Aggregator

Kernel Privilege Escalation Has One Linux Maintainer Contemplating a 'Kill Switch'
Back-to-back kernel vulnerabilities in Linux has defenders scrambling to apply defenses in the age of quick turnaround time for hackers to exploit nascent flaws. "Dirty Frag" and "Copy Fail" kernel privilege escalation vulnerabilities became public knowledge within two weeks of each other.

Malicious npm Package Lets Attackers Capture Refreshed Tokens
A researcher has mapped a five-step attack on Claude Code that intercepts the credentials giving AI agents access to Jira, GitHub and Confluence, and demonstrated that the standard incident response move, rotating the stolen token, hands the attacker a fresh one.

Latest Mini Shai-Hulud Worm Steals Credentials, Includes Wiper, Now Open Source
A new Shai-Hulud variant has infected multiple npm repositories and jumped to other widely used JavaScript and Python packages. Designed to rapidly propagate, the worm steals over 100 different types of credentials and can wipe systems, including if developers try to delete it.

A Live Panel Discussion with CyberEdBoard and Fortinet
Secure Access Service Edge is entering mainstream adoption. Enterprises are shifting from point solutions to platforms. And AI is now at the core of SASE.

Court documents said Dream Market was launched in 2013 by Owe Martin Andresen and others before becoming one of the biggest criminal marketplaces online.

Microsoft’s May 2026 Patch Tuesday fixed 138 flaws, including 30 critical bugs, across Windows, Office, Azure, Edge, SQL Server, and more. Microsoft’s May 2026 Patch Tuesday patched 138 vulnerabilities in a single release. That is a number that gives pause even for people accustomed to these cycles. The affected products span virtually the entire Microsoft […]

Name: RAMunchers CTF (an RAMunchers CTF event.)
Date: May 10, 2026, 8 a.m. — 13 May 2026, 15:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.ramunchers.com/
Rating weight: 23.30
Event organizers: R0073R5

Informa TechTarget's flagship cybersecurity media brand launches a special content series to mark two decades as a trusted source for cybersecurity professionals.

In January 2026, telehealth infrastructure firm OpenLoop Health suffered a security breach that exposed information of 716,000 people. OpenLoop Health confirmed a January 2026 cyberattack that exposed personal information of 716,000 individuals using its telehealth services. The breach was reported to authorities in March, but the full scope was only recently determined. Threat actors exfiltrated […]

As fake identity fraud is projected to cause $40 billion in losses next year, leaders must abandon static security in favor of rapid-iteration, AI-enabled defenses that adapt in days, not months.

The post Weaponized AI: The new frontier of fraud and identity spoofing appeared first on CyberScoop.

Ученые показали, почему человек может видеть предмет каждый день, но не понимать, как предмет устроен.

SentinelOne’s latest report examines the evolving 'secrets' threatscape, showing how modern cloud and AI infrastructures are being exploited.