Plus: The NSA tests Anthropic’s Mythos Preview to find vulnerabilities, a Finnish teen is charged over the Scattered Spider hacking spree, and more. This article has been indexed from Security Latest Read the original article: Disneyland Now Uses Face Recognition…
IT Security News Hourly Summary 2026-05-02 12h : 3 posts
3 posts were published in the last hour 9:34 : New Deep#Door RAT uses stealth and persistence to target Windows 9:34 : Web application testing with Burp Suite: a practical guide for UK SMEs 9:9 : Brace for the patch…
New Deep#Door RAT uses stealth and persistence to target Windows
Deep#Door hides a Python RAT inside a batch file, kills Windows defenses, survives via multiple persistence methods, and exfiltrates data through a public TCP tunnel. Security researchers at Securonix uncovered a sophisticated malware campaign called Deep#Door. Threat actors employed a…
Web application testing with Burp Suite: a practical guide for UK SMEs
Web application testing with Burp Suite: a practical guide for UK SMEs For many UK SMEs, web applications are now part of day-to-day business. They handle customer logins, staff portals, booking systems, supplier access, and internal admin tasks. That makes…
Brace for the patch tsunami: AI is unearthing decades of buried code debt
Britain’s cyber agency says the bill for years of technical shortcuts is coming due, and it’s arriving all at once Britain’s cyber agency is warning that AI-fuelled bug hunting is about to flush out years of buried flaws, leaving defenders…
ZenBusiness – 5,118,184 breached accounts
In March 2026, the hacker and extortion group “ShinyHunters” claimed to have obtained a substantial corpus of data from ZenBusiness, a business formation and compliance platform. The group claimed the data had been exfiltrated from platforms including Snowflake, Mixpanel and…
Attackers Abuse Google AppSheet, Netlify, and Telegram in Facebook Phishing Campaign
A sophisticated cybercriminal operation dubbed “AccountDumpling” has compromised approximately 30,000 Facebook accounts worldwide. Discovered by Guardio Labs, this Vietnamese-linked campaign abuses Google’s AppSheet platform to bypass traditional email security filters. By routing fully authenticated phishing lures through legitimate channels, the…
Attackers Deploy AiTM Phishing Pages to Access SharePoint, HubSpot, and Google Workspace
Threat actors are rapidly shifting their intrusion tradecraft toward high-speed, SaaS-centric attacks that completely bypass traditional endpoint security. Since October 2025, security researchers have tracked two distinct adversaries, identified as CORDIAL SPIDER and SNARKY SPIDER, conducting aggressive data theft campaigns.…
RBI Cybersecurity Compliance Checklist for Fintech Organizations
The financial services ecosystem in India is undergoing rapid digital transformation, and fintech organizations sit at the center of this evolution. With increasing cyber threats targeting digital payments, lending platforms, and financial data, regulatory oversight has intensified. The Reserve Bank…
Trellix Confirms Source Code Breach With Unauthorized Repository Access
Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a “portion” of its source code. It said it “recently identified” the compromise of its source code repository and that it began working with “leading…
IT Security News Hourly Summary 2026-05-02 09h : 2 posts
2 posts were published in the last hour 6:34 : PyTorch Lightning and Intercom Client Users Exposed to Credential Stealing Campaign 6:9 : Massive Facebook Phishing Operation Leverages AppSheet, Netlify, and Telegram
PyTorch Lightning and Intercom Client Users Exposed to Credential Stealing Campaign
Python’s software supply chain has been compromised, which targeted the popular PyPI package Lightning and exposed downstream machine learning environments to covert credential theft through a sophisticated software supply chain compromise. In conjunction with Aikido Security, OX Security, Socket,…
Massive Facebook Phishing Operation Leverages AppSheet, Netlify, and Telegram
Cybersecurity researchers at Guardio Labs have uncovered a massive phishing operation dubbed AccountDumpling that has compromised more than 30,000 Facebook accounts worldwide. Unlike conventional phishing campaigns that rely on spoofed domains or compromised SMTP servers, this Vietnamese-linked operation abuses Google…
cPanelSniper PoC Exploit Disclosed as 44,000 Servers Reportedly Compromised
A critical zero-day vulnerability in cPanel and WebHost Manager (WHM) is under massive active exploitation following the public release of a sophisticated proof-of-concept exploit. Tracked as CVE-2026-41940, this flaw has already compromised tens of thousands of servers worldwide. The vulnerability,…
CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments
A high-severity Linux vulnerability, “Copy Fail” (CVE-2026-31431), enables root privilege escalation across cloud environments and Kubernetes workloads. With a working exploit already in the wild, organizations should act quickly to detect, mitigate, and reduce risk. The post CVE-2026-31431: Copy Fail…
Connected Cars Are Rolling Spy Networks — And They Can Be Hacked
Connected cars are no longer just vehicles — they are rolling networks of sensors, cameras, microphones, and constant data transmission. In this Cybersecurity Today Weekend Edition, David Shipley is joined by former CSIS intelligence officer Neil Bisson and cybersecurity expert…
IT Security News Hourly Summary 2026-05-02 06h : 1 posts
1 posts were published in the last hour 3:34 : cPanelSniper – PoC Exploit Disclosed for cPanel Vulnerability, 44,000 Servers Compromised
cPanelSniper – PoC Exploit Disclosed for cPanel Vulnerability, 44,000 Servers Compromised
A weaponized proof-of-concept (PoC) exploit framework dubbed “cPanelSniper” has been publicly released for CVE-2026-41940, a maximum-severity authentication bypass in cPanel & WHM that has already led to the compromise of tens of thousands of servers worldwide with attack activity traced…
IT Security News Hourly Summary 2026-05-02 03h : 1 posts
1 posts were published in the last hour 0:32 : The npm Threat Landscape: Attack Surface and Mitigations (Updated May 1)
The npm Threat Landscape: Attack Surface and Mitigations (Updated May 1)
Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more. The post The npm Threat Landscape: Attack Surface and Mitigations (Updated May 1) appeared first on Unit 42. This article has been…
What Is Dark AI? How to Protect Yourself From This Growing Threat
Dark AI is artificial intelligence built or used for illegal activity. Learn how cybercriminals use it and how you can stay safe from growing dark AI threats. The post What Is Dark AI? How to Protect Yourself From This Growing…
Essential Data Sources for Detection Beyond the Endpoint
Unit 42 highlights the need for a comprehensive security strategy that spans every IT zone. Explore the full details here. The post Essential Data Sources for Detection Beyond the Endpoint appeared first on Unit 42. This article has been indexed…
News brief: Critical infrastructure, OT cybersecurity attacks
<p>The Stuxnet worm is widely recognized as the first confirmed cyberattack designed to damage critical infrastructure. Discovered in 2010 but used as early as 2009, it targeted uranium enrichment systems at Iran’s Natanz Nuclear Facility, causing physical destruction of centrifuges.</p>…
IT Security News Hourly Summary 2026-05-02 00h : 4 posts
4 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-05-01 21:34 : The Department of Know: GitHub drama, AI deletes production data, Claude Security Beta 21:34 : Security posture improvement in the AI era…