In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws
SecurityWeek’s weekly roundup highlights a wave of cyber incidents and policy moves. Nvidia’s Armenian partner suffered a data breach exposing personal details of GeForce NOW users, while the FCC extended the security‑patch deadline for foreign‑made routers to January 2029. OpenAI is negotiating EU regulator access to a cyber‑focused GPT‑5.5 model, and Apple and Meta are publicly opposing Canada’s Bill C‑22 encryption backdoor proposal. Additional stories cover AI‑driven security funding, automotive data leaks, and a new open‑source AI vulnerability spec from Cisco.
TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code
TeamPCP, a prolific hacking group, has publicly released the source code for its Shai‑Hulud supply‑chain worm on GitHub, prompting immediate forks before the repositories were taken down. The code reveals a modular framework with loaders, secret‑harvesting modules, encryption, and a...
Enhancing Data Center Security Without Sacrificing Performance
Data center operators are confronting a persistent trade‑off between security agents that consume CPU cycles and the need for peak performance, especially in AI‑focused facilities. Recent hypervisor‑level breaches, such as Broadcom’s March 2025 VMware ESXi zero‑day patches, highlighted that host‑based agents...
New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation
A new Linux kernel flaw, designated CVE‑2026‑46300 and nicknamed Fragnesia, lets an unprivileged user gain root access by corrupting files through the XFRM ESP‑in‑TCP subsystem. The vulnerability enables a memory‑write primitive that can overwrite binaries such as /usr/bin/su or even...
Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere
Anthropic’s Mythos AI model demonstrates a clear advantage in uncovering software vulnerabilities when evaluated on live environments combined with source code, confirming the company’s core claim. XBOW’s independent testing shows the model’s strength wanes on static source‑code analysis alone and...
Akamai to Acquire AI and Browser Security Firm LayerX for $205 Million
Akamai announced an all‑cash acquisition of LayerX for roughly $205 million. LayerX, a startup focused on AI‑driven browser security, brings a platform that monitors user and agentic activity across browsers, apps, and IDEs. The deal, expected to close in Q3 2026, adds...
Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns
Chinese state‑sponsored groups Salt Typhoon and Twill Typhoon have broadened their target sets and refreshed their malware toolkits. Salt Typhoon used the ProxyNotShell exploit chain to breach Microsoft Exchange servers, deploying Deed RAT via DLL sideloading and later re‑introducing the TernDoor backdoor. Twill Typhoon...
F5 Patches Over 50 Vulnerabilities
F5 Networks announced patches for more than 50 vulnerabilities affecting its BIG‑IP, BIG‑IQ and NGINX platforms, including 19 high‑severity and 32 medium‑severity flaws. The most critical issue, CVE‑2026‑42945, scores 9.2 and can cause a denial‑of‑service or code execution if ASLR...
Microsoft Patches 137 Vulnerabilities
Microsoft’s May 2026 Patch Tuesday addressed 137 vulnerabilities across Windows, Office, Azure, and other services, though none have been seen exploited in the wild. About a dozen flaws are rated “exploitation more likely,” with a critical SSO plugin bug (CVE‑2026‑41103) that...
Adobe Patches 52 Vulnerabilities in 10 Products
Adobe released patches for 52 vulnerabilities across ten of its products, including critical‑severity bugs that could enable arbitrary code execution and privilege escalation. More than half of the flaws addressed this month could be exploited for code execution, with denial‑of‑service...
Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware
Security researchers at Aryaka have uncovered the CRPx0 malware campaign that uses a free OnlyFans zip file to infect Windows, macOS and emerging Linux systems. The malicious shortcut inside the archive installs a modular payload that steals cryptocurrency by hijacking...
West Pharmaceutical Services Hit by Disruptive Ransomware Attack
West Pharmaceutical Services disclosed a ransomware intrusion that began on May 4, prompting a proactive shutdown of its on‑premise infrastructure and disrupting global operations. The company enlisted Palo Alto Networks’ Unit 42 to contain the breach, restore systems, and investigate the attack....
Apple Patches Dozens of Vulnerabilities in macOS, iOS
Apple issued 11 new security advisories on May 12, 2026, covering more than 60 CVEs in iOS/iPadOS 26.5—including 20 WebKit flaws—and nearly 80 vulnerabilities in macOS Tahoe 26.5. The patches also extend to macOS Sequoia 15.7.7, Sonoma 14.8.7, watchOS, tvOS...
SAP Patches Critical S/4HANA, Commerce Vulnerabilities
SAP announced its May 2026 Security Patch Day, delivering 15 new security notes that address critical vulnerabilities in its flagship S/4HANA and Commerce platforms. The most severe flaws—CVE‑2026‑34260 and CVE‑2026‑34263—receive a CVSS score of 9.6 and could allow attackers to inject...
Build Application Firewalls Aim to Stop the Next Supply Chain Attack
Supply‑chain attacks continue to infiltrate software during the CI/CD build phase, as recent compromises of the Axios npm library and tools like Trivy and LiteLLM demonstrate. Traditional scanners often miss malicious code that appears benign or exploits zero‑day vulnerabilities. InvisiRisk...
In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
The U.S. government is proposing a drastic cut to its critical‑vulnerability remediation window, moving from 14 days to just three days as AI‑driven exploits accelerate. Meanwhile, a new Linux backdoor called PamDOORa is being sold for $900, offering persistent SSH...
Ransomware Group Takes Credit for Trellix Hack
RansomHouse, a ransomware‑as‑a‑service group, has claimed responsibility for the recent breach of Trellix’s source‑code repository. Trellix confirmed the intrusion but said its code release process appears untouched and no exploitation has been detected. The attackers posted screenshots of internal dashboards,...
Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover
Security firm LayerX has identified a critical flaw, dubbed ClaudeBleed, in Anthropic’s Claude extension for Chrome that lets any zero‑permission extension issue privileged commands to the AI agent. By exploiting lax origin verification, attackers can inject prompts, bypass user confirmations,...
Worries About AI’s Risks to Humanity Loom Over the Trial Pitting Musk Against OpenAI’s Leaders
Elon Musk has sued OpenAI, claiming the company violated its original nonprofit charter, while OpenAI’s leadership counters that Musk is trying to undermine the firm for his own AI ventures. The federal trial in Oakland has become a proxy battle...
Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
Palo Alto Networks disclosed CVE‑2026‑0300, a zero‑day flaw in its PA and VM firewalls that enables unauthenticated remote code execution with root privileges. The vulnerability was actively exploited in the wild by a group labeled CL‑STA‑1132, which used open‑source tools...
Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking
Security firm Mitiga Labs uncovered a stealthy man‑in‑the‑middle attack that lets threat actors steal OAuth tokens from Claude Code, Anthropic’s AI coding assistant. By publishing a malicious npm package that modifies the ~/.claude.json configuration, attackers can redirect MCP traffic through...
Attackers Could Exploit AI Vision Models Using Imperceptible Image Changes
Cisco’s AI Threat Intelligence team released a second study showing that vision‑language models can be tricked by imperceptibly altered images. By applying bounded pixel‑level perturbations, attackers can make blurred or filtered images readable to the model while remaining invisible to...
Vendor Says Daemon Tools Supply Chain Attack Contained
Disc Soft, the developer of Daemon Tools, confirmed a supply‑chain intrusion that trojanized the free Daemon Tools Lite 12.5.1 installer between April 8 and May 5. Kaspersky warned that thousands of computers downloaded the malicious version, which installed an information‑stealing payload and...
AI Coding Agents Could Fuel Next Supply Chain Crisis
Researchers at Adversa.AI uncovered that Claude Code and similar agentic AI coding tools can be duped into executing malicious code with a single trust‑dialog confirmation, granting attackers one‑click remote code execution and opening a supply‑chain vector, especially in CI/CD pipelines....
Cisco Patches High-Severity Vulnerabilities in Enterprise Products
Cisco disclosed patches for five high‑severity vulnerabilities across its enterprise portfolio, including SSRF flaws in Unity Connection and SNMP‑related denial‑of‑service bugs in SG350 switches. Additional DoS issues were fixed in the Crosswork Network Controller, Network Services Orchestrator, and the IoT...
Iranian APT Intrusion Masquerades as Chaos Ransomware Attack
Iran‑linked APT MuddyWater staged a sophisticated intrusion in early 2026 that masqueraded as a Chaos ransomware attack. The group used Microsoft Teams screen‑sharing to harvest credentials, deployed remote‑access tools such as AnyDesk and its own DWAgent, and installed a custom...
Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago
Romanian national Gavril Sandu was extradited to the United States after being arrested in Romania in January 2026. Sandu faces charges for a 2009‑2010 vishing scheme that compromised small‑business VoIP systems, stole payment‑card data and acted as a money mule. The...
Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
Palo Alto Networks disclosed a critical zero‑day vulnerability, CVE‑2026‑0300, that exploits a buffer overflow in the User‑ID Authentication Portal of its PAN‑OS firewalls. The flaw grants unauthenticated attackers root‑level code execution on PA and VM series devices when the portal...
Cybersecurity M&A Roundup: 33 Deals Announced in April 2026
April 2026 saw a surge of cybersecurity consolidation, with 33 deals announced across the sector. Notable transactions include Airbus buying French firm Quarkslab to bolster European sovereign cyber capabilities, and Palo Alto Networks’ $120‑140 million acquisition of AI gateway startup Portkey....
DigiCert Revokes Certificates After Support Portal Hack
DigiCert disclosed that a cyber‑attack on its support portal led to the fraudulent issuance of EV Code Signing certificates. The breach, traced to malicious payloads delivered via a chat channel on April 2, compromised two endpoints and allowed attackers to extract...
Exploitation of ‘Copy Fail’ Linux Vulnerability Begins
A vulnerability dubbed Copy Fail (CVE‑2026‑31431) in the Linux kernel has moved from disclosure to active exploitation, giving attackers root‑level access. The flaw, present in kernels since 2017, lets an unprivileged user overwrite in‑memory data of setuid‑root binaries, enabling privilege escalation...
In Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability
SecurityWeek’s weekly roundup highlights a wave of high‑impact cyber events. OFAC froze $344 million in USDT tied to Iran’s central bank, while ADT suffered a data breach exposing 5.5 million records. Microsoft announced the July 2026 deprecation of TLS 1.0/1.1 for POP and IMAP,...
Two US Security Experts Sentenced to Prison for Helping Ransomware Gang
Two U.S. cybersecurity professionals, Ryan Goldberg and Kevin Martin, received four‑year prison sentences after pleading guilty to conspiring to facilitate BlackCat (Alphv) ransomware attacks. A third expert, Angelo Martino, has also pleaded guilty and awaits sentencing on July 9. While working as...
Hugging Face, ClawHub Abused for Malware Distribution
Security firm Acronis reports that threat actors are exploiting AI model‑sharing platforms Hugging Face and ClawHub to distribute trojanized files. On ClawHub, investigators found nearly 600 malicious skills across 13 developer accounts, with two accounts responsible for over 530 of...
1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom
Over 1,800 developers were hit by the Mini Shai‑Hulud supply‑chain attack that compromised packages across PyPi, NPM, and PHP ecosystems. The campaign, linked to the TeamPCP group, injected credential‑stealing malware into SAP NPM packages, Lightning Python releases, and Intercom client...
AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours
FortiGuard’s 2025 Global Threat Landscape Report warns that cybercrime has become an industrial‑scale operation powered by AI and automation. New AI‑enabled tools such as WormGPT, FraudGPT, HexStrike AI, APEX AI and BruteForceAI dramatically shorten the time‑to‑exploit, now often 24‑48 hours after...
Hundreds of Internet-Facing VNC Servers Expose ICS/OT
Forescout’s latest research reveals that roughly 1.8 million RDP and 1.6 million VNC servers are exposed to the public internet, with a significant share linked to critical industries in the United States and China. Among these, 91 000 RDP and 29 000 VNC instances...
Checkmarx Confirms Data Stolen in Supply Chain Attack
Checkmarx confirmed that a supply‑chain attack on its open‑source KICS project resulted in the theft of source code, employee data, API keys and a 96 GB archive. The breach originated from the Trivy supply‑chain compromise on March 23, 2026, which allowed the...
Iranian Cyber Group Handala Targets US Troops in Bahrain
Iran‑linked cyber group Handala escalated its campaign by targeting U.S. service members stationed in Bahrain, sending WhatsApp messages that threatened drone and missile strikes. The group also published personal data of 2,379 Marine Corps personnel and claimed responsibility for the...
38 Vulnerabilities Found in OpenEMR Medical Software
A security audit by Aisle uncovered 38 vulnerabilities in OpenEMR, the open‑source electronic medical records platform used by more than 100,000 healthcare providers worldwide. The flaws include two critical SQL‑injection bugs (CVE‑2026‑24908 and CVE‑2026‑23627) and an authorization‑bypass issue (CVE‑2026‑24487) that...
Chrome 147, Firefox 150 Security Updates Rolling Out
Google and Mozilla released critical security updates for Chrome 147 and Firefox 150, addressing a total of 34 memory‑safety flaws. Chrome 147 includes 30 fixes, four of which are critical use‑after‑free bugs, while Firefox 150.0.1 patches four high‑severity vulnerabilities. Google...
Cyber Insurance Data Gives CISOs New Ammo for Budget Talks
Resilience’s new cyber‑insurance analysis translates technical threats into monetary loss, giving CISOs a data‑driven script for board budget discussions. The study of manufacturing claims from March 2021‑February 2026 shows ransomware responsible for 90% of incurred loss while representing only 12% of claims....
The Mythos Moment: Enterprises Must Fight Agents with Agents
Anthropic halted the public release of its Claude Mythos preview after recognizing that the model can autonomously locate and exploit software vulnerabilities with high precision. The episode underscores a broader shift toward agentic AI systems capable of planning and executing...
Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable
Sevii introduced Cyber Swarm Defense (CSD), a new mode in its autonomous defense platform that bills customers per protected asset instead of by AI token usage. The fixed‑price model, exemplified by a $50 annual fee per laptop, identity or cloud...
Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety
Researchers disclosed critical security flaws in two popular electric two‑wheelers. Zero Motorcycles’ Bluetooth pairing bug (CVE‑2026‑1354) lets attackers upload malicious firmware that could tamper with throttle, brakes or battery safeguards. Yadea’s T5 scooter suffers a weak authentication flaw (CVE‑2025‑70994) enabling...
OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years
Security firm Cyera disclosed a critical OpenSSH vulnerability, CVE‑2026‑35414, that has existed for roughly 15 years. The flaw stems from mishandling commas in SSH certificate principal names, allowing a low‑privilege identity to be interpreted as root. Because the exploit bypasses...
Firefox Vulnerability Allows Tor User Fingerprinting
Researchers disclosed CVE‑2026‑6770, a vulnerability in Firefox’s IndexedDB API that leaks the internal ordering of database names. The flaw lets unrelated sites generate a stable identifier that survives Private Browsing sessions and links user activity across domains. Because Tor Browser...
In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device
The weekly roundup highlights several high‑profile security developments: Anthropic’s Claude Mythos AI model was accessed by unauthorized testers through a third‑party vendor, prompting tighter access restrictions. Sean Plankey withdrew his nomination for CISA director, leaving the agency without a permanent leader....
Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents
At RSA 2026, the cybersecurity community highlighted the emergence of agentic AI—autonomous systems that can act without human direction. Frameworks such as Mythos demonstrate how AI can orchestrate multi‑step attacks, while defenders are urged to counter with AI‑driven tools. Analysts...
Locked Shields 2026: 41 Nations Strengthen Cyber Resilience in World’s Biggest Exercise
Locked Shields 2026, the NATO‑run live‑fire cyber defence exercise, wrapped up with over 4,000 participants representing 41 nations. Teams defended simulated attacks on air‑defence systems, e‑voting platforms and other critical infrastructure while also confronting disinformation and political pressure. The three...