Skip to content

News

World Cybersecurity News

RSS The Hacker News
  • Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access May 15, 2026
    The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that's engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is assessed to be affiliated with Center 16 of Russia's Federal Security Service (FSB)
  • Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence May 15, 2026
    Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence. The vulnerabilities, collectively dubbed Claw Chain by Cyera, can permit an attacker to establish a foothold, expose sensitive data, and plant backdoors. A brief description of the flaws is below -
  • What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface May 15, 2026
    In Your Biggest Security Risk Isn't Malware — It's What You Already Trust, we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration. PowerShell, WMIC, netsh, Certutil, MSBuild — the same trusted utilities your IT team uses every day are also the preferred […]
  • TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates May 15, 2026
    OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified in an unauthorized manner. "Upon identification of the malicious activity, we worked quickly to investigate, contain, […]
  • On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email May 15, 2026
    Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting […]
  • CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits May 15, 2026
    The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026. The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It's
  • Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access May 14, 2026
    Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. "A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly
  • Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets May 14, 2026
    Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious - node-ipc@9.1.6 node-ipc@9.2.3 node-ipc@12.0.1 "Early analysis indicates that node-ipc@9.1.6, node-ipc@9.2.3, and node-ipc@12.0.1
  • ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories May 14, 2026
    Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years […]
  • Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike May 14, 2026
    The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It's also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC‑0057
RSS Cybercrime Magazine
  • AI-Assisted Cybersecurity Leadership Services For Small And Mid-Sized Businesses (SMBs) May 15, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 15, 2026 –Read the full story in SC Media According to the 2026 CISO Report from Cybersecurity Ventures, sponsored by Sophos, there are now about 35,000 full-time CISOs worldwide. Most of them are The post AI-Assisted Cybersecurity Leadership Services For Small And Mid-Sized […]
    Taylor Fox
  • The Missing Cybersecurity Leader In Small Business May 14, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 14, 2026 –Read the full story in CyberScoop CyberScoop reports that the average cyberattack costs for a small- or medium-size business is more than $250,000. The salary for a chief information security officer The post The Missing Cybersecurity Leader In Small Business appeared […]
    Taylor Fox
  • Legion Security: Grow Your Own AI SOC May 13, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 13, 2026 – Watch the YouTube video The challenge Legion Security addresses is well-known: for more than two decades, SOC teams have struggled with overwhelming alert volumes and persistent staffing shortages, typically lacking between 26 The post Legion Security: Grow Your Own AI SOC appeared […]
    Taylor Fox
  • Women In Cybersecurity Report, Spring 2026 May 12, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 12, 2026 – Watch the YouTube video The Women in Cybersecurity Report, a 7-minute video hosted by Cybercrime Magazine Deputy Editor Amanda Glassner, highlights the latest breakthroughs, voices, and stories from women leading The post Women In Cybersecurity Report, Spring 2026 appeared first […]
    Taylor Fox
  • The Answer To India’s Cybersecurity Leadership Gap: AI And Managed Services May 11, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 11, 2026 – Read the full story from Enterprise Times The 2026 CISO Report from Cybersecurity Ventures in partnership with Sophos points out a structural imbalance in cybersecurity today, with 35,000 CISOs The post The Answer To India’s Cybersecurity Leadership Gap: AI […]
    Taylor Fox
  • Why The CISO Role Is Becoming More Demanding In 2026 May 8, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 8, 2026 – Read the full story from United States Cybersecurity Institute Personal legal liability, expanding scope, and constrained budgets have driven experienced professionals out of the chief information security officer The post Why The CISO Role Is Becoming More Demanding […]
    Taylor Fox
  • 50 Years Of Apple Computer: The Most Complete Collection In The U.S. May 7, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 7, 2026 – Watch the YouTube video Cybercrime Magazine visited the Long Island Museum in Stony Brook, N.Y., and explored the most complete collection of Apple computers in the U.S. (and maybe the The post 50 Years Of Apple Computer: The Most Complete […]
    Taylor Fox
  • Cybersecurity In The Boardroom: “How Do We Respond To Mythos?” Fight AI With AI May 6, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 6, 2026 – Read the full story from BreachLock When Anthropic’s Mythos demonstrated it could autonomously surface critical software flaws that went undetected for decades, the reaction was predictable. Boards demanded briefings. The post Cybersecurity In The Boardroom: “How Do We Respond […]
    Taylor Fox
  • QevlarAI: Moving SOC Teams From Reactive Mode To Proactive Defense May 5, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 5, 2026 – Watch the YouTube video SOC teams are overwhelmed by the volume of threat alerts they must manage. A Forrester analysis found that just three attack scenarios can trigger thousands of The post QevlarAI: Moving SOC Teams From Reactive Mode To […]
    Taylor Fox
  • Black Hat USA 2026, Aug. 1-6. Las Vegas. REGISTER & Save with the CODE: CYBERCRIME May 4, 2026
    This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 4, 2026 – Watch the YouTube video Step into the future of cybersecurity at Black Hat USA 2026, Aug. 1-6, in Las Vegas. REGISTER Now & Save with the CODE: CYBERCRIME. The premier The post Black Hat USA 2026, Aug. 1-6. Las Vegas. […]
    Taylor Fox

Cyberthreat Real Time Map

For more detailed map and information click here