Connecticut National Guard Hosts Cyber Yankee 2026
The Connecticut National Guard is staging Cyber Yankee 2026, a two‑week regional cyber‑defense exercise at Camp Nett from May 4‑15. The drill brings together over 360 military, civilian and international participants to simulate attacks on critical utilities such as gas, water and electricity. Teams are divided into blue (military), orange (civilian partners) and red (adversary) groups, mirroring real‑world breach scenarios. The event underscores growing collaboration between the Guard, federal agencies and private‑sector utilities to protect America’s essential infrastructure.
Google Disrupts Hackers Using AI to Exploit an Unknown Weakness in a Company's Digital Defense
Google’s threat‑intelligence team disrupted a criminal group that used a large‑language‑model AI to locate a previously unknown zero‑day vulnerability and bypass two‑factor authentication on a major system‑admin platform. The attackers’ AI‑assisted approach marks the first confirmed case of a large‑language...
Deepfake Penetration Outpacing Security Preparedness: GetReal Security
GetReal Security’s Deepfake Readiness Benchmark Report reveals that eight‑in‑ten organizations encounter AI‑generated deepfakes, with 45% facing them frequently. Among enterprises with 1,000+ employees, 41% admit they have hired or onboarded a fake candidate. Only 1.5% of respondents claim never seeing...
The Implications of Cyber-Physical Security Convergence in Higher Education
Higher education campuses are experiencing a rapid convergence of physical security systems and cybersecurity due to IoT devices, smart cameras, and networked access controls. This blending expands attack surfaces, creates privacy concerns, and forces fragmented IT, OT, and facilities teams...
Thailand Mandates Biometric IDV for All Social Media Advertisers to Curb Scams
Thailand’s government has issued a new regulation mandating biometric identity verification for every social‑media advertiser, including foreign entities, using facial recognition linked to a national ID or a recognized digital ID. The rule also obliges platforms to retain advertiser records...
AI Agents Are Running Hospital Records and Factory Inspections. Enterprise IAM Was Never Built for Them.
Enterprises are rapidly deploying AI agents for tasks like medical transcription and factory‑floor inspection, but 85% remain in pilot mode while only 5% have moved to production. The bottleneck is not model capability but identity governance—traditional IAM systems can’t inventory,...
Debian 14 Cracks Down on Unreproducible Packages
Midway through Debian 14 "Forky" development, the release team announced a mandatory reproducible‑build policy. New migration software now blocks any package that cannot be rebuilt byte‑for‑byte, and flags regressions in existing testing packages. The move aligns Debian with the broader...
MSPAlliance Launches Service Lines in Cyber Verify for Clearer Compliance Reporting
MSPAlliance has introduced Service Lines within its Cyber Verify platform, allowing managed service providers (MSPs) to directly map audited controls to the specific services they deliver. The new feature clarifies where the MSP’s security responsibilities end and the client’s begin,...
Zimperium Mobile App Response Agent Helps Security Teams Counter Mobile Attacks
Zimperium introduced the Mobile App Response Agent, a new component of its Mobile App Protection Suite designed to accelerate the detection and remediation of mobile‑based fraud and security threats. The tool reduces investigation cycles from hours or days to minutes...
Anthropic’s Bug-Hunting Mythos Was Greatest Marketing Stunt Ever, Says cURL Creator
Anthropic’s security‑focused AI model Mythos was given limited access to the cURL codebase, returning five alleged vulnerabilities. After a thorough review, cURL creator Daniel Stenberg’s team confirmed only one low‑severity CVE, dismissing the rest as false positives or minor bugs....
High-Severity Security Issue Affecting TeamCity On-Premises (CVE-2026-44413) – Update to 2026.1 Now
JetBrains disclosed a high‑severity post‑authentication vulnerability (CVE‑2026‑44413) affecting all TeamCity On‑Premises installations up to version 2025.11.4. The flaw allows any logged‑in user to expose portions of the server API to unauthenticated parties. JetBrains released a full fix in TeamCity 2026.1...
Labyrinth 1.1: Making End-to-End Encrypted Backups Even More Reliable
Meta has launched Labyrinth 1.1, an upgrade to its encrypted storage protocol for Messenger. The new sub‑protocol pushes each message directly into the recipient’s encrypted backup, eliminating reliance on device‑online status. This change improves backup reliability when users lose, replace,...
Vietnam SMEs Strengthen Cybersecurity Amid Digital Transformation
Vietnam is urging its 800,000 SMEs— which make up about 97% of firms and 20% of GDP— to bolster cybersecurity as digital transformation accelerates. The government’s 2026‑2030 program targets 500,000 enterprises, with 300,000 expected to adopt AI and other digital...
The Patching Treadmill: Why Traditional Application Security Is No Longer Enough
Traditional find‑and‑fix and defend‑and‑defer security models are being outpaced by rapid continuous deployment and AI‑assisted coding. Vulnerability backlogs are swelling, with 45% of large‑company flaws remaining unfixed after a year and average remediation times stretching beyond two months. Exploitation is...
Beyond the Cleanup Job: Redefining Application Security for the Modern Enterprise
The article argues that modern enterprises must move application security from a post‑release fix to a board‑level, secure‑by‑design mandate. It highlights CISA’s recommendations for a chief security‑by‑design officer, regular board reporting, and incentive structures. Culture and clear developer communication are...
Stopping Bugs Before They Ship: The Shift to Preventative Security
The software industry is shifting from reactive patching to a preventive security model known as secure‑by‑design, embedding threat modeling and clear trust boundaries early in the development lifecycle. Government agencies like CISA now promote security as a core business requirement,...
Blocked AI-Enabled Cyber Hack Could Have Led to Mass Event: Google
Google’s Threat Intelligence Group disclosed that a sophisticated cybercrime group leveraged artificial intelligence to uncover a previously unknown flaw in a popular open‑source system‑administration tool. The AI‑driven exploit was intercepted before it could be deployed in a mass‑scale attack, marking...
Linux Is Getting a Security Wake-Up Call - Why It Was Inevitable and I'm Not Worried
Linux’s historic reputation for impenetrability is being challenged as two high‑severity kernel bugs—Copy Fail and Dirty Frag—were disclosed within a week. The surge in vulnerabilities stems from Linux’s explosion into cloud, AI, and consumer markets, making it a prime target for...
SHRIDHAR KHANAL: SSL in PostgreSQL
The article explains how to secure PostgreSQL connections with SSL/TLS, covering certificate generation, configuration in postgresql.conf and pg_hba.conf, client settings, and verification methods. It stresses that merely enabling SSL is insufficient; proper verification, hostssl entries, and sslmode=verify-full are required. It...
Second Canvas Data Breach Causes Major Disruptions for Schools, Colleges
Instructure confirmed a second unauthorized intrusion into its Canvas learning management system on May 7, just days after a May 1 breach. The attack exploited vulnerabilities in the platform's Free‑For‑Teacher accounts, forcing temporary shutdowns and causing widespread outages during final‑exam week. Schools...
AI-Powered Hacking Has Exploded Into Industrial-Scale Threat, Google Says
Google’s threat‑intelligence team reports that AI‑powered hacking has leapt from a niche concern to an industrial‑scale threat in just three months. Criminal syndicates and state‑linked actors from China, North Korea and Russia are weaponising commercial large‑language models such as Gemini,...
Microsoft Brings Stronger Passkey Controls to Smartphones, Entra ID, and Microsoft Account Recovery
Microsoft expanded its passkey ecosystem to cover smartphone‑based sign‑in across Windows PCs, Xbox consoles, and Microsoft 365, allowing a single mobile credential to replace passwords. Consumer passkeys now sync via iCloud Keychain or Google Password Manager, unlocking services with device biometrics....
Attackers Targeting Storage Infrastructure for Remote Work
Threat actors are shifting focus from endpoints to storage infrastructure, exploiting on‑premises and cloud storage vulnerabilities to steal data, deploy ransomware, and destroy backups. The move is driven by the high value of consolidated data—personal information, IP, AI training sets,...
Europe Is Moving to Block Microsoft, Amazon, and Google From Handling Government Health, Financial, and Legal Data
The European Commission is set to unveil the Tech Sovereignty Package, a regulatory framework that would restrict U.S. cloud providers from processing sensitive public‑sector data such as health, finance and judicial records. The draft targets Microsoft, Amazon Web Services and...
From Reactive to Predictive: How Healthcare Organizations Can Stay Ahead of Cyber Threats
In 2024 U.S. healthcare faced a record 444 ransomware and data‑theft incidents, making it the most targeted critical‑infrastructure sector. Medical records now command $1,000 per file on dark‑web markets, driving attackers to exploit legacy systems, telehealth platforms, and IoT devices....
Build Application Firewalls Aim to Stop the Next Supply Chain Attack
Supply‑chain attacks continue to infiltrate software during the CI/CD build phase, as recent compromises of the Axios npm library and tools like Trivy and LiteLLM demonstrate. Traditional scanners often miss malicious code that appears benign or exploits zero‑day vulnerabilities. InvisiRisk...
What New Guidance Says For Securing Agentic AI Systems
A joint report from CISA, NSA and allied cyber agencies outlines the security challenges of deploying autonomous, or agentic, AI systems. It details privilege, design, behavior and accountability risks that arise when AI agents act without human oversight. The guidance...
Fake Claude Code Page Pushes PowerShell Stealer at Devs
Ontinue’s Cyber Defense Center uncovered a new information‑stealer distributed through counterfeit Claude Code installation pages. The malicious PowerShell loader, delivered via a disguised /install.ps1 script, injects a tiny native helper into Chromium‑based browsers to extract App‑Bound Encryption keys, cookies, passwords and...
Why Changing Passwords Doesn’t End an Active Directory Breach
Password resets are a common first step after an Active Directory breach, but they don’t automatically close all attack vectors. Windows devices cache password hashes and hybrid AD‑Entra ID setups can lag in syncing new credentials, leaving old passwords usable....
AI Turns Patches Into Working Exploits in 30 Minutes, and the 90-Day Disclosure Window Is the Casualty
AI language models can convert security patches into functional exploits in as little as 30 minutes, rendering the traditional 90‑day disclosure window ineffective. Himanshu Anand, a veteran security analyst, cites three recent cases—including a zero‑price purchase bug, a React framework...
Fsnotify Maintainer Access Change Sparks Supply Chain Security Concerns
The Go filesystem‑notification library fsnotify, used by over 300,000 projects, faced a governance shock when long‑time contributor Yasuhiro Matsumoto lost access to its GitHub organization. The dispute coincided with the release of versions 1.10.0 and 1.10.1 after a year of inactivity, prompting downstream...
Trinity Researchers Bring True Privacy to Cloud Collaboration as Europe Rethinks Its Tech Reliance on US Tech Giants
Trinity College Dublin researchers have unveiled InvizCrypt, a cloud collaboration platform that encrypts documents on the user’s device, ensuring the service provider cannot read any content. The system currently supports LaTeX editing for research teams and will expand to document...
How to Secure Secrets in CI/CD Pipelines
CI/CD pipelines automate every code change but rely on a web of credentials, making them prime targets for secret leakage. Common missteps include storing plain‑text tokens in repositories, using long‑lived keys, and exposing secrets through logs or environment variables. The...
Google Discovers Weaponized Zero-Day Exploits Created with AI
Google's Threat Intelligence Group (GTIG) uncovered what it believes is the first AI‑crafted zero‑day exploit observed in the wild, a Python script that bypasses two‑factor authentication on a widely used open‑source system‑administration tool. The exploit was traced to a cybercrime...
Hackers Use AI for Exploit Development, Attack Automation
Google’s Threat Intelligence Group released research showing that threat actors are now using large language models to develop exploits and automate attacks. The report documents a zero‑day Python script that bypasses two‑factor authentication, likely generated with an AI model, and...
Google Spotted an AI-Developed Zero-Day Before Attackers Could Use It
Google's Threat Intelligence Group uncovered a zero‑day exploit that was generated by artificial intelligence and warned the vulnerable vendor before a notorious cybercrime group could launch a mass‑exploitation campaign. The exploit targeted a popular open‑source web‑based administration tool, using a...
Linux Developers Weigh Emergency “Killswitch” For Vulnerable Kernel Functions
Linux kernel maintainers are evaluating a "killswitch" patch that lets privileged administrators disable individual kernel functions at runtime. The proposal, submitted by Sasha Levin, follows the public disclosure of two high‑impact privilege‑escalation bugs—Copy Fail (CVE‑2026‑31431) and Dirty Frag (CVE‑2026‑43284/43500). By...
Generative AI Turns Identity Theft Into an Industrial-Scale Operation
A Bloomberg investigation reveals that generative AI and autonomous agents are turning identity theft into an industrial‑scale operation in the United States. Tools such as FraudGPT can test millions of Social Security numbers in minutes, while sub‑agents scrape darknet data,...
SailPoint Agentic Fabric Expands Identity Governance to Autonomous AI Agents
SailPoint unveiled Agentic Fabric, a platform that extends its Identity Security Cloud to govern AI agents and other non‑human identities. The solution provides discovery, mapping, real‑time authorization and threat response, linking each agent to a human owner. It launches with...
UK Government Renews Calls to Sign Cyber Resilience Pledge
The UK government is urging businesses to sign the Cyber Resilience Pledge, a new initiative tied to the Cyber Security and Resilience Bill that will launch later this year. The pledge requires three actions: making cyber security a board‑level responsibility,...
Why Penetration Testing in Security Audits Is the Key to Uncovering Vulnerabilities
The article stresses that adding penetration testing to routine security audits is vital for exposing hidden vulnerabilities, especially as AI‑driven threats become more sophisticated. Audits evaluate policies, compliance, and overall system health, while pen tests simulate real attacks to uncover...
CPanel and WHM Servers Targeted in Attacks Exploiting CVE-2026-41940
A critical authentication‑bypass flaw in cPanel and WHM (CVE‑2026‑41940) is being actively exploited by the sophisticated Mr_Rot13 cyber‑crime group. The vulnerability, rated 9.8 on the CVSS scale, lets unauthenticated attackers gain full admin rights on Linux servers. Since its public...
OpenAI Is Offering Europe Access to Its Cybersecurity AI Model. But Anthropic Is Holding Out
OpenAI announced it will grant the European Union access to its new cybersecurity AI model, GPT‑5.5‑Cyber, through a limited preview for vetted cybersecurity teams, governments and EU bodies. The European Commission welcomed the offer, saying it will enable close monitoring...
Webinar This Week: Prevention Alone Is Not Enough Against Modern Attacks
BleepingComputer will host a live webinar on May 14, 2026 featuring Kaseya’s Austin O'Saben. Titled “From phishing to fallout: Why MSPs must rethink both security and recovery,” it examines how AI‑generated phishing, business‑email compromise, ransomware and SaaS abuse bypass traditional defenses. The...
Dirty Frag: Linux Kernel Hit by Second Major Security Flaw in Two Weeks
An independent researcher disclosed a new Linux kernel vulnerability dubbed “Dirty Frag,” following the recent “Copy Fail” bug. The flaw, tracked as CVE‑2026‑43284 and CVE‑2026‑43500, lets a low‑privilege user corrupt in‑memory files and escape containers when both components are chained....
Checkmarx Tackles Another TeamPCP Intrusion as Jenkins Plugin Sabotaged
Checkmarx disclosed that a malicious version of its Jenkins AST plugin was uploaded to the Jenkins Marketplace, prompting an urgent advisory to users. The compromised package, part of the company’s code‑security suite, was identified over the weekend and is being...
PHP SOAP Extension Flaw Could Let Attackers Execute Code Remotely
A set of new PHP vulnerabilities, highlighted by a high‑severity Use‑After‑Free flaw in the SOAP extension (CVE‑2026‑6722), enables remote code execution on unpatched servers. Additional moderate bugs expose denial‑of‑service and out‑of‑bounds read issues across core modules. The flaws affect PHP...
Palantir’s Access to Identifiable NHS England Patient Data Is ‘Dangerous’, MPs Say
The UK NHS has granted US‑based Palantir access to identifiable patient records as part of a £330 million (≈$420 million) contract to build a federated data platform powered by AI. The arrangement allows Palantir engineers “unlimited” access to raw data before it...
Cybersecurity Shifts From Prevention to Resilience at Zero Day Con 2026 in Dublin
At Zero Day Con 2026 in Dublin, cybersecurity leaders declared that the era of pure prevention is ending and resilience is now the core strategy. Speakers from the FBI, Microsoft, and industry vendors highlighted AI’s role as a force‑multiplier that...
New Cybersecurity Industry Coalition Aims to Lead US Critical Infrastructure Protection
Private-sector leaders JPMorgan Chase, Mastercard, AT&T and Berkshire Hathaway Energy launched the Alliance for Critical Infrastructure (ACI) in February to fill a coordination void as federal support wanes. The nonprofit coalition will create working groups and pilot projects focused on...