Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to more effectively distribute malicious code, including ransomware. The post Exposing Fox Tempest: A malware-signing service operation appeared…
US cyber agency CISA exposed reams of passwords and cloud keys to the open web
The federal cybersecurity agency left plaintext passwords in a spreadsheet uploaded to a public GitHub repository, per a report by independent journalist Brian Krebs. This article has been indexed from Security News | TechCrunch Read the original article: US cyber…
Microsoft Edge Stops Loading Saved Passwords Into Memory at Startup
Microsoft has announced a significant security improvement in its Edge browser, eliminating the practice of loading saved passwords into process memory at startup. The change comes as part of the company’s broader Secure Future Initiative (SFI), which aims to strengthen…
Critical Apache Flink Vulnerability Enables Remote code execution Attacks
A newly disclosed critical vulnerability in Apache Flink, tracked as CVE-2026-35194, exposes distributed data processing environments to remote code execution (RCE) attacks via SQL injection flaws in the platform’s code generation engine. The flaw lies in Apache Flink’s SQL code-generation mechanism,…
Compromised GitHub Action Exfiltrates Workflow Credentials to Attacker Domain
A widely used GitHub Action called actions-cool/issues-helper has been compromised, with every version tag in the repository silently redirected to a malicious commit. The attack places stolen CI/CD pipeline credentials directly in the hands of an attacker, raising serious concerns…
Meta Challenges Ofcom Over Online Safety Act Fees and Penalties
Challenging new rules, Meta – owner of Facebook and Instagram – is taking Ofcom to the High Court amid disputes about charges tied to the Online Safety Act. The legal move stems from disagreements on how costs and fines…
Fake Claude AI Site Spreads New Beagle Windows Backdoor – Here’s How to Stay Safe
Cybercriminals have launched a sophisticated malvertising campaign using a fake Claude‑AI website that installs a new Windows backdoor called “Beagle,” highlighting how attackers are weaponizing the popularity of AI tools against software developers. The deceptive site, reachable through sponsored…
Securing the AI Supply Chain in the European Union
The European Union’s AI strategy is entering a new phase. What began as a commitment to “trustworthy AI,” grounded in ethics and human rights, is now evolving into a legally enforceable framework for technically secure AI. EU-specific AI, data and…
New VoidStealer Malware Bypasses Chrome’s Protection to Steal User Data
A newly discovered malware called VoidStealer has emerged as a serious threat to Chrome users on Windows, using a clever technique to bypass one of the browser’s most important security features. The malware targets Chrome’s App-Bound Encryption, a protection layer…
Attackers Use Cloudflare Storage Endpoint to Exfiltrate Files From Compromised Networks
Attackers have found a new way to quietly steal data from compromised networks, and this time, they are hiding behind a familiar face. Security researchers have uncovered a targeted intrusion campaign that used a Cloudflare-hosted storage endpoint to pull stolen…
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE). Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerability was discovered and reported by the Zellic and…
Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool
Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool
Telecom sector launches its own private ISAC
Federal government involvement in an existing group chilled some cybersecurity discussions among major telecom providers. The new group is intended to alleviate those anxieties. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Telecom…
You Can Get Some of Your Nudes Removed From the Internet Under a New Law
Starting May 19, tech platforms in the US will have to comply with the Take It Down Act. Here’s how more than a dozen major platforms are handling takedown demands for your nonconsensual nudes. This article has been indexed from…
Check Point Wants AI Agents to Do What Security Teams Can’t: Manage Networks at Machine Speed
Check Point has launched an agentic orchestration platform that can end the policy drift, stalled Zero Trust projects, and manual configuration backlogs that have plagued enterprise security teams for decades. The company’s Agentic Network Security Orchestration Platform is built around…
Cyber Briefing: 2026.05.19
The convergence of failed critical security updates, dozens of newly discovered zero-day exploits, and large-scale academic data breaches highlights a high-risk environment currently being countered This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.05.19
Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI & ASM
Torrance, United States / California, 19th May 2026, CyberNewswire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI &…
The Network Security Problem No One Could Solve – Until Now.
Networks used to be simple. A perimeter. A data center. A set of rules a single engineer could hold in their head. That world is long gone. Every wave of enterprise transformation – cloud migration, M&A, hybrid multi-cloud, IoT, remote…
Nx Console VS Code Extension Compromised to Steal Developer and Cloud Secrets
A widely used Visual Studio Code extension was quietly turned into a credential-stealing tool in May 2026, putting millions of developers at serious risk without warning. The Nx Console extension, which has over 2.2 million installations, was compromised when attackers…
New VoidStealer Malware Bypasses Chrome’s App-Bound Encryption to Steal Passwords and Cookies
A newly discovered malware called VoidStealer has emerged as a serious threat to Chrome users on Windows, using a clever technique to bypass one of the browser’s most important security features. The malware targets Chrome’s App-Bound Encryption, a protection layer…
Facebook scam promises cheap Aldi meat boxes, steals payment info instead
A fake Aldi “meat box” offer spreading on Facebook tricks victims into handing over personal and payment info. This article has been indexed from Malwarebytes Read the original article: Facebook scam promises cheap Aldi meat boxes, steals payment info instead
Selector extends AI-driven observability into multi-cloud environments
Selector has announced the expansion of its platform with AI-powered multi-cloud observability capabilities. The extension of Selector’s AI-driven observability approach into multi-cloud environments enables organizations to correlate signals across the full hybrid path. By unifying rich telemetry data from cloud,…
PureLogs infostealer is stealing credentials worldwide
A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered. The attack The attack starts with a phishing email containing a TXZ archive and using…
IT Security News Hourly Summary 2026-05-19 15h : 16 posts
16 posts were published in the last hour 13:4 : Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud 13:3 : Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report 13:3 : UAC-0184…