AI Cyberattacks Are Escalating Across the Americas. This Webinar Explains Why
In the first quarter of 2026 the Americas saw a sharp rise in AI‑powered cyberattacks, ransomware bursts, and assaults on critical infrastructure. Threat actors leveraged generative AI to automate phishing, deepfake creation, and rapid exploitation, making detection harder. Nation‑state groups linked to China, Russia, Iran and North Korea intensified espionage and disruption campaigns across healthcare, energy, manufacturing and government sectors. To dissect these trends, Cyble will host a live webinar on May 28, offering expert analysis and a complimentary Q1 threat‑landscape report.
Trading Firms Urged to Strengthen Vendor Oversight
At FINRA’s 2026 Annual Conference, a panel warned that AI‑driven fraud is making third‑party vendor risk harder to manage for financial firms. Speakers highlighted that cybercriminals now leverage inexpensive AI tools to launch sophisticated scams, forcing institutions to upgrade AI‑based...
Fired Employee Sought AI Help to Hide Deletion of Hosting Firm’s Customer Data
A Virginia jury convicted former hosting‑firm employee Sohaib Akhter for using an AI chatbot to learn how to erase system logs and delete 96 federal databases after he and his brother were terminated. The brothers retained company laptops and privileged...
Researchers Say AI Just Broke Every Benchmark for Autonomous Cyber Capability
Researchers at the UK AI Security Institute and Palo Alto Networks found that Anthropic’s Claude Mythos Preview and OpenAI’s GPT‑5.5 have outpaced the previously observed doubling trend in autonomous cybersecurity task performance. In AISI’s cyber‑range simulations, Claude Mythos completed both...
Attackers Weaponize RubyGems for Data Dead Drops
Security firm Socket uncovered a new threat campaign, dubbed GemStuffer, that abuses the RubyGems package registry as a dead‑drop for exfiltrated data. Over 100 malicious gems were published, each containing scripts that scrape public council data in London and then...
The Reality of Implementing Zero Trust for Defense Operational Technology
The Department of Defense issued new guidance in late 2025 that tailors Zero Trust principles specifically for operational technology (OT). The policy separates IT‑focused standards from OT requirements, acknowledging that legacy controllers and diverse process equipment cannot support traditional software‑based...
The Next Phase of Zero Trust: From Recognizing Known Threats to Stopping Threats
The Federal Zero Trust Strategy (M‑22‑09) gave agencies measurable goals such as phishing‑resistant MFA and endpoint detection, reshaping U.S. government cybersecurity. However, the focus on identifying known threats leaves a gap as adversaries employ novel, AI‑driven attacks that evade static...
Weaponized AI: The New Frontier of Fraud and Identity Spoofing
Enterprises are confronting a surge in AI‑generated fraud as criminals weaponize generative models to mass‑produce synthetic identities and deepfake impersonations. In the past 24 months, synthetic identities have risen 100‑fold and deepfake‑driven attacks sevenfold, with Deloitte forecasting U.S. AI‑enabled fraud...
OpenAI’s Daybreak and Anthropic’s Glasswing Have Nearly Identical Benchmarks — and 3 of the Same Partners
OpenAI unveiled Daybreak, a cybersecurity platform built on GPT‑5.5 with a tiered trust framework, while Anthropic’s Glasswing consortium, powered by Claude Mythos Preview, offers a similar capability. Independent testing by the UK AI Security Institute shows the two models perform...
NVIDIA NemoClaw Research Highlights AI Sandbox Exfiltration Risks
Lasso security researchers demonstrated that sandboxed autonomous AI agents can still exfiltrate sensitive data from NVIDIA’s NemoClaw and OpenShell environments. By abusing trusted tools such as GitHub, npm, and approved binaries, the team stole API keys, environment variables, and credentials...
Researchers Build Cybersecurity Framework for EUDI Wallets
The European Union’s deadline for member states to launch European Digital Identity (EUDI) wallets is set for the end of 2026, prompting a surge of new digital‑identity apps. A three‑year research project led by the University of Szeged, with partners...
Avada Builder Flaws Expose One Million WordPress Sites
Two critical vulnerabilities in the Avada Builder WordPress plugin have put roughly one million sites at risk. The first, CVE‑2026‑4782, is an arbitrary file‑read flaw that lets subscriber‑level users access sensitive files like wp‑config.php. The second, CVE‑2026‑4798, is an unauthenticated...
Ransomware: Over Half of CISOs Would Consider Paying Ransom to Hackers
A new Absolute Security survey of 750 CISOs reveals that 58% would consider paying a ransomware ransom to restore encrypted systems, with U.S. leaders more inclined (63%) than their U.K. peers (47%). While 83% express confidence in rapid recovery, actual...
Microsoft’s New AI System Finds 16 Windows Flaws, Including Four Critical RCEs
Microsoft unveiled MDASH, an AI‑driven vulnerability discovery platform that identified 16 previously unknown Windows flaws, including four critical remote code execution bugs, which were patched in the May 12 Patch Tuesday release. MDASH orchestrates over 100 specialized AI agents to scan...
Cisco Open-Sources Agentic AI Security Spec
Cisco has open‑sourced its internally developed Foundry Security Spec, a comprehensive framework for evaluating and governing agentic AI in cybersecurity. Hosted on GitHub and built for use with the spec‑kit workflow, the spec outlines eight core agent roles, five extensions,...
Amazon Shares Data on Their Customer Passkey Adoption
Amazon disclosed that 465 million of its customers now use passkeys for authentication. Passkeys enable sign‑ins that are about six times faster than traditional passwords and rely on biometrics or device PINs. Adoption has surged 75% year‑on‑year in 2026, and Amazon...
NIST Narrows the NVD: What Container Security Programs Should Reassess
On April 15, NIST announced a prioritized enrichment model for the National Vulnerability Database, limiting full CVSS scores, CPE mappings, and CWE classifications to three categories of CVEs: those in the CISA KEV catalog, federal‑government software, and "critical" software under Executive...
Toxic Flows: When Your AI Agent Skill Becomes a Supply Chain Attack
Snyk’s ToxicSkills study audited over 3,000 AI agent skills and uncovered widespread vulnerabilities, with 36% of skills containing security flaws and 13% harboring critical issues such as credential theft and backdoor installation. The research revealed that 91% of confirmed malicious...
Microsoft May 2026 Patch Tuesday Fixes 120 Vulnerabilities, No Zero-Day Exploits Reported
Microsoft’s May 2026 Patch Tuesday delivered fixes for roughly 120 vulnerabilities across Windows, Office, and enterprise services. The bulletin includes 17 critical flaws—14 of them remote code execution (RCE) bugs—but reports no publicly disclosed or actively exploited zero‑day attacks. High‑impact issues...
Veeam Introduces New Backup Management, Cybersecurity Features
Veeam Software unveiled version 13.1 of its flagship Veeam Data Platform, delivering more than 70 enhancements that include post‑quantum cryptography and an expanded malware scanner covering AWS, Azure, Microsoft 365 and NAS environments. The company also launched the DataAI Command Platform,...
Reducing CVE Fatigue with Red Hat Hardened Images and Anchore
Container teams face overwhelming CVE scans that include irrelevant findings, slowing remediation. Red Hat’s Hardened Images provide minimal, purpose‑built containers that reduce the attack surface and the number of scan results. Anchore adds continuous SBOM generation, vulnerability matching and policy enforcement,...
5 Ways to Fix Misleading Vulnerability Severities with Policy
GitLab introduced vulnerability management severity override policies that let teams automatically adjust CVSS scores based on context such as CVE ID, CWE, file path, or exploitation intelligence. The policies can set, increase, or decrease severity levels on each default‑branch pipeline,...
Banks Slash Patch Times as Anthropic’s Mythos Exposes Security Gaps
Large U.S. banks with access to Anthropic's Mythos AI model have uncovered hundreds to thousands of low‑ to moderate‑risk vulnerabilities, prompting a rapid shift from weeks‑long to days‑long patch cycles. The model can combine minor flaws into high‑risk exposures, forcing...
Infosys Opens Dedicated GSOC in North Sydney
Infosys has opened its first dedicated Global Security Operations Center in Australia, located in North Sydney. The GSOC provides 24/7 monitoring, threat detection and incident‑response services, leveraging both local expertise and Infosys’ global security framework. The launch follows Infosys’ acquisition...
Instructure Pays Canvas Hackers To Delete Students' Stolen Data
Education‑technology provider Instructure announced it reached an agreement with the hackers who exfiltrated 3.5 TB of student and university data from its Canvas platform. The company says it paid the criminals and received digital confirmation that the data was destroyed and...
The End of the Artisanal Hack: How AI Industrialized Cybercrime
Google Cloud researchers reported the first AI‑generated zero‑day exploit tied to a mass‑scale campaign, signalling the industrialization of cybercrime. AI is compressing the cost and skill needed for each stage of an attack, turning hacking from artisanal to mass‑manufactured. Enterprises...
Foxconn Ransomware Attack Shows Nothing Is Safe Forever
A ransomware group claims to have stolen 8 TB of data from Foxconn, including schematics for customers such as Dell, Google, Apple, and Nvidia. Foxconn confirmed that several North American factories experienced a cyberattack but said production is resuming. The incident...
Pwn a CEO with a Single Email? Patch Tuesday Brings Nasty Zero-Click Outlook Bug
Microsoft’s May 2026 Patch Tuesday introduced a critical zero‑click remote code execution vulnerability affecting Outlook. The flaw, originally cataloged as a Word issue, actually enables attackers to execute arbitrary code simply by sending a crafted email, with no user interaction...
Strengthening Salesforce Security Against AI-Driven Threats
Salesforce announced a June 2026 enforcement wave that tightens security across all customer orgs to counter AI‑driven threats. The rollout makes multi‑factor authentication mandatory for every user, adds phishing‑resistant MFA for admins and privileged roles, and introduces step‑up authentication for report...
The Pentagon’s Cyber Rules Leave MSPs as an Attack Vector
The Pentagon’s Cybersecurity Maturity Model Certification (CMMC) aims to secure defense supply chains, but its current framework treats Managed Service Providers (MSPs) as voluntary external service providers, leaving a certification gap. MSPs, which give small and medium‑sized defense contractors affordable...
Jensen Huang and Bill McDermott Bet on OpenShell to Secure Enterprise AI Agents
Nvidia unveiled OpenShell, an open‑source sandboxed runtime designed to secure autonomous AI agents operating at machine speed. The runtime isolates each agent in its own sandbox and routes credential handling through a gateway, eliminating direct OS or network access. ServiceNow...
Signal Adds Security Warnings for Social Engineering, Phishing Attacks
Signal has rolled out in‑app confirmations and warning messages to curb phishing and social‑engineering attacks. The new UI flags unverified contacts, shows “No groups in common,” and reminds users that Signal never asks for registration codes or PINs. The changes...
The Canvas Breach: Reframing Higher Ed’s SaaS Risk Exposure
Cybercriminal group ShinyHunters breached Instructure's Canvas LMS, exfiltrating over 6.65 TB of data that includes 275 million records from 8,809 educational institutions worldwide. Instructure detected the intrusion on April 29, revoked credentials, deployed patches, and ultimately paid a ransom to have the data...
Microsoft Releases Windows 10 KB5087544 Extended Security Update
Microsoft released the Windows 10 KB5087544 extended security update, targeting Enterprise LTSC and ESU customers. The patch addresses the May 2026 Patch Tuesday batch, fixing 120 vulnerabilities and correcting a Remote Desktop warning rendering issue on multi‑monitor setups. It also adds dynamic Secure Boot...
Fortinet Warns of Critical RCE Flaws in FortiSandbox and FortiAuthenticator
Fortinet released emergency patches for two critical remote‑code‑execution flaws affecting its FortiAuthenticator IAM solution (CVE‑2026‑44277) and FortiSandbox platform (CVE‑2026‑26083). The updates cover on‑premise, cloud, and PaaS versions, while FortiAuthenticator Cloud is not impacted. Although no active exploitation has been reported,...
Microsoft May 2026 Patch Tuesday Fixes 120 Flaws, No Zero-Days
Microsoft’s May 2026 Patch Tuesday delivered security updates for 120 flaws across its product portfolio. The release includes 17 critical vulnerabilities—14 remote code execution, two elevation‑of‑privilege, and one information‑disclosure flaw. Notably, four critical Office RCE bugs can be triggered through the...
Microsoft Patches 137 Vulnerabilities
Microsoft’s May 2026 Patch Tuesday addressed 137 vulnerabilities across Windows, Office, Azure, and other services, though none have been seen exploited in the wild. About a dozen flaws are rated “exploitation more likely,” with a critical SSO plugin bug (CVE‑2026‑41103) that...
Microsoft Releases Rare Zero-Day Free Patch Tuesday Update
Microsoft's May 2026 Patch Tuesday addressed roughly 140 CVEs but contained no zero‑day exploits, a rarity for the monthly release. Despite the calm, the update includes nearly 20 critical‑severity flaws, notably remote code execution bugs in Windows DNS Client, Netlogon,...
AEGIS, Quantum eMotion, and SEETEL Launch Quantum-Secured Energy Platform
Aegis Critical Energy Defence, Quantum eMotion, and SEETEL New Energy have expanded their partnership to launch a quantum‑secured Battery Energy Storage System platform. The solution embeds Quantum Random Number Generator encryption into the hardware, protecting against “harvest now, decrypt later”...
Mistral AI SDK, TanStack Router Hit in Npm Software Supply Chain Attack
A coordinated supply‑chain attack by the TeamPCP group compromised roughly 170 npm and PyPI packages, including the entire TanStack Router ecosystem of 42 packages and Mistral AI’s SDK suite. The attackers leveraged a misconfigured GitHub Actions workflow (pull_request_target) to harvest...
Cydome and ABB Partner to Advance Maritime Risk Management
ABB and maritime‑cybersecurity specialist Cydome have announced a partnership that fuses ABB’s weather routing and voyage‑optimization data with Cydome’s AI‑driven risk‑management engine. The combined solution gives ship owners a unified view of cyber and operational threats, enabling more accurate anomaly...
Android Will Hang up on Banking Scammers for You - How Its New Anti-Spoofing Feature Works
Google is rolling out a new Android feature that automatically hangs up on spoofed banking calls. The system queries the user’s installed banking app to verify inbound calls; if the number is spoofed, the call is disconnected. Initially available on...
Google and Amnesty International Teamed up to Make It Harder for Spyware Vendors to Hide
Google has begun rolling out Intrusion Logging, a new forensic feature for Android devices, in partnership with Amnesty International and other digital‑rights groups. The tool, part of Android Advanced Protection Mode, records security events such as device unlocks, physical access,...
Android 17 to Expand Banking Scam Call and Privacy Protections
Google’s upcoming Android 17 release adds a suite of security upgrades aimed at curbing banking‑scam calls, device theft, and privacy breaches. The new call‑blocking feature works with banks such as Revolut, Itaú Unibanco and Nubank to detect spoofed numbers and terminate...
Google Launches New Android Security Feature to Help Uncover Spyware Attacks
Google has begun rolling out an opt‑in feature called Intrusion Logging to Android devices running the December 16 update or later. The tool, part of Advanced Protection Mode, creates encrypted daily logs of system events—unlock attempts, app installs, ADB connections,...
Over 1 Million Baby Monitors and Security Cameras Exposed Through Meari Flaws
Security researchers uncovered multiple critical vulnerabilities in Meari Technology’s white‑label IoT platform, exposing over one million baby monitors and security cameras worldwide. The flaws, cataloged as CVE‑2026‑33356, CVE‑2026‑33359 and CVE‑2026‑33362, allowed unauthenticated access to live video streams, stored images, and...
Adobe Patches 52 Vulnerabilities in 10 Products
Adobe released patches for 52 vulnerabilities across ten of its products, including critical‑severity bugs that could enable arbitrary code execution and privilege escalation. More than half of the flaws addressed this month could be exploited for code execution, with denial‑of‑service...
Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days
Pwn2Own Berlin 2026 hit its registration limit on May 7, forcing organizers to close entries early. The surge in submissions is driven by AI‑enhanced tools such as Claude Code, GitHub Copilot, and others that accelerate zero‑day exploit creation. Researchers who were denied a...
Google Uncovers First Known AI-Built Cyberattack Tool
Google’s Threat Analysis Group has disclosed the first known cyberattack tool that was entirely generated by artificial intelligence. The tool, dubbed "AI‑Marauder," automates exploit development, payload obfuscation, and command‑and‑control setup without human code authorship. Researchers traced its code to a...
Stealthy Hackers Exploit cPanel Flaw in Active Backdoor Campaign (CVE-2026-41940)
Security researchers at XLab have uncovered an active campaign exploiting the newly disclosed CVE‑2026‑41940 flaw in cPanel & WHM. The vulnerability lets attackers log in without credentials, gain root control, and install persistent backdoors, web shells, and a custom trojan...