A critical vulnerability dubbed “ClaudeBleed” has compromised Anthropic’s trusted AI assistant, potentially turning it into a backdoor. This severe design flaw in the Claude Chrome extension allows malicious add-ons to hijack the AI secretly. Even extensions with zero declared permissions…
Fake TronLink Chrome Extension Steals Crypto Wallet Credentials
A newly uncovered phishing campaign is targeting TRON wallet users through a deceptive Chrome extension that mimics the popular TronLink wallet. The campaign highlights how modern browser extension abuse is evolving beyond static code inspection, making detection significantly harder. At…
OpenAI’s Daybreak uses Codex Security to identify risky attack paths
OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It combines OpenAI models, Codex Security, and cyber-focused GPT-5.5 variants to help organizations identify, validate, and prioritize software vulnerabilities. How…
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The…
A.I. software flaw hackers, Forza Horizon 6 leak, Linux kernel hit again
A.I. hackers find software flaw Xbox leaks ‘Forza Horizon 6’ Linux kernel hit by 2nd flaw Get the show notes here: Huge thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email,…
Meta Removes Full Encryption From Instagram
End-to-end encryption offering removed for Instagram direct messages, amid criticism over child safety This article has been indexed from Silicon UK Read the original article: Meta Removes Full Encryption From Instagram
Microsoft Warns: MistralAI PyPI Package Compromised with Malware
Mistral’s official Python client on PyPI has been pulled into the ongoing wave of AI supply‑chain attacks, with Microsoft warning that version 2.4.6 of the mistralai package was backdoored to silently deploy a credential‑stealing payload on Linux systems. The logic is designed…
South Staffordshire Water Fined £1m After Data Breach
The ICO has fined South Staffordshire Water nearly £1m for a series of data protection failings This article has been indexed from www.infosecurity-magazine.com Read the original article: South Staffordshire Water Fined £1m After Data Breach
TikTok Scales Back AI Summaries After Bizarre Results
TikTok to limit AI summaries of videos after tool creates fanciful descriptions seemingly unrelated to material in question This article has been indexed from Silicon UK Read the original article: TikTok Scales Back AI Summaries After Bizarre Results
OpenAI Daybreak Automates Detects and Fix Vulnerabilities Automatically
OpenAI has introduced Daybreak, a strategic initiative to change how modern software is built and defended against emerging threats. Moving away from traditional reactive patching, Daybreak focuses on making software resilient by design from the very beginning of the development…
TrickMo Android Banking Malware Targets Banking, Wallet, and Authenticator Apps
A dangerous Android banking malware known as TrickMo has resurfaced with a powerful new variant, and this time it is more stealthy, more capable, and harder to stop than ever before. The threat is actively targeting users of banking apps,…
PoC Exploit Released for Android Zero-Click Vulnerability that Enables Remote Shell Access
In a chilling blow to mobile security, Google’s May 2026 Android Security Bulletin has unmasked a catastrophic zero-click vulnerability lurking within the core Android System. The CVE-2026-0073 flaw in Android’s adbd daemon lets nearby threat actors remotely gain full shell…
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues. “Daybreak combines the…
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement” with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities. In an…
Hackers Disrupt Exams With Software Breach
Hacking group interrupts exams in breach of Canvas educational platform used by thousands of universities, schools in US, Canada, Australia This article has been indexed from Silicon UK Read the original article: Hackers Disrupt Exams With Software Breach
OpenAI Daybreak Automates Vulnerability Detection and Patching
The relentless race against zero-day exploits and sophisticated cyberattacks requires a revolutionary approach to software security. Defenders are constantly overwhelmed by massive backlogs of alerts and the sheer volume of code requiring manual review. Enter OpenAI Daybreak, a frontier artificial…
Android banking Trojan TrickMo evolves using TON network for C2
ThreatFabric found a new TrickMo Android trojan focused on stealth and persistence, moving its command-and-control traffic to the TON network. Security researchers at ThreatFabric have recently identified a new version of TrickMo, a dangerous Android banking trojan that shows how…
EU New Tech Package May Restrict Microsoft, Amazon, and Google From Handling Public Sector Sensitive Data
The European Commission is set to introduce a Tech Sovereignty Package later this month that could limit companies like Microsoft, Amazon, and Google from proce Thank you for being a Ghacks reader. The post EU New Tech Package May Restrict…
TikTok To Introduce Paid Subscriptions In UK
TikTok to allow users to pay for an ad-free experience, but free users will lose ability to switch off personalised ads This article has been indexed from Silicon UK Read the original article: TikTok To Introduce Paid Subscriptions In UK
IT Security News Hourly Summary 2026-05-12 09h : 8 posts
8 posts were published in the last hour 7:5 : Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers 7:4 : OpenAI Launches ‘Daybreak’: GPT-5.5 Powered To Detect Sotfware Vulnerability 7:4 : State of ransomware in 2026 7:4…
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers
Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecommerce websites stealthily. Because GTM is widely used and loaded from the trusted domain googletagmanager.com, malicious scripts can…
OpenAI Launches ‘Daybreak’: GPT-5.5 Powered To Detect Sotfware Vulnerability
Daybreak is more than just a new AI model — it’s a complete cybersecurity platform built to develop… The post OpenAI Launches ‘Daybreak’: GPT-5.5 Powered To Detect Sotfware Vulnerability appeared first on Hackers Online Club. This article has been indexed…
State of ransomware in 2026
Kaspersky researchers are sharing insights into the main ransomware trends for 2026: EDR killers on the rise, switching from data encryption to data leaks, and more. This article has been indexed from Securelist Read the original article: State of ransomware…
New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes
A new tool, BitUnlocker, reveals a practical downgrade attack against Microsoft’s BitLocker encryption, allowing attackers with physical access to decrypt protected volumes on patched Windows 11 machines in under 5 minutes by exploiting a crucial gap between patching and certificate…