A new ransomware threat is making waves across dozens of industries and countries, using a surprisingly simple but effective approach to break into systems and lock victims out of their own data. NightSpire, first identified in early 2025, has already…
Microsoft SharePoint Server Vulnerability Enables Remote Code Execution Attacks
Microsoft has disclosed a critical security vulnerability in SharePoint Server that could allow authenticated attackers to execute arbitrary code remotely across multiple versions of the platform. Tracked as CVE-2026-45659 and released on May 21, 2026, the flaw poses a significant…
Microsoft Defender Now Automatically Isolates Compromised Devices to Stop Ransomware Spread
Microsoft Defender for Endpoint has introduced automatic device isolation, a proactive containment capability that disconnects compromised workstations from the network the moment a high-confidence attack is detected without waiting for human intervention. Microsoft Defender for Endpoint can now automatically isolate…
AppOmni’s Marlin AI Brings Autonomous Investigation to SaaS Security
Marlin AI automatically analyzes SaaS misconfigurations, investigates related activity across enterprise environments, and recommends remediation steps — while stopping short of fully autonomous corrective action. The post AppOmni’s Marlin AI Brings Autonomous Investigation to SaaS Security appeared first on SecurityWeek.…
Conifers rolls out AI-powered SOC for unified security operations and automated response
Conifers has announced the launch of its agentic SOC, a unified AI platform designed to help security operations centers defend against cyber adversaries operating at machine speed. Built on the company’s CognitiveSOC platform, the new system connects threat intelligence, threat…
Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)
A relative directory path traversal vulnerability (CVE-2026-34926) in Trend Micro’s Apex One platform has been exploited in zero-day attacks, the company confirmed. “TrendAI has observed at least one attempt to exploit this vulnerability in the wild,” Trend Micro noted, and…
Detectify brings AppSec automation to AI agents with MCP Server and continuous testing
Detectify has unveiled the Detectify MCP (Model Context Protocol) Server, a new integration layer that brings Detectify’s security testing engines directly into AI-driven development workflows, helping coding agents find and validate exploitable vulnerabilities and interpret attack surface data with greater…
[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back
Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Intelligence (AI) tools to make their attacks faster,…
BTMOB Android RAT Spreads Through No-Code Builder Tooling
BTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing lures This article has been indexed from www.infosecurity-magazine.com Read the original article: BTMOB Android RAT Spreads Through No-Code Builder Tooling
7-Eleven data breach affects over 185,000 people’s personal data
The data breach included names, dates-of-birth, postal addresses, and Social Security numbers, according to a state government listing. This article has been indexed from Security News | TechCrunch Read the original article: 7-Eleven data breach affects over 185,000 people’s personal…
Fake software on GitHub and SourceForge distribute Deno RAT
We found fake installers and plugins for ChatGPT, Claude, AutoTune, and other popular software that can give attackers full control over your device. This article has been indexed from Malwarebytes Read the original article: Fake software on GitHub and SourceForge…
Iranian APT Targets Aviation, Software Companies With Updated Tools
Nimbus Manticore has continued its operations during and after the US military campaign against Iran. The post Iranian APT Targets Aviation, Software Companies With Updated Tools appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
IT Security News Hourly Summary 2026-05-26 15h : 16 posts
16 posts were published in the last hour 13:3 : CERT-In Mandates 12-Hour Patch Deadline for Internet-Facing Vulnerabilities 13:3 : 2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind the AI Transformation 13:3 : Check…
CERT-In Mandates 12-Hour Patch Deadline for Internet-Facing Vulnerabilities
India’s national cyber security agency CERT-In has issued a new blueprint that tells organizations to fix critical vulnerabilities in internet‑facing and “crown‑jewel” systems within 12 hours of discovery, as AI‑driven attackers slash exploitation timelines. The guidance marks one of India’s…
2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind the AI Transformation
As AI rapidly reshapes industries, the role of the cloud has become even more critical. From automated customer experiences to intelligent cyber security and predictive analytics, AI transformations are increasingly being built on a cloud-first foundation. Over the past two…
Check Point Frontier AI Models Readiness Program – Security Update
At Check Point we don’t wait for threats to evolve; we evolve ahead of them. This is why we’ve been running our Frontier AI Models Readiness Program: a proactive, structured initiative designed to ensure that our products remain resilient as…
700+ websites hijacked via Ghost CMS SQL injection
More than 700 websites running Ghost Content Management System have been compromised through a critical SQL injection vulnerability, turning trusted domains into malware distribution platforms. This article has been indexed from CyberMaterial Read the original article: 700+ websites hijacked via…
600K+ National Lithuanian Register Data Leak
Lithuania is investigating a significant data breach that exposed more than 600,000 entries from national government registers, with authorities indicating they suspect foreign actors may be behind the incident. This article has been indexed from CyberMaterial Read the original article:…
DockSec – AI-Powered Docker Vulnerability Analysis
OWASP has launched DockSec as an incubator project designed to simplify vulnerability management in Docker containers. This article has been indexed from CyberMaterial Read the original article: DockSec – AI-Powered Docker Vulnerability Analysis
ECB Calls Banks to Urgent AI Cyber Security Meeting
The European Central Bank has summoned banks to an urgent meeting scheduled for Tuesday to address cybersecurity vulnerabilities linked to artificial intelligence technologies. This article has been indexed from CyberMaterial Read the original article: ECB Calls Banks to Urgent AI…
Chief Identity Architect Role Evolution
Identity security remains a reactive rather than proactive concern for most organizations, according to Eric Woodruff, Chief Identity Architect at Semperis. This article has been indexed from CyberMaterial Read the original article: Chief Identity Architect Role Evolution
EU Regulators Prepare Landmark Fine Against Google Under Digital Markets Act
The European Union is preparing to issue a landmark penalty against Google under its Digital Markets Act (DMA), marking a significant escalation in regulatory enforcement against major technology platforms. According to multiple reports, EU regulators have formally accused Alphabet’s Google…
Quasar RAT Hits Developers With Fileless Linux Attacks
Quasar Linux (QLNX) is a new, stealthy Linux Remote Access Trojan that quietly turns developer and DevOps workstations into high‑value beachheads for software supply‑chain attacks, using fileless execution, an eBPF rootkit, PAM backdoors, and a P2P C2 mesh to evade…
Malware Found in Laravel-Lang Composer Packages After Git Tag Poisoning Attack
Attackers have poisoned four Laravel-Lang Composer packages by rewriting hundreds of Git tags, putting many Laravel apps at risk. Hackers compromised four popular Laravel-Lang Composer packages and injected malware by rewriting more than 700 Git tags tied to historical versions.…