INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
More than 200 individuals were arrested for cybercrime activities during INTERPOL's Operation Ramz, which focused on the Middle East and North Africa. [...]
More than 200 individuals were arrested for cybercrime activities during INTERPOL's Operation Ramz, which focused on the Middle East and North Africa. [...]
CVE-2026-42897 stems from a cross-site scripting (XSS) vulnerability and can allow an attacker to compromise Outlook Web Access (OWA) mailboxes.
A new variant of the 'SHub' macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor. [...]
The now patched vulnerabilities in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and maintain persistence.
Modern OSINT platforms rely more on AI and automation, while older social tracking methods keep losing access due to privacy and API restrictions.
The release of Shai-Hulud source code spells trouble for software developers as researchers worry the self-replicating worm could scale.
The newly discovered Reaper malware bypasses Apple's macOS Tahoe 26.4 security updates to steal passwords, crypto assets, and install a permanent backdoor.
The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend. [...]
INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects. The initiative involved the efforts of 13 countries from the region between October 2025 …
Security experts have long warned that insecure automatic tank gauge (ATG) systems exposed on the Internet can be tampered with by threat actors.
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The pattern is clear. One …
Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. [...]
A campaign linked to a suspected Malaysian government operation has been using hidden command and control infrastructure for…
AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentially flawed AI-generated code, forcing defenders to adapt accordingly.
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks that leave teams unsure what was exposed, who else was targeted, and how far the…
New York, USA, 18th May 2026, CyberNewswire
Pesquisadores divulgaram um conjunto de quatro vulnerabilidades no OpenClaw que podem ser encadeadas para roubo de dados, escalada de privilégios e persistência em sistemas onde o agente de IA está instalado. As falhas foram agrupadas sob o nome Claw Chain e afetam principalmente…
O grupo Turla, associado à Rússia, evoluiu o backdoor Kazuar para uma botnet modular com comunicação peer-to-peer, projetada para manter acesso furtivo e persistente em sistemas comprometidos. A mudança foi detalhada pela Microsoft em uma nova análise de inteligência de ameaças. …
Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets …
The Gentlemen ransomware gang suffered an internal breach in May 2026, exposing victim data, affiliate activity, and backend operations.