Linus Torvalds not into AI bug hunters 7-Eleven hit with ransom demand MENA runs new cybercrime op Get the show notes here: https://cisoseries.com/cybersecurity-news-linus-torvalds-talks-ai-bug-hunters-7-eleven-ransom-demand-menas-new-cybercrime-op/ Thanks to our episode sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent…
IT Security News Hourly Summary 2026-05-19 09h : 4 posts
4 posts were published in the last hour 7:2 : Compromised GitHub Action Steals Workflow Credentials 7:2 : Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials 6:32 : Mini Shai-Hulud Attack Hits @antv npm Packages 6:32…
Compromised GitHub Action Steals Workflow Credentials
A widely used GitHub Action, actions-cool/issues-helper, has been compromised in a supply chain attack that exposes sensitive CI/CD secrets to an attacker-controlled domain. The attack hinges on a subtle but powerful manipulation of Git tags. Instead of altering the visible commit…
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server. “Every existing tag in the repository has been…
Mini Shai-Hulud Attack Hits @antv npm Packages
A large-scale npm supply chain attack has compromised multiple widely used packages within the @antv ecosystem, to investigate what appears to be an active and rapidly evolving campaign linked to the Mini Shai-Hulud malware family. The attack centers on the…
Critical Vulnerability Exposes Industrial Robot Fleets to Hacking
The vulnerability, CVE-2026-8153, affects Universal Robots PolyScope 5 and it can be exploited for OS command injection. The post Critical Vulnerability Exposes Industrial Robot Fleets to Hacking appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Microsoft to Retire Teams Together Mode to Improve Performance
Microsoft has announced it will retire the “Together mode” feature in Microsoft Teams, marking a shift toward simplified meeting layouts designed to improve performance, usability, and consistency across devices. The change, confirmed by Microsoft Product Manager Katarina Tranker in the…
CISA Admin Reportedly Exposes AWS GovCloud Credentials in Public GitHub Repository
A significant security lapse involving the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has come to light after a contractor reportedly exposed highly sensitive AWS GovCloud credentials in a public GitHub repository. The incident, disclosed by security researchers on May…
Public Instagram posts provide raw material for AI phishing campaigns
A handful of public Instagram posts can give attackers enough material to generate convincing phishing emails with GenAI. Research from the University of Texas at Arlington and Louisiana State University showed how public social media activity can be turned into…
Compromised Nx Console VS Code Extension Steals Developer and Cloud Secrets
Nx Console’s popular VS Code extension was briefly weaponized into a credential-stealing tool that can leak developer and cloud secrets and plant a persistent backdoor. Anyone who installed v18.95.0 should treat their environment as fully compromised. On May 18, 2026,…
Mythos Preview Automates PoC Exploit Creation for Vulnerability Research
A new AI model from Anthropic is changing how security teams find and prove software vulnerabilities. It is raising hard questions about what happens when the same technology falls into the wrong hands. Cloudflare has published findings from its participation…
SEPPmail Gateway Flaws Expose Organizations to RCE and Email Traffic Interception
Multiple critical vulnerabilities in the SEPPmail Secure E-Mail Gateway are putting thousands of organizations at risk of remote code execution (RCE) and the interception of sensitive email. The flaws, tracked under several CVEs, impact widely deployed SEPPmail appliances used for…
Earbud sensors can authenticate users by their heartbeat, study finds
Researchers built a continuous authentication system called AccLock that identifies a wearer by the tiny vibrations a heartbeat makes inside the ear canal. The signal comes from an accelerometer of the kind already sitting inside many wireless earbuds, so no…
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave. “The attack affects packages tied to the npm maintainer…
GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server. “Every existing tag in the repository has been…
AI infrastructure is cracking under sovereignty demands
AI deployments are moving into environments with tighter controls around data, infrastructure, and system operations. Organizations are building AI systems across multiple providers, platforms, and computing environments while managing governance, security, and compliance obligations within defined boundaries. NTT DATA’s 2026…
Mythos Preview Builds PoC Exploits in Automated Vulnerability Research
Anthropic’s Mythos Preview security-focused AI model is crossing a critical threshold in automated vulnerability research, not just finding bugs, but chaining them together into working proof-of-concept exploits. That’s the finding from Cloudflare’s security team, which spent several weeks running the…
Cybersecurity jobs available right now: May 19, 2026
CISO DataFence | Israel | Hybrid – View job details As a CISO, you will develop security roadmaps, compliance plans, risk registers, policies, and control implementation plans while leading audit and regulatory compliance activities. You will manage client projects from…
Exchange Zero-Day Under Attack, Ransomware Gets Smarter, Fortinet Critical Flaws
A dangerous new Microsoft Exchange zero-day is being actively exploited, ransomware gangs are adopting nation-state-style tactics, two fired contractors were caught deleting U.S. government databases after accidentally recording themselves on Microsoft Teams, and Fortinet has patched critical remote code execution…
ISC Stormcast For Tuesday, May 19th, 2026 https://isc.sans.edu/podcastdetail/9936, (Tue, May 19th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, May 19th, 2026…
CTT – 468,124 breached accounts
In April 2026, data allegedly obtained from CTT, Portugal’s national postal service, was posted to a public hacking forum. The data included 468k unique email addresses along with names, phone numbers and parcel tracking numbers which can be used to…
Are Attackers Hiding Inside Your Network Traffic?
Spur Intelligence found attackers increasingly using VPNs and residential proxies to hide malicious activity in legitimate traffic. The post Are Attackers Hiding Inside Your Network Traffic? appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Do fear the Reaper – stealer swipes macOS users’ passwords, wallets, then backdoors them
While also spoofing all the trusted domains – Apple, Microsoft, and Google – in the same attack This article has been indexed from www.theregister.com – Articles Read the original article: Do fear the Reaper – stealer swipes macOS users’ passwords,…
How Storm-2949 turned a compromised identity into a cloud-wide breach
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft without using malware. This incident shows how threat actors can exploit trusted systems to operate undetected. The post How Storm-2949 turned a compromised identity…