A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2026-9082:…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Popular node-ipc npm Package Infected with Credential Stealer New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here Active Supply…
Top 10 Best Malware Sandbox Tools for Security Teams in 2026
The cybersecurity landscape in 2026 is defined by unprecedented sophistication. Threat actors are leveraging generative AI, highly evasive polymorphic code, and zero-day exploits to bypass traditional perimeter defenses. For modern Security Operations Centers (SOCs) and incident response teams, signature-based detection…
Scientists discover atoms suddenly spinning backward in quantum experiment
Scientists have directly watched angular momentum move through a crystal for the very first time — and discovered a bizarre twist along the way. Using ultra-powerful terahertz laser pulses, researchers triggered tiny atomic rotations inside a quantum material and found…
IT Security News Hourly Summary 2026-05-24 12h : 1 posts
1 posts were published in the last hour 9:34 : Anthropic’s Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious
Anthropic’s Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious
Anthropic said its AI Project Glasswing found over 10,000 serious vulnerabilities in one month, exposing a growing patching gap. Anthropic announced on Friday that Project Glasswing, its defensive cybersecurity initiative built around Claude Mythos Preview, has uncovered more than 10,000…
Researcher Claims Trump Mobile Website Leaked Data on More Than 27,000 Customers Through Unprotected API
A self-taught tech enthusiast who goes by the name “Louis” claims he found a vulnerability in the Trump Mobile website that let him extract customer data using Thank you for being a Ghacks reader. The post Researcher Claims Trump Mobile…
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8),…
Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched…
7-Eleven – 185,256 breached accounts
In April 2026, 7-Eleven was the victim of a “pay or leak” extortion campaign by ShinyHunters, with the data later published that month. The incident exposed 185k unique email addresses, along with names, physical addresses, dates of birth and phone…
IT Security News Hourly Summary 2026-05-24 06h : 1 posts
1 posts were published in the last hour 4:2 : PyrsistenceSniper – Tool that Detects 117 Persistence Malware Techniques on Windows, Linux, and macOS
PyrsistenceSniper – Tool that Detects 117 Persistence Malware Techniques on Windows, Linux, and macOS
PyrsistenceSniper is an advanced tool for detecting offline persistence, enabling cybersecurity analysts to identify 117 separate persistence mechanisms across Windows, Linux, and macOS platforms. Originally inspired by Autoruns and PersistenceSniper, this Python-based solution developed by Hexastrike enables rapid triage of…
IT Security News Hourly Summary 2026-05-24 00h : 1 posts
1 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-05-23
IT Security News Daily Summary 2026-05-23
45 posts were published in the last hour 20:32 : These special phone and app features can help protect you from spyware 17:31 : CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack 17:2 : Packagist Supply…
These special phone and app features can help protect you from spyware
Apple, Meta, and Google offer special security modes that provide your devices more secure against targeted spyware attacks. Here are how those modes work, what they do, and how to switch them on. This article has been indexed from Security…
CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack
Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases.…
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
A new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL. “Although the affected packages were all Composer packages, the malicious code was…
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly available for installation. Called staged publishing, the feature…
Millions of Devices at Risk: New Trojan Monitors Smartphones
A menacing new Trojan has emerged that puts millions of smartphone devices worldwide at risk, according to recent cybersecurity reports. This sophisticated malware specifically targets Android devices and has already infected thousands of users across 143 countries. The Trojan’s…
AI Coding Tools Expose Thousands of Apps With Sensitive Corporate Data Online
Thousands of web applications built using AI coding tools have been found publicly accessible online without proper security protections. Researchers at RedAccess identified more than 5,000 exposed apps tied to companies, many revealing private information to anyone with the…
Why pure extortion is replacing traditional ransomware
Ransomware gangs are shifting from encryption to pure extortion, focusing on stolen data, reputational pressure, and stealthier attacks. Ransomware groups are quietly changing strategy in 2026. Instead of encrypting systems and causing immediate disruption, many attackers are now focusing on…
IT Security News Hourly Summary 2026-05-23 15h : 4 posts
4 posts were published in the last hour 13:4 : Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks — Patch Now! 13:4 : Australia Seizes $4.2 Million in Bitcoin in Major Darknet Crackdown 13:4 : WhatsApp Fixed Two Security Bugs…
Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks — Patch Now!
A newly disclosed flaw in one of the world’s most widely deployed web servers is forcing administrators into another emergency patch cycle. Tracked as CVE-2026-9256 and publicly nicknamed nginx-poolslip, the vulnerability affects both NGINX Plus and NGINX Open Source, and…
Australia Seizes $4.2 Million in Bitcoin in Major Darknet Crackdown
Authorities in the Australian state of New South Wales (NSW) have confiscated 52.3 Bitcoin, valued at more than $4.2 million, following search warrants carried out in Ingleburn on May 4. The seizure is being described as one of the…