and selective activation techniques disrupted

Updated: · First: 19.05.2026 19:38 · 📰 1 src / 1 articles

A large-scale Android ad fraud and malvertising operation named Trapdoor was uncovered, utilizing 455 malicious utility-style apps and 183 threat actor-owned C2 domains to generate 659 million daily bid requests. The campaign operated as a self-sustaining revenue cycle, where initial app installs triggered malvertising that coerced users into downloading secondary apps, which then performed hidden ad fraud via automated touch fraud and concealed WebView ad requests. Traffic was predominantly U.S.-based, accounting for over 75% of volume, and the operation peaked at 24 million total app downloads. Selective activation techniques ensured fraudulent behavior was triggered only for users acquired through threat actor-run ad campaigns, while organic downloads remained unaffected. Google removed all identified malicious apps from the Play Store following responsible disclosure.

Non-dismissible location permission prompts affecting Microsoft Teams on macOS systems post-security update

Updated: · First: 19.05.2026 19:10 · 📰 1 src / 1 articles

Microsoft Teams users on macOS have reported undismissible location permission prompts appearing repeatedly since May 14, 2026, despite selecting 'Don't Allow'. Microsoft attributed the issue to a recent macOS security update that fails to retain location-permission selections for Teams, causing persistent dialogs. The company is collaborating with Apple to resolve the root cause and investigating a Teams-side mitigation. Affected users are advised to temporarily enable location access via macOS Privacy & Security settings as a workaround until a fix is implemented.

DirtyDecrypt Linux kernel root escalation exploit public availability

Updated: 19.05.2026 17:56 · First: 18.05.2026 10:18 · 📰 2 src / 2 articles

DirtyDecrypt (CVE-2026-31635), a Linux kernel local privilege escalation vulnerability, has seen its proof-of-concept exploit publicly released, enabling attackers to gain root access on systems with CONFIG_RXGK enabled. The flaw stems from a missing copy-on-write (COW) guard in the rxgk module’s rxgk_decrypt_skb function, allowing writes to privileged memory pages or sensitive file caches such as /etc/shadow or /etc/sudoers. Discovered by Zellic and V12 on May 9, 2026, the vulnerability was later found to duplicate a flaw already patched in the mainline kernel on April 25, 2026. DirtyDecrypt is part of a broader wave of recent Linux root-escalation flaws, including Copy Fail, Dirty Frag, and Fragnesia, all of which leverage pagecache write primitives. The disclosure follows an embargo breach that accelerated public release of related techniques, while new mitigation strategies like a runtime kernel killswitch and Rocky Linux’s optional security repository are being explored to address the rapid exploitation of such vulnerabilities.

Surge in Microsoft critical vulnerabilities driven by privilege escalation and cloud platform flaws

Updated: · First: 19.05.2026 17:00 · 📰 1 src / 1 articles

Microsoft disclosed 1,273 vulnerabilities in 2025, a slight decrease from 1,360 in 2024, but critical vulnerabilities doubled year-over-year from 78 to 157, reversing a multi-year downward trend. Elevation of Privilege (EoP) vulnerabilities accounted for 40% of all CVEs, while Information Disclosure flaws rose by 73%, indicating a shift in attacker focus toward stealth, reconnaissance, and lateral movement. Cloud platforms such as Microsoft Azure and Dynamics 365 saw critical vulnerabilities spike from 4 to 37, highlighting escalating risks in identity and access management (IAM) and control planes. On endpoints and servers, Windows Server vulnerabilities increased to 780, with 50 classified as critical, while Microsoft Office vulnerabilities surged 234% year-over-year, rising to 157 total and 31 critical vulnerabilities, reflecting broader exploitation of productivity software for initial access.

Industry-wide adoption of AI-driven vulnerability remediation reshaping secure-by-design software requirements under EU CRA

Updated: · First: 19.05.2026 15:30 · 📰 1 src / 1 articles

The EU’s Cyber Resilience Act (CRA), now in force and set to apply obligations from December 2027, is being interpreted as requiring organizations to adopt AI-powered vulnerability scanning and remediation as part of security-by-design and security-by-default practices. ENISA’s chief cybersecurity officer stated that AI tools such as Claude Mythos and OpenAI’s CPT5.4-Cyber now enable enterprises to detect and fix software vulnerabilities at unprecedented scale, eliminating claims of unawareness. The CRA mandates reporting obligations starting September 2026, and ENISA emphasizes that failure to proactively secure software may result in litigation and business penalties. Industry leaders warn that organizations not integrating AI into vulnerability management risk operational and legal exposure as adversaries exploit unpatched flaws.

Upcoming webinar on automating and coordinating network incident response workflows

Updated: 19.05.2026 15:14 · First: 12.05.2026 22:46 · 📰 2 src / 2 articles

A live webinar scheduled for June 2, 2026, will address systemic gaps in network incident response workflows that exacerbate incident escalation despite existing monitoring and security tooling. The session, titled "From alert to resolution: Fixing the gaps in network incident response," is hosted by BleepingComputer in partnership with Tines and will be presented by Edgar Ortiz, a Solutions Engineering Leader and Computer Scientist at Tines. It highlights how reliance on manual triage, alert routing, and coordination across disparate systems—rather than visibility limitations—drives incident escalation and service disruption during high-pressure scenarios.

Surge in mobile application attacks driven by agentic AI capabilities

Updated: · First: 19.05.2026 15:00 · 📰 1 src / 1 articles

Threat actors are leveraging agentic AI to significantly accelerate attacks against customer-facing mobile applications, reducing the time, skill, and cost barriers required to compromise targets. In 2026, 87% of monitored applications across sectors such as financial services, healthcare, automotive, and telecommunications faced attacks, up from 55% in 2022, correlating with the proliferation of AI models post-ChatGPT. The rise in AI-assisted reverse engineering and automated exploit generation has narrowed the attack gap between iOS and Android platforms, with iOS attacks surging to 86% in 2026 from roughly half the volume of Android attacks in 2023. Applications are now compromised within hours of appearing in online stores, posing challenges for security teams as these apps often reside on uncontrolled employee devices.

B1ack’s Stash marketplace releases 4.6 million stolen credit card records in response to policy violations

Updated: · First: 19.05.2026 14:59 · 📰 1 src / 1 articles

The B1ack’s Stash dark web carding marketplace released 4.6 million stolen credit card records for free after sellers violated platform policies by reselling card data purchased from the marketplace on competing platforms. The data dump includes full card numbers, expiration dates, CVV2 codes, cardholder names, billing addresses, email addresses, phone numbers, and IP addresses, likely originating from e-skimming or phishing operations. Approximately 70% of the cards are from the US, with additional records from Canada, the UK, France, and Malaysia. The release is part of a recurring pattern by B1ack’s Stash to distribute stolen card data for free to attract users and expand its market presence.