Breaking News

FIND INFORMATION ABOUT THE LATEST ADVANCES IN TECHNOLOGY & NEWS RELATED TO CYBERSECURITY & ARTIFICIAL INTELLIGENCE (AI) 

Microsoft Teams Weakness Potentially Allows Spoofing

A new security vulnerability in Microsoft Teams can potentially allow threat actors to conduct a cyberattack known as spoofing, in which a cybercriminal acts like a trusted source while using social engineering tactics. This flaw relates to how the platform deals with files. A patch has recently been made.
Sourced from Cybersecurity News
  • Cybersecurity

Google Confirms That Hackers are Using AI to Exploit Software Flaws

Google's Threat Intelligence group has confirmed that criminal hackers have been using generative AI models to to uncover unknown vulnerabilities in software. In this specific attack, a cybercrime group was successfully able to exploit flaws in a open-source system administration tool to bypass two factor authentication. Many say that this attack might mark the start of the escalation in AI related hacking, cybercrime and warfare.
Sourced by New York Times
  • Cybersecurity

U.S. Defense Contractor Sold Cybersecurity Tools to Russian Broker

Australian cybersecurity executive and former head of Trenchant, Peter Williams, has been ordered to pay $10 million in restitution to his former employer, on top of the $1.3 million he was required to repay. Williams stole seven trade secrets, which includes cyber exploits and surveillance tools, and sold them to Operation Zero, a Russian broker that works just for the Russian government. These stolen tools have claimed to be powerful zero-day exploits capable of accessing millions of devices globally. While Williams was sent to prison for over seven years, some of the stolen tools were seen used by Russian government spies in Ukraine and Chinese cybercriminals.
Sourced by TechCrunch
  • Cybersecurity

Hackers Disguise Cyberattack with JPEG File

A new cyberattack design uses a fake image file to disguise a malicious PowerShell script that pass security protocols. This campaign is targeting Windows systems, and starts off looking like an authentic email. A victim receives an image file through the phishing email. Once the mage is downloaded, an altered version of a remote access tool is present on the system. The Windows OS does not take any precautions because the extension mimics an image file.
Sourced from Cybersecurity News
  • Cybersecurity

CopyFail Bug Affecting Major Versions of Linux

The US government officially issued warning regarding the vulnerabilities which are known as " Copy Fail". Due to the exploit being highly reliable and can be executed via a tiny, cross-platform script, it is a huge threat to cloud environments, CI pipelines and multi-tenant systems.
Sourced by TechCrunch
  • Cybersecurity, Tech Trends & Updates

Cyberattack on Canvas Disrupts UC Berkeley and Peralta Systems

Many schools across the country, including UC Berkeley were disrupted due to a cyberattack that hit the Canvas learning program during the finals period for most colleges. ShinyHunters, a group of teenage and young adult hackers in the U.S. and U.K., claimed responsibility for the breach. This group has been linked to several other large-scale cyberattacks, including the one on Ticketmaster. ShinyHunters have threatened around 9,000 schools to pay the ransom, or else 275 million individuals' data could be leaked. Due to the attack, many schools have continued to block students and teachers from accessing Canvas and any links sent by them.
Sourced by Berkeleyside
  • Cybersecurity

Hackers Mass-Exploit cPanel Bug to Control Thousands of Websites

Servers running cPanel and Webhost are at high risk for hacking because of vulnerabilities in its software. As of May 4th 2026, more than 500,000k servers are said to be compromised. Due to the severity of the issue, CISA put the vulnerability on it's KEV list which indicates that it should be patched up immediately.
Sourced by TechCrunch
  • Cybersecurity

Ubuntu Outage Caused by Distributed Denial-of-Service Attacks

Starting on April 30, the Linux operating system Ubuntu experienced DDoS (Distributed Denial-of-Service) attacks, preventing users from being able to update and install Ubuntu. A group of hacktivists, dubbed The Islamic Cyber Resistance, claimed that they were responsible for the DDoS attack through the use of Beamed, a DDoS for-hire service, whose attacks can reach 3.5 Terabits per second. This service allows anyone to pay for the launch of DDoS attacks, regardless of their technical skills, and is a service which authorities like the FBI must consistently take down.
Sourced from TechCrunch
  • Cybersecurity, Tech Trends & Updates

Medtronic Data Breach of 9M Records and Confirmed

Medtronic, a leading global medical technology company, faces a data leak after being hacked by group named 'ShinyHunters'. Medtronic was forced to pay a ransom by April 21st and was told to do so otherwise data would be leaked. The company states that there have been no changes in products, customers, and safety of patients. Investigations are being held to determine whether or not personal data has been accessed by hackers.
Sourced from Security Week
  • Cybersecurity

Kansas School District Loses $3.2M Through Cybersecurity Incident

Pine Bluff School District lost over $3.2M through a cybersecurity incident in regards to a brand new high school opening up. The incident occured on December 17th, however has only publicly been mentioned now. The school district has a construction management company and through a hack in an email chain, the payment was required through wire transfer. The finance director finalized the large payment. Though Citibank has been informed, investigations are being initiated.
Sourced from Arkansas Times
  • Cybersecurity

Researchers Detect GlassWorm v2 Malware in VS Code Extensions

Cybersecurity researchers have detected 73 extensions with the information-stealing campaign. Six of the extensions were reported malicious, while the rest were initially harmless until users updated the package. Unsuspected developers were tricked into installing the extensions because it had the same icon and description as the original packages. They created visual trust before serving malware to the users. The end goal was to run malware that avoids Russian systems, steal data, install a trojan, and deploy a Chromium-based extension. More than 320 artifacts were identified since December 21, 2025.
Sourced by The Hacker News
  • Cybersecurity

NASA Employees Yield to Chinese Spear-Phishing Campaign

An engineer of Chinese origin, Song Wu, conducted a targeted spear-phishing campaign to gather private data from national institutes. Some include NASA, the Space Agency, Air Force, Navy, Army, and the FAA. Song Wu sent requests while impersonating an American engineer to NASA employees, who simply thought they were sharing software with colleagues. The Officer Inspector General of NASA admits that phishing campaigns continue to get more sophisticated. Wu currently remains on the FBI's most wanted.
Sourced from NASA
  • Cybersecurity

Anthropic's Claude Mythos Reveals Hundreds of Zero-Day Vulnerabilities in Firefox

Anthropic's most recent AI-model, Claude Mythos, uncovered 271 distinct zero-day vulnerabilities within Mozilla. A Firefox representative states that they don't think AI-powered vulnerability detection systems will defy current comprehension. With the power and capability of this AI model, Anthropic only offers Mythos to some top-tier organizations through Project Glasswing.
Sourced from Security Week
  • AI, Cybersecurity

Microsoft Integrates Claude Mythos into its Security Development Program

Microsoft will embed Anthropic's Claude Mythos Preview into its secure coding framework, which will help identify vulnerabilities and develop fixes earlier. Anthropic announced that it will first deploy the Claude Mythos Preview as part of "Project Glasswing", where major technology companies, like Microsoft, Apple, and Amazon, can use it to search for cybersecurity risks. Mythos is able to find major weaknesses in operating systems and other software, is capable to code at a high level, and is able devise ways to exploit cybersecurity vulnerabilities.
Sourced by Yahoo Finance
  • Cybersecurity, Tech Trends & Updates

Lotus Wiper Targets Venezuelan Energy Sectors

The wiper malware removed recovery machines, overdrove physical drives, and deleted files leaving the system in an unrecoverable state. This activity wasn't motivated by financial gain, but rather total infrastructure destruction, sabotage, and permanent data loss. Since the hackers attacked older Window systems, they likely had an idea of the environment and compromised the domain long before the attack took place.
Sourced by Security Week
  • Cybersecurity
Load More