A dangerous Android banking malware known as TrickMo has resurfaced with a powerful new variant, and this time it is more stealthy, more capable, and harder to stop than ever before. The threat is actively targeting users of banking apps,…
PoC Exploit Released for Android Zero-Click Vulnerability that Enables Remote Shell Access
In a chilling blow to mobile security, Google’s May 2026 Android Security Bulletin has unmasked a catastrophic zero-click vulnerability lurking within the core Android System. The CVE-2026-0073 flaw in Android’s adbd daemon lets nearby threat actors remotely gain full shell…
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues. “Daybreak combines the…
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement” with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities. In an…
Hackers Disrupt Exams With Software Breach
Hacking group interrupts exams in breach of Canvas educational platform used by thousands of universities, schools in US, Canada, Australia This article has been indexed from Silicon UK Read the original article: Hackers Disrupt Exams With Software Breach
OpenAI Daybreak Automates Vulnerability Detection and Patching
The relentless race against zero-day exploits and sophisticated cyberattacks requires a revolutionary approach to software security. Defenders are constantly overwhelmed by massive backlogs of alerts and the sheer volume of code requiring manual review. Enter OpenAI Daybreak, a frontier artificial…
Android banking Trojan TrickMo evolves using TON network for C2
ThreatFabric found a new TrickMo Android trojan focused on stealth and persistence, moving its command-and-control traffic to the TON network. Security researchers at ThreatFabric have recently identified a new version of TrickMo, a dangerous Android banking trojan that shows how…
EU New Tech Package May Restrict Microsoft, Amazon, and Google From Handling Public Sector Sensitive Data
The European Commission is set to introduce a Tech Sovereignty Package later this month that could limit companies like Microsoft, Amazon, and Google from proce Thank you for being a Ghacks reader. The post EU New Tech Package May Restrict…
TikTok To Introduce Paid Subscriptions In UK
TikTok to allow users to pay for an ad-free experience, but free users will lose ability to switch off personalised ads This article has been indexed from Silicon UK Read the original article: TikTok To Introduce Paid Subscriptions In UK
IT Security News Hourly Summary 2026-05-12 09h : 8 posts
8 posts were published in the last hour 7:5 : Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers 7:4 : OpenAI Launches ‘Daybreak’: GPT-5.5 Powered To Detect Sotfware Vulnerability 7:4 : State of ransomware in 2026 7:4…
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers
Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecommerce websites stealthily. Because GTM is widely used and loaded from the trusted domain googletagmanager.com, malicious scripts can…
OpenAI Launches ‘Daybreak’: GPT-5.5 Powered To Detect Sotfware Vulnerability
Daybreak is more than just a new AI model — it’s a complete cybersecurity platform built to develop… The post OpenAI Launches ‘Daybreak’: GPT-5.5 Powered To Detect Sotfware Vulnerability appeared first on Hackers Online Club. This article has been indexed…
State of ransomware in 2026
Kaspersky researchers are sharing insights into the main ransomware trends for 2026: EDR killers on the rise, switching from data encryption to data leaks, and more. This article has been indexed from Securelist Read the original article: State of ransomware…
New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes
A new tool, BitUnlocker, reveals a practical downgrade attack against Microsoft’s BitLocker encryption, allowing attackers with physical access to decrypt protected volumes on patched Windows 11 machines in under 5 minutes by exploiting a crucial gap between patching and certificate…
iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android
Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Communication Services (RCS) in beta as part of a “cross-industry effort” to replace traditional SMS with a more secure alternative. To that end, E2EE RCS…
84 npm Packages Linked to TanStack Hit by Supply-Chain Breach
A massive supply chain breach affecting 84 npm packages within the widely used TanStack ecosystem. Malicious actors compromised these packages by injecting a sophisticated credential-stealing tool designed to target continuous integration environments such as GitHub Actions. Packages such as React…
Checkmarx Jenkins AST Plugin Compromised in KICS Supply Chain Attack
Supply chain campaign has now extended to Checkmarx’s Jenkins ecosystem, with attackers pushing a malicious Checkmarx Jenkins AST plugin to the official Jenkins Marketplace as part of the ongoing KICS/Trivy-linked compromise. The rogue release is identified as version 2026.5.09 and…
BitUnlocker Downgrade Attack Bypasses Windows 11 Disk Encryption in Minutes
A proof-of-concept (PoC) exploit that demonstrates how attackers can bypass Windows 11 BitLocker disk encryption in under 5 minutes. Dubbed the “BitUnlocker” attack, this physical downgrade technique exploits a known vulnerability, CVE-2025-48804. Initially documented by the Microsoft STORM team in…
Canvas cyberattack disrupts universities as ShinyHunters threatens massive data leak
An attack on the popular Instructure Canvas learning management system has caused major disruptions for schools and universities in the US, just as students gear up for finals. This poses a serious threat to the personal data of millions of…
JUPITER supercomputer breaks world record with 50-qubit quantum simulation
Scientists in Germany have pulled off a staggering computing feat by fully simulating a 50-qubit quantum computer for the first time ever using Europe’s new exascale supercomputer, JUPITER. The breakthrough shatters the previous 48-qubit record and highlights just how powerful…
Japan’s PM orders cybersecurity review to stop Mythos going full CyberZilla
Fears exponential increase in attack scale and speed This article has been indexed from www.theregister.com – Articles Read the original article: Japan’s PM orders cybersecurity review to stop Mythos going full CyberZilla
Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America
TrendAI™ Research has identified two emerging threat campaigns—SHADOW-AETHER-040 and SHADOW-AETHER-064—that use agentic AI to drive intrusion operations against government and financial organizations in Latin America, marking these among the first cases we have observed of AI agents executing attacks from…
TrickMo Android Malware Targets Banking, Wallet, and Authenticator Apps
TrickMo, the Android banking malware, has resurfaced with a significantly redesigned architecture, targeting banking, fintech, wallet, and authenticator applications while introducing advanced stealth and network capabilities. Rather than introducing entirely new user-facing functionality, the latest TrickMo variant focuses on backend…
Google Warns Hackers Are Using AI to Build Working Zero-Day Exploits
Artificial intelligence has officially transitioned from an experimental hacking novelty into an industrial-scale weapon for cybercriminals. Google Threat Intelligence Group (GTIG) adversaries are now actively using generative AI models to discover vulnerabilities and engineer functional zero-day exploits. This marks a…