Torrance, United States / California, 19th May 2026, CyberNewswire
Global Security News
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
Microsoft’s total vulnerability count stayed steady in 2025, but critical flaws surged year over year. BeyondTrust breaks down why attackers are increasingly focused on privilege escalation and identity abuse. […]
AI, Compliance, Endpoint, Global Security News
PDQ Targets MSP Workflows with Connect Platform Upgrade
Salt Lake City-based IT management firm PDQ announced today a massive upgrade to its PDQ Connect platform tailored specifically for managed service providers (MSPs). PDQ Connect adds multitenant management The update introduces a highly requested multitenant architecture and centralized user management system. Instead of constantly logging in and out of disconnected systems to check on…
AI, Data Breaches, Global Security News
Looking Back, Looking Forward: Digesting a Dynamic Bouillabaisse of Cyber Evolution
Dark Reading editors reflect on two decades of dramatic change — from perimeter defense to assume-breach strategies — and warn that while AI, cloud, and COVID-19 have transformed the threat landscape, organizations are still failing at fundamental security hygiene that could stop sophisticated attacks in their tracks.
AI, Data Security, Endpoint, Global Security News, Network Security, Risk Management
Cato Networks Adds Cyera DSPM Integration to XOps
Cato Networks has integrated Cyera’s Data Security Posture Management capabilities into Cato XOps, giving enterprise security teams more context around sensitive data when detecting, investigating, and responding to threats. The integration, announced May 19, embeds Cyera’s data intelligence into Cato XOps, Cato’s combined XDR and AIOps solution. The companies said the goal is to help…
AI, Global Security News
PureLogs infostealer is stealing credentials worldwide
A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered. The attack The attack starts with a phishing email containing a TXZ archive and using an invoice-themed lure to pressure the victim into opening it quickly: The phishing email carrying…
AI, Global Security News, Network Security
Selector extends AI-driven observability into multi-cloud environments
Selector has announced the expansion of its platform with AI-powered multi-cloud observability capabilities. The extension of Selector’s AI-driven observability approach into multi-cloud environments enables organizations to correlate signals across the full hybrid path. By unifying rich telemetry data from cloud, network, and infrastructure into a shared intelligence layer, Selector gives teams a more complete, actionable…
Global Security News
Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report
New York, United States, 19th May 2026, CyberNewswire
Global Security News
WantToCry ransomware remotely encrypts files
AI, Global Security News, Network Security, Risk Management
GoTo Launches Connect CX Complete and LogMeIn AI Updates
Cloud communications and IT organization GoTo has announced two new products: the launch of a new AI-powered offering called GoTo Connect CX Complete and a series of new features for its LogMeIn Resolve and LogMeIn Rescue solutions. These announcements coincide with the company’s publication of its latest industry research on the IT workplace amid the…
AI, Apps, Compliance, Global Security News, privacy, Risk Management
TrustedTech: Executives Drive Shadow AI Risk in Enterprises
TrustedTech has released new research indicating that senior leaders are among the biggest sources of shadow AI risk within organizations, with executives using unapproved AI tools at significantly higher rates than lower-level employees. The Irvine, California-based Microsoft cloud solutions and IT modernization provider said its global and U.S. data points to a growing gap between…
AI, Apps, Global Security News, malware
Internet Explorer may be dead, but its ghost still runs malware
Microsoft’s aging “mshta.exe” utility, a leftover component from Internet Explorer, is still being actively abused in modern malware campaigns years after the browser itself was retired. According to new research from Bitdefender, attackers continue to abuse Microsoft HTML Application Host (MSHTA), a built-in Windows utility capable of executing VBScript and JavaScript from local or remote…
AI, Apps, Global Security News
LaunchDarkly adds real-time controls for AI agents in production
LaunchDarkly has launched AgentControl, a new solution that gives software teams real-time control over AI agents in production. With AgentControl, teams can change how an agent behaves at runtime without redeploying the underlying application. As AI agents move into production, engineering teams need new ways to manage configuration, quality, and runtime behavior. Unlike traditional code,…
AI, Europe, Global Security News
Canonical ships Ubuntu Core 26 with 15 years of security maintenance
Operators of industrial sensors, edge AI controllers, and connected medical equipment now have a refreshed long-term Linux option for fleets that must stay patched for more than a decade. Canonical released Ubuntu Core 26, the latest long-term supported version of its minimal, immutable operating system, with security maintenance lasting up to 15 years. The release…
AI, Global Security News
New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain
A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser data, password managers, and cryptocurrency wallets while establishing persistence for continued access, SentinelOne found. ClickFix gives way to a new delivery method Consistent with earlier SHub versions, Reaper uses a multi-stage execution chain.…
AI, Global Security News
AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software
AI-powered vulnerability scanning leaves no excuse for unpatched bugs as the EU Cyber Resilience Act pushes firms toward secure-by-design software
AI, Global Security News, Network Security
Webinar: The hidden bottlenecks in network incident response
IT teams are increasingly overwhelmed by alerts from disconnected systems, forcing responders to manually coordinate investigations during network incidents. This webinar explores how automation and AI-assisted workflows can help reduce response delays and improve operational coordination. […]
Global Security News
The end of unencrypted Discord calls is here
Discord has protected voice and video calls in DMs, group DMs, voice channels, and Go Live streams with end-to-end encryption (E2EE) by default. The company began experimenting with E2EE for voice and video in 2023, starting a long-term effort. End-to-end encryption allows only participants in a call to access its content, while Discord does not…
AI, Global Security News
Agentic AI Accelerates Software Builds and Mobile App Attacks
Digital.ai data reveals 87% of apps were attacked over the past year
Global Security News
The New Phishing Click: How OAuth Consent Bypasses MFA
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries. The targets of the platform received a message asking them to enter a short code at microsoft.com/devicelogin and complete their normal MFA challenge, then walked away believing they had…
AI, Global Security News, Network Security
Microsoft confirms patching issues in restricted Windows networks
Microsoft says customers in restricted network environments may encounter Windows Update failures after installing the January 2026 optional non-security preview updates. […]
AI, Apps, Global Security News
How Apple turned circular manufacturing into a competitive edge
Apple is realizing real business benefits as it builds a circular manufacturing process across the company. Manufactured using recycled materials and renewable energy, the popular new MacBook Neo is a great illustration of this. Apple says the Neo is manufactured using 45% renewable electricity and holds 60% recycled materials by weight. That recycling includes 90% recycled aluminium and 100%…
AI, APAC, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management
Top 5 Phishing-Driven Social Engineering Attacks on Companies in 2026
Your employees are not falling for “bad grammar” phishing anymore. They are being pulled into fake Microsoft logins, banking pages, AI tool instructions, real OAuth flows, and event invitations that look close enough to daily work to pass without alarm. For CISOs, that is the real social engineering problem in 2026: attacks are no longer…
AI, Exploits, Global Security News
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
Drupal has issued an alert stating that it intends to release a “core security release” for all supported branches on May 20, 2026, from 5-9 p.m. UTC. “The Drupal Security Team urges you to reserve time for core updates at that time because exploits might be developed within hours or days,” the maintainers of the…
Global Security News
Hosting Service Standards That Define High-Performing Agencies
There’s a quiet pattern among the agencies that consistently outperform their competitors. Their client retention rates are higher.…
Exploits, Global Security News
Hackers Actively Exploit ‘Nginx Rift’ Vulnerability Affecting NGINX, F5 Products
Hackers are actively exploiting the Nginx Rift vulnerability affecting NGINX and F5 products, exposing servers to denial-of-service attacks.
AI, Global Security News
The Art of War, Elon Musk Edition: How to Lose a Lawsuit and Still Claim Victory
Sam Altman’s high-profile courtroom win comes at a cost for the OpenAI CEO.
AI, Exploits, Global Security News, Network Security
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance. “These vulnerabilities could have been exploited to read all mail traffic or as an entry vector into the…
Data Breaches, Global Security News
Grafana Labs Confirms Hackers Stole Source Code
Open source tool maker Grafana says hackers stole codebase via GitHub breach
AI, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Risk Management
7 tips for accelerating cyber incident recovery
Despite strong and redundant defenses, enterprises remain vulnerable to a wide range of cyberattacks. And because attacks — and cyber incidents — are inevitable, developing an incident response and recovery process that’s quick, comprehensive, and coordinated is essential. Expediting incident recovery time is critical because the longer an outage persists, the more costs, risk, and business…
Global Security News
The quest for greater tech independence
A complete decoupling from US technology is neither realistic nor necessary, but the changing environment does require nations and companies to reassess their relationships and dependencies
AI, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia
Poland shifts away from Signal following cyberattacks on officials’ accounts
Poland told officials to stop using the popular instant messaging app Signal after cyberattacks targeted government accounts. Poland has instructed government officials to stop using Signal for sensitive communications and move to a state-developed alternative. The decision follows repeated cyberattacks targeting Signal accounts belonging to politicians, military personnel, and public servants. Officials believe the campaigns…
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects
INTERPOL led Operation Ramz in MENA, resulting in 201 arrests and 382 suspects tied to cybercrime networks. INTERPOL coordinated Operation Ramz across the Middle East and North Africa, leading to 201 arrests and identifying 382 additional suspects. ” A first-of-its-kind cybercrime operation in the MENA region has led to the arrest of 201 individuals, with a…
Global Security News
Hackers Bypass Security Tools to Target Users Directly
Bridewell report calls out emergence of “fix-style” attacks
AI, Cybersecurity, Global Security News
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code editors like VS Code, Cursor, and JetBrains. The VS Code extension has more than 2.2…
AI, Global Security News, Network Security
Babel Street targets AI-driven threats with new agentic investigation capabilities
Babel Street has launched Insights Investigator, a new agentic capability that puts tradecraft-trained AI agents at the front edge of investigative work while ensuring analysts remain in control of scope, logic, and outcomes of their missions. As part of the Babel Street Insights platform, Investigator represents a shift from search and AI-assisted queries to analyst-directed,…
AI, Exploits, Global Security News, Risk Management
iProov brings identity verification to video meetings to reduce fraud risks
iProov has launched iProov Verified Meetings, a new solution that enables organizations to verify the identity of video call participants without adding friction to the user experience. Video meetings have become a trusted and scalable communication channel, but attackers are increasingly exploiting them through AI-generated deepfake and injection attacks, creating new fraud risks. Verified Meetings…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management
Shai-Hulud worm copycats emerge after source code leak
Shai-Hulud worm copycats are already attacking NPM developers after its source code leaked, enabling fast supply chain exploitation. The first copycats of the Shai-Hulud worm have already started showing up online, only a few days after the malware’s source code was dumped on GitHub. Researchers had warned this would happen almost immediately, and they were…
AI, Global Security News
Egnyte unveils Email Capture and AI features to unify fragmented data
Egnyte has announced a new set of capabilities designed to consolidate fragmented knowledge. Email Capture centralizes critical communications and attachments from siloed inboxes into the Egnyte folder structure, assisting users to make more informed data-driven decisions based on their entire knowledge base. Egnyte is also launching a set of AI-driven integrations and capabilities specifically designed…
AI, Apps, Europe, Global Security News, Risk Management
Why ‘open AI’ models are gaining ground on LLMs
While proprietary AI models such as OpenAI’s ChatGPT and Google Gemini remain popular, the tide may be shifting to open models as IT leaders move to customize AI and control costs. Sometimes known as “open-weight models,” the alternatives to large language models (LLMs) can provide decision-makers with better visibility and control over internal AI use,…
AI, Global Security News
Public Instagram posts provide raw material for AI phishing campaigns
A handful of public Instagram posts can give attackers enough material to generate convincing phishing emails with GenAI. Research from the University of Texas at Arlington and Louisiana State University showed how public social media activity can be turned into phishing messages that appear personal and credible to human recipients. Attack pipeline overview (Source: Research…
AI, Global Security News
GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server. “Every existing tag in the repository has been moved to point to an imposter commit that does not appear in the action’s normal…
Apps, Global Security News
Earbud sensors can authenticate users by their heartbeat, study finds
Researchers built a continuous authentication system called AccLock that identifies a wearer by the tiny vibrations a heartbeat makes inside the ear canal. The signal comes from an accelerometer of the kind already sitting inside many wireless earbuds, so no extra hardware is needed. The point is to keep verifying that the person wearing the…
AI, APAC, Cybersecurity, Global Security News
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave. “The attack affects packages tied to the npm maintainer account atool, including echarts-for-react, a widely used React wrapper for Apache ECharts with roughly 1.1…
AI, Compliance, Global Security News
AI infrastructure is cracking under sovereignty demands
AI deployments are moving into environments with tighter controls around data, infrastructure, and system operations. Organizations are building AI systems across multiple providers, platforms, and computing environments while managing governance, security, and compliance obligations within defined boundaries. NTT DATA’s 2026 Global AI Report A Playbook for Private and Sovereign AI examined these conditions in more…
AI, Compliance, Cybersecurity, Global Security News, Risk Management
Cybersecurity jobs available right now: May 19, 2026
CISO DataFence | Israel | Hybrid – View job details As a CISO, you will develop security roadmaps, compliance plans, risk registers, policies, and control implementation plans while leading audit and regulatory compliance activities. You will manage client projects from planning through delivery, conduct risk assessments, gap analyses, internal audits, and security maturity reviews, and…
Global Security News
ISC Stormcast For Tuesday, May 19th, 2026 https://isc.sans.edu/podcastdetail/9936, (Tue, May 19th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Global Security News
The American Rebellion Against AI Is Gaining Steam
Booed commencement speakers, blocked data centers, plummeting poll numbers: The fast-growing industry has a faster-growing crisis.
AI, Global Security News, malware
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
In this blog entry, researchers from the TrendAI™ MDR team discuss how they mapped the full end-to-end operation of SHADOW-WATER-063’s Banana RAT banking malware by analyzing server-side artifacts and victim-side data.
Global Security News
Google and Blackstone to Create New AI Cloud Company
The duo plans to launch the unnamed U.S. company with $5 billion in equity capital from Blackstone, which will be the majority owner, according to people familiar with the matter.
Global Security News
INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
More than 200 individuals were arrested for cybercrime activities during INTERPOL’s Operation Ramz, which focused on the Middle East and North Africa. […]
AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management
Are Attackers Hiding Inside Your Network Traffic?
I believe one of the important shifts in cybersecurity over the past several years is how attackers are hiding in plain sight. According to the 2026 IP Intelligence Study released by Spur Intelligence, anonymizing infrastructure, such as virtual private networks (VPNs) and residential proxies, are now involved in nearly every modern cyberattack. These tools allow…
AI, Global Security News, Risk Management
Is 2026 the Year AI Bills of Materials Get Real?
Understanding AI BOMs and where they fit into risk management for artificial intelligence.
AI, Global Security News
Microsoft Exchange Zero-Day Under Attack, No Patch Available
CVE-2026-42897 stems from a cross-site scripting (XSS) vulnerability and can allow an attacker to compromise Outlook Web Access (OWA) mailboxes.
Global Security News
SHub macOS infostealer variant spoofs Apple security updates
A new variant of the ‘SHub’ macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor. […]
Global Security News
Contractor Dies at SpaceX’s Starbase Facility in Texas
Workplace accident came days before the Elon Musk-led company plans to launch a new version of its Starship rocket.
AI, Global Security News, Network Security
Dell Set to Make Partner Program Enhancements
Dell Technologies is introducing new enhancements to Dell’s partner program, including rebates and incentives aligned to strategic solutions and customer outcomes. Dell aligns partner incentives to customer outcomes across the portfolio These enhancements are launching in August 2026 and are built around rewarding the outcomes customers expect. “We’re announcing pretty significant enhancements to our program,”…
AI, Global Security News
‘Claw Chain’ Vulnerabilities Threaten OpenClaw Deployments
The now patched vulnerabilities in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and maintain persistence.
AI, Cybersecurity, Endpoint, Global Security News, Government & Policy, Network Security
CISA Admin Leaked AWS GovCloud Keys on Github
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and…
AI, Cybersecurity, Exploits, Global Security News
AI might cut false positives, but it won’t stop the slop
As defenders get their hands on newer AI models with more powerful cybersecurity capabilities like Anthropic’s Mythos and OpenAI’s Daybreak, organizations are being told to prepare for a flood of new vulnerability reports. But for bug bounty programs across the nation, that day may already be here, as yesterday’s frontier models and today’s open-source AI…
AI, Cybersecurity, Global Security News, Network Security
Cisco Trims Workforce as AI Demand Drives Record Revenue
Even with record quarterly revenue, Cisco is axing jobs again. The company said it will eliminate “fewer than 4,000 roles,” representing less than 5% of its workforce, as it reorganizes around AI. That comes as revenue climbed to $15.8 billion, up 12% year over year and ahead of expectations The timing may feel counterintuitive, but…
AI, APAC, Cybersecurity, Endpoint, Global Security News, Risk Management
Microsoft May security patch fails for some due to boot partition size glitch
“Something didn’t go as planned. Undoing changes.” That’s all the clue some Windows 11 users will get when Microsoft’s May Security Update fails to install because of insufficient free space on the EFI System Partition (ESP), leaving their systems unprotected by the dozens of patches it contained. This issue affects devices with limited free space…
AI, Data Security, Global Security News, Risk Management
Nasuni Report Finds AI Agent Adoption Outpacing Readiness
Enterprise adoption of AI agents is accelerating, but many organizations are struggling to turn pilots into measurable outcomes, according to new research from Nasuni. Nasuni’s State of Enterprise File Data Annual Report 2026 found that 97% of organizations have deployed or are piloting AI agents, while 57% of AI projects are not meeting their stated…
AI, Global Security News, privacy
10 Top OSINT Tools Every Investigator Should Know in 2026
Modern OSINT platforms rely more on AI and automation, while older social tracking methods keep losing access due to privacy and API restrictions.
AI, APAC, Cybersecurity, Endpoint, Global Security News, Risk Management
Microsoft May security patch fails for some due to boot partition size glitch
“Something didn’t go as planned. Undoing changes.” That’s all the clue some Windows 11 users will get when Microsoft’s May Security Update fails to install because of insufficient free space on the EFI System Partition (ESP), leaving their systems unprotected by the dozens of patches it contained. This issue affects devices with limited free space…
AI, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, privacy, Risk Management
TeamPCP Supply Chain Campaign: Activity Through 2026-05-17, (Mon, May 18th)
Since the last update, the TeamPCP supply chain campaign produced its loudest stretch since the March Trivy disclosure: an officially confirmed Checkmarx Jenkins plugin compromise and a new self-spreading Mini Shai-Hulud worm across npm and PyPI. Bottom line up front Two TeamPCP events broke within 48 hours of each other and doubled attention on the campaign.…
AI, Global Security News
Shai-Hulud Worm Clones Spread After Code Release
The release of Shai-Hulud source code spells trouble for software developers as researchers worry the self-replicating worm could scale.
Global Security News, Risk Management
PCI SSC Publishes PCI PTS HSM v5.0
The PCI Security Standards Council (PCI SSC) has published a major revision to the PCI PIN Transaction Security (PTS) Hardware Security Module (HSM) Modular Security Requirements from version 4.0 to version 5.0. This update represents a significant evolution in HSM security, addressing modern cryptographic practices, cloud and multi-tenant deployments, and emerging threats such as post-quantum…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
OpenClaw Vulnerabilities Could Enable Full AI Agent Takeover
Researchers at Cyera disclosed four chainable vulnerabilities in OpenClaw, collectively named Claw Chain, that could allow attackers to escape AI agent sandboxes, steal credentials, escalate privileges, and establish persistent access across enterprise environments. The findings raise broader concerns about the security risks surrounding autonomous AI agent platforms. “Each step looks like normal agent behavior to…
AI, Exploits, Global Security News, malware
Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa
Interpol coordinated an expansive investigation with 13 countries in the Middle East and North Africa to disrupt and take down cybercrime operations, including phishing services and tools, malware and scams. The law enforcement effort netted 201 arrests, led to the seizure of 53 servers and disrupted multiple cybercrime services, Interpol said Monday. Operation Ramz, which…
AI, Apps, Cybersecurity, Data Breaches, Global Security News, Risk Management
Grafana confirms GitHub token breach cybercrime group claims the attack
Grafana confirmed a GitHub token breach that exposed source code, but said no customer data or systems were affected. Grafana Labs confirmed a security incident after the extortion group Coinbase Cartel listed it on a leak site and claimed data theft on May 15. The breach was triggered by a compromised token that gave attackers…
AI, Global Security News
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
Many employees already use shadow AI tools at work without security review. Adaptive Security breaks down how teams can build practical AI governance without adding friction for employees. […]
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
Device Code Phishing Targets Microsoft 365 Users
Cybercriminals are adopting device code phishing as a new way to bypass traditional phishing defenses and compromise enterprise Microsoft 365 accounts. According to Proofpoint, threat actors are abusing legitimate Microsoft authentication workflows to steal authentication tokens without using traditional phishing pages. “The spike in device code phishing coincides with publicly released criminal toolkits, and the…
AI, Global Security News
Jury Sides With OpenAI, Finds Musk Brought Claim After Statute of Limitations
The verdict concludes a trial that lasted more than three weeks, clearing the way for OpenAI to IPO.
Global Security News, malware
New Reaper Malware Uses Fake Microsoft Domain to Steal macOS Passwords
The newly discovered Reaper malware bypasses Apple’s macOS Tahoe 26.4 security updates to steal passwords, crypto assets, and install a permanent backdoor.
AI, Global Security News
AI is drowning software maintainers in junk security reports
AI-assisted vulnerability research has exploded, unleashing a firehose of low-quality reports on overworked software maintainers who are wasting hours sifting through noise instead of fixing real problems. Linus Torvalds, the Linux kernel’s creator, says the flood has made the project’s security mailing list “almost entirely unmanageable, with enormous duplication due to different people finding the…
AI, Global Security News, malware
Leaked Shai-Hulud malware fuels new npm infostealer campaign
The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend. […]
AI, Global Security News
Game over for 74 suspected scammers after Dutch cops plastered their faces on billboards
The Dutch police’s Game Over?! campaign, which publicly displays images of suspected fraudsters to encourage self-surrenders and gather public tips, is proving successful, with the identities of 74 of the 100 suspects shown already identified. A digital display promoting the Dutch police’s Game Over?! campaign (Source: Politie) Launched in March 2026, the campaign displays blurred…
AI, Global Security News
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects. The initiative involved the efforts of 13 countries from the region between October 2025 and February 2026, aiming to investigate and neutralize malicious infrastructure, arrest perpetrators behind…
AI, Apps, Global Security News, Network Security, Risk Management
Dell Unveils Portfolio Advancements to Simplify AI Adoption
During Dell Technologies World 2026, Dell unveiled more than 60 portfolio advancements to simplify AI adoption and modernize the data center. Dell AI innovations to scale new capabilities in data and agent adoption To help address the gap between AI ambition and AI outcomes, Dell has introduced new agentic AI capabilities, AI-ready data, next-generation infrastructure,…
AI, APAC, Compliance, Cybersecurity, Data Breaches, Global Security News, Risk Management
MY TAKE: AI agents force a rethink of enterprise service lines as vendors move up the tech tack
ORLANDO — Companies are pulling AI agents into their daily operations through a dozen side doors. Related: SaaS and AI agents converge One of them was in focus at KB4-CON, KnowBe4’s annual customer conference at the Marriott World Center here last week. The Clearwater, Fla.-based cybersecurity training vendor used the conference to lay out a…
AI, Exploits, Global Security News, Government & Policy, Risk Management
AI cyberattackers are getting better faster
The ability of AI models to perform end-to-end, multi-stage penetration tests that match the capabilities of humans undertaking the same tasks has improved dramatically in recent months, according to new benchmarks published by the UK government’s AI Security Institute (AISI). In November 2025, the difficulty of cyber tasks the best models could complete was doubling…
AI, Cloud Security, Compliance, Data Security, Global Security News, Network Security, privacy, Risk Management
Secure, Fast, Reliable: The Best Cloud Storage Providers for Businesses in 2026
This guide is for IT leaders, business owners, and operations teams looking to improve data security, collaboration, and file management in 2026. It covers the best cloud storage providers for businesses and the key features to consider when selecting a secure, scalable, and reliable storage solution. Key Points of Our 2026 Cloud Storage Provider Evaluation…
Global Security News
Amazon Web Services CEO Pushes Back on AI Job Apocalypse Warnings
Watch as the cloud-computing executive shows off Amazon’s custom chips.
AI, Global Security News
The Tech Bros Are Going to Etiquette School
Founders who built their names on coding and hard-charging leadership are learning that in the AI era, soft skills matter more than ever.
AI, APAC, Apps, Compliance, Endpoint, Global Security News, Network Security, privacy, Risk Management
The 6 Best Enterprise Password Managers You’ll Actually Trust in 2026
This guide is for IT leaders, security teams, and business decision-makers looking to improve credential security and reduce password-related risks in 2026. It covers the best enterprise password managers, their standout features, and the key factors to evaluate when choosing the right solution for your organization. Key Points About Enterprise Password Managers in 2026 Enterprise…
Global Security News
Fuel Tank Breaches Expand Scope of Iran’s Cyber Offensive
Security experts have long warned that insecure automatic tank gauge (ATG) systems exposed on the Internet can be tampered with by threat actors.
Compliance, Cybersecurity, Global Security News
10 Tips for Phrasing Employee Feedback in Reviews
Performance reviews inside cybersecurity teams carry unusually high stakes. Security analysts, incident responders, IT administrators, and compliance staff…
Global Security News
Interpol Launches Sweeping Cybercrime Crackdown in MENA Region
Over 200 people were arrested in an anti-cybercrime operation that spanned 13 countries across the Middle East and North Africa
AI, Global Security News, Network Security
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The pattern is clear. One weak dependency can leak keys. One leaked…
AI, Apps, Data Breaches, Europe, Global Security News
ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed
7-Eleven confirmed a breach after ShinyHunters claimed theft of over 600,000 Salesforce records and franchisee data. 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed it stole more than 600,000 Salesforce records containing personal and corporate information. “Over 600k Salesforce records containing PII and other internal corporate data have been compromised.” The…
Data Breaches, Global Security News
Grafana says stolen GitHub token let hackers steal codebase
Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. […]
AI, Global Security News, Government & Policy
Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign
A campaign linked to a suspected Malaysian government operation has been using hidden command and control infrastructure for…
AI, Global Security News
Microsoft to retire ‘Together Mode,’ its virtual meeting space for Teams
Microsoft plans to retire “Together Mode” in Teams next month and is encouraging users to access its Gallery view for video calls instead. The company launched Together Mode in the early months of the Covid-19 pandemic, as Teams usage rocketed and businesses sought ways to connect staff when physical offices closed due to social distancing…
Europe, Global Security News
The Infosecurity Europe Cyber Startup Competition: Meet the Finalists
New for 2026, the Infosecurity Europe Startup competition will see five finalists pitch their ideas in front of a live audience, including senior industry leaders, investors and buyers
Exploits, Global Security News
Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
A critical NGINX vulnerability (CVE-2026-42945) disclosed last week is being exploited by attackers, VulnCheck security researcher Patrick Garrity revealed on Saturday. The vulnerability, dubbed NGINX Rift, can be reliably exploited to trigger a denial-of-service condition and can potentially allow for unauthenticated remote code execution, all achievable by sending a specially crafted HTTP request to a…
AI, Cybersecurity, Global Security News
Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq
A hotel check-in system exposed over 1 million passports, IDs, and selfies online due to a misconfigured cloud storage bucket. A security lapse in the Reqrea’s Tabiq hotel check-in system exposed over 1 million passports, driver’s licenses, and selfie verification photos online. The issue came from a misconfigured Amazon cloud storage bucket that was left…
AI, Global Security News
Startup Makes Switching AI Chips Easier—and Nvidia Is a New Investor
Decart’s valuation hit nearly $4 billion as investors pour capital into startups making AI computing more efficient.
AI, Global Security News, Risk Management
How to Reduce Phishing Exposure Before It Turns into Business Disruption
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks that leave teams unsure what was exposed, who else was targeted, and how far the risk has spread. Early phishing detection…
AI, Exploits, Global Security News
The Boring Stuff is Dangerous Now
AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentially flawed AI-generated code, forcing defenders to adapt accordingly.