Latin American Cybercriminals Hoover Up Government Data
A purported leak exposing 5.8 million records of Uruguayan citizens is the latest incident where cybercriminals targeted government agencies to monetize citizen data.
Aggregator
Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links
3 days 7 hours ago
Hackers are finding new ways to trick people into downloading malware, and this time, they are hiding behind tools many of us have come to trust. A newly uncovered cryptojacking campaign is abusing AI chatbot interactions to steer unsuspecting users toward malicious software download sites. The threat is quiet, convincing, and surprisingly easy for anyone […]
The post Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links appeared first on Cyber Security News.
Tushar Subhra Dutta
Стандарт ещё не принят, а железо уже готово. Broadcom представила чипсеты Wi-Fi 8 раньше, чем комитет дописал спецификацию
3 days 7 hours ago
Новое поколение не обещает новых рекордов в скорости, а вот меньше раздражающих сбоев — вполне.
AI-Assisted Exploit Development Outpaces Scanner Detection
3 days 7 hours ago
Attackers are using AI to dramatically reduce the time they need to develop a working exploit for a CVE, according to new research.
Elizabeth Montalbano
Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
3 days 7 hours ago
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively.
That's according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as well as mobile users in Brazil.
The
The Hacker News
Hitachi security advisory (AV26-511)
3 days 7 hours ago
Canadian Centre for Cyber Security
Mexican Civil Protection Training Portal Hit by Alleged Admin Compromise & Credential Leak
3 days 7 hours ago
A threat actor using the alias azazeljakel claims to have gained administrator access to preparados.gob.mx, a training portal of Mexico's Coordinación Nacional de Protección Civil (Civil Protection authority), and to have exfiltrated the user list.
Dark Web Informer
我在韩先楚身边的日子
3 days 7 hours ago
他回忆同他搭过班子的政治委员时说:“袁升平为人品德很好。政治工作经验丰富,平易近人。我们合作很好。”紧接着他自我总结分析说:“我就是与叶飞没合作好。”
SecWiki News 2026-05-27 Review
3 days 7 hours ago
今日暂未更新资讯~
更多最新文章,请访问SecWiki
更多最新文章,请访问SecWiki
M3RX
3 days 7 hours ago
You must login to view this content
cohenido
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
3 days 8 hours ago
Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities.
According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated directory used by Anthropic's Claude artificial intelligence (AI) tool to handle uploads and outputs in the background. The
The Hacker News
Rudd orders Cyber Command reviews as Pentagon presses reform agenda
3 days 8 hours ago
Army Gen. Joshua Rudd, who took the twin-leadership reins of Cyber Command and the NSA in March, recently tapped MITRE to conduct a potentially wide-ranging review into the organization, according to three people familiar with the matter.
《巫师3》将于明年推出新资料片《旧时曲》
3 days 8 hours ago
CD PROJEKT RED 宣布《巫师3》的第三部资料片《旧时曲(Songs of the Past)》将于明年推出。《巫师3:狂猎》于 2015 年 5 月发布,2015 年 10 月与 2016 年 6 月分别发布了两个资料片《石之心》和《血与酒》。《巫师3》饱受赞誉,至今销量逾 6000 万份,是史上最畅销的游戏之一。《旧时曲》由 CD PROJEKT RED 与 Fool’s Theory 联合开发,Fool’s Theory 由之前参与《巫师》系列的前 CD PROJEKT RED 开发者组建,它正在开发的一个项目是第一部《巫师》的重制版。在《旧时曲》中,玩家将再次扮演猎魔人利维亚的杰洛特,开启一段全新的冒险之旅。更多信息将于夏末公布。这部资料片被广泛视为是为即将推出的《巫师4》预热。
Weekly Threat Bulletin – May 27th, 2026
3 days 8 hours ago
These are the top threats you should know about this week.
Motorola Phones Preinstalled App Found Hijacking Amazon App to Inject Affiliate Codes
3 days 8 hours ago
A hidden system application bundled with Motorola smartphones has been caught intercepting user-initiated Amazon app launches and silently redirecting them through affiliate tracking URLs, raising serious concerns about supply chain integrity, user consent, and undisclosed revenue practices on premium Android devices. The behavior was first reported by a Motorola Razr 60 Ultra user on Reddit, […]
The post Motorola Phones Preinstalled App Found Hijacking Amazon App to Inject Affiliate Codes appeared first on Cyber Security News.
Guru Baran
Почта под колпаком 3,5 месяца. Новые документы раскрывают, насколько глубоко взломщики SolarWinds проникли в Министерство финансов США
3 days 8 hours ago
Взлом SolarWinds оказался страшнее, чем признавали власти США.
CVE-2026-46090 | Linux Kernel up to 6.12.87/6.18.26/7.0.3/7.1-rc1 ALSA loopback_check_format streams[] use after free
3 days 8 hours ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.87/6.18.26/7.0.3/7.1-rc1. Affected by this issue is the function loopback_check_format of the component ALSA. The manipulation of the argument streams[] results in use after free.
This vulnerability is reported as CVE-2026-46090. The attacker must have access to the local network to execute the attack. No exploit exists.
You should upgrade the affected component.
vuldb.com
CVE-2026-46037 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 ipv4 array_index_nospec icmp_pointers[] privilege escalation
3 days 8 hours ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. Affected by this vulnerability is the function array_index_nospec of the component ipv4. The manipulation of the argument icmp_pointers[] leads to privilege escalation.
This vulnerability is documented as CVE-2026-46037. The attack requires being on the local network. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-46035 | Linux Kernel up to 6.18.26/7.0.3/7.1-rc1 alloc_frozen_pages_nolock stack-based overflow
3 days 8 hours ago
A vulnerability classified as critical was found in Linux Kernel up to 6.18.26/7.0.3/7.1-rc1. Affected is the function alloc_frozen_pages_nolock. Executing a manipulation can lead to stack-based buffer overflow.
This vulnerability is registered as CVE-2026-46035. The attack requires access to the local network. No exploit is available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-46092 | Linux Kernel up to 4.19.266 wifi pci_upstream_bridge denial of service
3 days 8 hours ago
A vulnerability classified as critical has been found in Linux Kernel. This impacts the function pci_upstream_bridge of the component wifi. Performing a manipulation results in denial of service.
This vulnerability is cataloged as CVE-2026-46092. The attack must originate from the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com