End-to-end encryption offering removed for Instagram direct messages, amid criticism over child safety This article has been indexed from Silicon UK Read the original article: Meta Removes Full Encryption From Instagram
Microsoft Warns: MistralAI PyPI Package Compromised with Malware
Mistral’s official Python client on PyPI has been pulled into the ongoing wave of AI supply‑chain attacks, with Microsoft warning that version 2.4.6 of the mistralai package was backdoored to silently deploy a credential‑stealing payload on Linux systems. The logic is designed…
South Staffordshire Water Fined £1m After Data Breach
The ICO has fined South Staffordshire Water nearly £1m for a series of data protection failings This article has been indexed from www.infosecurity-magazine.com Read the original article: South Staffordshire Water Fined £1m After Data Breach
TikTok Scales Back AI Summaries After Bizarre Results
TikTok to limit AI summaries of videos after tool creates fanciful descriptions seemingly unrelated to material in question This article has been indexed from Silicon UK Read the original article: TikTok Scales Back AI Summaries After Bizarre Results
OpenAI Daybreak Automates Detects and Fix Vulnerabilities Automatically
OpenAI has introduced Daybreak, a strategic initiative to change how modern software is built and defended against emerging threats. Moving away from traditional reactive patching, Daybreak focuses on making software resilient by design from the very beginning of the development…
TrickMo Android Banking Malware Targets Banking, Wallet, and Authenticator Apps
A dangerous Android banking malware known as TrickMo has resurfaced with a powerful new variant, and this time it is more stealthy, more capable, and harder to stop than ever before. The threat is actively targeting users of banking apps,…
PoC Exploit Released for Android Zero-Click Vulnerability that Enables Remote Shell Access
In a chilling blow to mobile security, Google’s May 2026 Android Security Bulletin has unmasked a catastrophic zero-click vulnerability lurking within the core Android System. The CVE-2026-0073 flaw in Android’s adbd daemon lets nearby threat actors remotely gain full shell…
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues. “Daybreak combines the…
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement” with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities. In an…
Hackers Disrupt Exams With Software Breach
Hacking group interrupts exams in breach of Canvas educational platform used by thousands of universities, schools in US, Canada, Australia This article has been indexed from Silicon UK Read the original article: Hackers Disrupt Exams With Software Breach
OpenAI Daybreak Automates Vulnerability Detection and Patching
The relentless race against zero-day exploits and sophisticated cyberattacks requires a revolutionary approach to software security. Defenders are constantly overwhelmed by massive backlogs of alerts and the sheer volume of code requiring manual review. Enter OpenAI Daybreak, a frontier artificial…
Android banking Trojan TrickMo evolves using TON network for C2
ThreatFabric found a new TrickMo Android trojan focused on stealth and persistence, moving its command-and-control traffic to the TON network. Security researchers at ThreatFabric have recently identified a new version of TrickMo, a dangerous Android banking trojan that shows how…
EU New Tech Package May Restrict Microsoft, Amazon, and Google From Handling Public Sector Sensitive Data
The European Commission is set to introduce a Tech Sovereignty Package later this month that could limit companies like Microsoft, Amazon, and Google from proce Thank you for being a Ghacks reader. The post EU New Tech Package May Restrict…
TikTok To Introduce Paid Subscriptions In UK
TikTok to allow users to pay for an ad-free experience, but free users will lose ability to switch off personalised ads This article has been indexed from Silicon UK Read the original article: TikTok To Introduce Paid Subscriptions In UK
IT Security News Hourly Summary 2026-05-12 09h : 8 posts
8 posts were published in the last hour 7:5 : Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers 7:4 : OpenAI Launches ‘Daybreak’: GPT-5.5 Powered To Detect Sotfware Vulnerability 7:4 : State of ransomware in 2026 7:4…
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers
Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecommerce websites stealthily. Because GTM is widely used and loaded from the trusted domain googletagmanager.com, malicious scripts can…
OpenAI Launches ‘Daybreak’: GPT-5.5 Powered To Detect Sotfware Vulnerability
Daybreak is more than just a new AI model — it’s a complete cybersecurity platform built to develop… The post OpenAI Launches ‘Daybreak’: GPT-5.5 Powered To Detect Sotfware Vulnerability appeared first on Hackers Online Club. This article has been indexed…
State of ransomware in 2026
Kaspersky researchers are sharing insights into the main ransomware trends for 2026: EDR killers on the rise, switching from data encryption to data leaks, and more. This article has been indexed from Securelist Read the original article: State of ransomware…
New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes
A new tool, BitUnlocker, reveals a practical downgrade attack against Microsoft’s BitLocker encryption, allowing attackers with physical access to decrypt protected volumes on patched Windows 11 machines in under 5 minutes by exploiting a crucial gap between patching and certificate…
iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android
Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Communication Services (RCS) in beta as part of a “cross-industry effort” to replace traditional SMS with a more secure alternative. To that end, E2EE RCS…
84 npm Packages Linked to TanStack Hit by Supply-Chain Breach
A massive supply chain breach affecting 84 npm packages within the widely used TanStack ecosystem. Malicious actors compromised these packages by injecting a sophisticated credential-stealing tool designed to target continuous integration environments such as GitHub Actions. Packages such as React…
Checkmarx Jenkins AST Plugin Compromised in KICS Supply Chain Attack
Supply chain campaign has now extended to Checkmarx’s Jenkins ecosystem, with attackers pushing a malicious Checkmarx Jenkins AST plugin to the official Jenkins Marketplace as part of the ongoing KICS/Trivy-linked compromise. The rogue release is identified as version 2026.5.09 and…
BitUnlocker Downgrade Attack Bypasses Windows 11 Disk Encryption in Minutes
A proof-of-concept (PoC) exploit that demonstrates how attackers can bypass Windows 11 BitLocker disk encryption in under 5 minutes. Dubbed the “BitUnlocker” attack, this physical downgrade technique exploits a known vulnerability, CVE-2025-48804. Initially documented by the Microsoft STORM team in…
Canvas cyberattack disrupts universities as ShinyHunters threatens massive data leak
An attack on the popular Instructure Canvas learning management system has caused major disruptions for schools and universities in the US, just as students gear up for finals. This poses a serious threat to the personal data of millions of…