Also called Copy Fail 2 and tracked as CVE-2026-43284 and CVE-2026-43500, the exploit was disclosed before a patch was released. The post New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks appeared first on SecurityWeek. This article has been indexed…
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
A malicious Hugging Face repository managed to take a spot in the platform’s trending list by impersonating OpenAI’s Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users. The project, named Open-OSS/privacy-filter, masqueraded as its legitimate counterpart,…
Police Shut Relaunched Crimenetwork Dark Web Marketplace
Spanish police have arrested the suspected administrator of German dark web marketplace Crimenetwork This article has been indexed from www.infosecurity-magazine.com Read the original article: Police Shut Relaunched Crimenetwork Dark Web Marketplace
New cPanel vulnerabilities, JDownloader delivers malware, Schumer pushes DHS
CPanel, WHM release fixes for three new vulnerabilities Official JDownloader site serves malware to Windows and Linux users Sen. Schumer seeks DHS plan on AI cyber coordination Get the show notes here: https://cisoseries.com/cybersecurity-news-new-cpanel-vulnerabilities-jdownloader-delivers-malware-schumer-pushes-dhs/ Huge thanks to our episode sponsor, Doppel…
China-Founded MiroMind Halts Mainland AI Services
China-founded, Singapore-based AI start-up MiroMind halts services in China amid business restructure prompted by Manus buyout rejection This article has been indexed from Silicon UK Read the original article: China-Founded MiroMind Halts Mainland AI Services
Crimenetwork Bust Reveals 22,000 Members and Over 100 Illicit Vendors
Law enforcement authorities have successfully dismantled the relaunched version of “Crimenetwork,” a prominent criminal online trading platform. A 35-year-old German citizen, suspected of operating the illicit platform, was apprehended at his residence in Mallorca, Spain, by a special unit of…
Amazon Launches Drone Deliveries In UK
Small area around Amazon warehouse in County Durham open for airborne deliveries, with drones dropping packages 12ft onto lawns This article has been indexed from Silicon UK Read the original article: Amazon Launches Drone Deliveries In UK
ShinyHunters Exploits Canvas LMS Free Teacher Accounts in New Breach
In early May 2026, ShinyHunters breached Instructure’s Canvas LMS by abusing the Free-For-Teacher (FFT) account program, triggering an active extortion campaign and exposing student and faculty data across thousands of schools worldwide. ShinyHunters claimed responsibility on 3 May and published…
Instagram removed end-to-end encryption for DMs. What should users do?
Instagram removes direct messages (DM) end-to-end encryption May 8, 2026, letting Meta access chats. Users should download backups amid privacy concerns and U.S. law pressure. Starting May 8, 2026, Instagram users who previously enabled end-to-end encryption in direct messages will…
JDownloader Downloader Hacked to Infect Users With New Python RAT
JDownloader, the popular open-source download manager trusted by millions of users worldwide, was at the center of a serious supply chain attack in early May 2026. Attackers quietly compromised the official jdownloader.org website and replaced legitimate installer download links with…
A week in security (May 4 – May 10)
A list of topics we covered in the week of May 4 to May 10 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (May 4 – May 10)
Resurrected ‘Crimenetwork’ Marketplace Taken Down, Administrator Arrested
The second iteration of the German-speaking online crime marketplace had over 22,000 users and more than 100 sellers. The post Resurrected ‘Crimenetwork’ Marketplace Taken Down, Administrator Arrested appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
IT Security News Hourly Summary 2026-05-11 09h : 3 posts
3 posts were published in the last hour 7:4 : Meta Challenges Ofcom Over Online Safety Act 7:4 : Weaponized JPEG file Drops Trojanized ScreenConnect Malware 7:4 : Windows CreateFileW API Flaw Could Let Attackers Lock SMB Files at Scale
Meta Challenges Ofcom Over Online Safety Act
Facebook parent Meta launches High Court challenge to Ofcom’s ‘disproportionate’ structure of fees and potential fines This article has been indexed from Silicon UK Read the original article: Meta Challenges Ofcom Over Online Safety Act
Weaponized JPEG file Drops Trojanized ScreenConnect Malware
Hackers are abusing a weaponized JPEG file to quietly install a trojanized version of the ConnectWise ScreenConnect remote‑access tool on Windows systems, enabling full surveillance, credential theft, and long‑term control over compromised networks. The campaign shows how a simple‑looking image…
Windows CreateFileW API Flaw Could Let Attackers Lock SMB Files at Scale
The multi-billion-dollar ransomware defence industry operates on a fundamental assumption: to cause catastrophic operational damage, malicious actors must write corrupted data to a disk. However, a newly disclosed attack technique, GhostLock, completely invalidates this foundational premise by demonstrating how threat…
ODINI Malware Uses CPU Magnetic Signals to Exfiltrate Data from Air-Gapped Systems
Air-gapped systems and Faraday cages have long represented the gold standard for protecting critical infrastructure and sensitive military networks. However, a groundbreaking threat known as ODINI demonstrates that even these extreme isolation measures can be compromised. Researchers have developed a…
macOS Malware Abuses Google Ads and Claude Shared Chats to Deliver Payloads
Threat actors are deploying a sophisticated malvertising campaign targeting macOS users by exploiting Google Ads and legitimate Anthropic Claude shared chats. Security researcher Berk Albayrak uncovered this novel attack chain on May 10, which distributes a variant of the MacSync…
Rustinel: Open-source endpoint detection for Windows and Linux
Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burdens. Rustinel,…
Review: Foundations of Cybersecurity, 2nd edition
Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security now extends past data center servers to cloud resources, mobile devices, the Internet of Things, and AI. About the…
JDownloader Hack Spreads New Python RAT
The official JDownloader website fell victim to a sophisticated supply-chain attack, resulting in malicious installers being distributed to users worldwide. Attackers exploited an unpatched vulnerability in the site’s content management system to redirect specific download links from legitimate JDownloader installers…
New cPanel and WHM Vulnerabilities Expose Servers to Code Execution and DoS Attacks
cPanel and WebHost Manager (WHM) are critical administrative control panels used by hosting providers globally to manage servers, websites, and databases. Due to their widespread deployment, vulnerabilities in these platforms immediately become high-value targets for threat actors. On May 8,…
ODINI Malware Exploits CPU Magnetic Emissions to Breach Faraday-Shielded Air-Gapped Computers
ODINI is a sophisticated proof-of-concept malware capable of extracting sensitive information from air-gapped computers protected by Faraday cages. By modulating the targeted computer’s CPU workload to generate low-frequency magnetic fields, this covert channel successfully transmits data through advanced physical isolation…
Top 10 Best Interactive Malware Analysis Tools in 2026
As we navigate through 2026, the cybersecurity landscape has never been more complex. Threat actors are actively leveraging advanced AI, highly evasive techniques, and fileless architectures to bypass traditional security controls. For security operation centers (SOCs), incident responders, and threat…