Cybercriminal groups are increasingly using Telegram channels and encrypted platforms to sell verified bank and fintech mule accounts, signaling a major shift in how illicit funds are laundered at scale. According to recent threat intelligence findings, money mule operations have…
WhatsApp Chat Histories Exposed in Unencrypted Storage on macOS and iOS
Security researchers have raised concerns over how WhatsApp stores user chat data on macOS and iOS, revealing that message databases may be stored in unencrypted form within app group containers accessible by other applications from the same developer ecosystem. According…
IT Security News Hourly Summary 2026-05-25 12h : 11 posts
11 posts were published in the last hour 10:4 : Hackers Actively Scan SonicWall Firewall Interfaces as 597,000 Sessions Observed 10:4 : Authorities Seized 800 Servers of Hosting Company Used to Launch Cyberattacks 10:4 : WhatsApp Chat Histories Stored Unencrypted…
Hackers Actively Scan SonicWall Firewall Interfaces as 597,000 Sessions Observed
A sharp surge in internet scanning activity targeting SonicWall firewall management interfaces has raised concerns among cybersecurity researchers, with GreyNoise reporting nearly 597,000 sessions in a single day. The spike, observed on May 12, 2026, marks the highest volume recorded…
Authorities Seized 800 Servers of Hosting Company Used to Launch Cyberattacks
Dutch authorities have seized more than 800 servers and arrested two individuals as part of a major investigation into a hosting infrastructure allegedly used to support cyberattacks, disinformation campaigns, and sanctions evasion linked to Russia. The Fiscal Information and Investigation…
WhatsApp Chat Histories Stored Unencrypted on macOS and iOS
Security researchers have revealed that WhatsApp chat histories may be stored unencrypted on both macOS and iOS devices, raising fresh concerns about local data protection and cross-application access within the Apple ecosystem. The issue, highlighted by iOS security researchers at…
MiniUpdate RAT Uses Azure-Hosted C2 Domains for Targeted Espionage Campaigns
A new wave of targeted espionage attacks has put technology professionals across the United States, Israel, and the United Arab Emirates on high alert. The threat comes from an Iran-linked hacking group deploying two families of remote access trojans through…
DocketWise Data Breach Impacts 143,000
Hackers accessed names, addresses, Social Security numbers, financial information, and medical data from third-party partner repositories. The post DocketWise Data Breach Impacts 143,000 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: DocketWise Data…
Hackers Exploit Azure RBAC to Steal Key Vault Secrets
Hackers are increasingly exploiting cloud identity and access management systems, and a methodical, sophisticated, and multi-layered attack, where a threat actor we track as Storm-2949 launched a relentless campaign with a singular focus: to exfiltrate as much sensitive data from…
CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in the wild. The flaw has been added to CISA’s…
Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation
Dutch authorities arrested two suspects and seized 800 servers tied to Stark Industries, a hosting firm linked to cyberattacks and disinformation. Dutch financial crime investigators arrested two men and seized 800 servers connected to Stark Industries, a hosting provider accused…
Microsoft Warns Passwords and SMS-Based 2FA Are No Longer Enough Against Modern Cyberattacks
Microsoft is intensifying its push toward passwordless security, warning that traditional passwords and older forms of two-factor authentication are becoming increasingly ineffective against modern phishing attacks powered by artificial intelligence. In a statement released during World Passkey Day, Microsoft said…
iOS 26.5 Introduces Private RCS Messaging and Core Feature Improvements
By introducing end-to-end encrypted RCS messaging between iPhone and Android devices for the first time, Apple has taken another step towards unifying secure cross-platform communication. In the update, Apple’s messaging architecture has been significantly altered, extending advanced encryption protections…
FBI Warns ‘Kali365’ Phishing Kit Hijacks Microsoft 365 OAuth Tokens
The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Warns ‘Kali365’ Phishing Kit Hijacks Microsoft 365 OAuth Tokens
Fake Streams, Counterfeit Merch and Other Scams: How Fraudsters Target F1 Fans
From fake F1 streams to counterfeit merch, fraudsters are exploiting fans online and the Bitdefender Cybersecurity Grand Prix Fan Threat Index details how This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Streams, Counterfeit Merch and Other…
Hackers Exploit Shared CDNs to Evade Domain Reputation Filters
Hackers are increasingly abusing shared Content Delivery Network (CDN) infrastructure to bypass domain-reputation-based security controls using a newly identified technique called “Underminr.” Underminr is not a conventional software flaw but an inherent weakness in how modern CDNs handle multi-tenant traffic.…
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
Fake automated commits injected GitHub Actions workflows containing payloads to steal credentials, CI secrets, keys, and tokens. The post Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Do children spend more time online during summer break?
Yes, they do. As the school year is about to end, more and more children will spend more time staring at screens while busy parents… The post Do children spend more time online during summer break? appeared first on Panda…
Hackers Hide Linux Malware in SSH-Like Package Filename
Hackers have been observed disguising a malicious Linux payload under an SSH-like filename during software installation, as part of a coordinated supply chain attack targeting developer ecosystems. The attack hinges on a hidden post-install script embedded inside package.json, rather than the expected composer.json used in…
FBI director Kash Patel’s brand website taken offline after malware reports
FBI director site went offline after a hack used a fake Cloudflare page to trick users into running a ClickFix attack that installed malware. The merchandise website of FBI director Kash Patel (basedapparel[.]com) was taken offline on Friday after reports…
Hackers Use Browser-Locking CypherLoc Kit to Push Fake Microsoft Support Calls
A newly identified scareware kit called CypherLoc is locking victims’ browsers and tricking them into calling fake Microsoft support lines. The kit has been linked to roughly 2.8 million attacks since the start of 2026, making it one of the…
GitHub Adds Staged Publishing to npm to Block Automated Supply Chain Attacks
GitHub has introduced a major security upgrade to the npm ecosystem with the general availability of staged publishing and new install-time controls, aimed at reducing automated supply chain attacks targeting open-source packages. The newly released staged publishing feature changes how…
CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks
CISA has issued an urgent alert regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in real-world attacks. The flaw, classified under CWE-89, affects Drupal’s database abstraction API and could allow…
A week in security (May 18 – May 24)
A list of topics we covered in the week of May 18 to May 24 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (May 18 – May 24)