Artificial intelligence is “an unstoppable force” that is being weaponized in ways that fall just short of traditional warfare, Britain’s cyberspying chief warned Wednesday. Anne Keast-Butler, director of the communications intelligence agency GCHQ, also said Britain and its allies are… Read More "UK Cyberspying Chief Calls AI ‘an Unstoppable Force’ and Warns About Russia"
Ravie LakshmananMay 27, 2026Threat Intelligence / Supply Chain Attack Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named “mouse5212-super-formatter,” is designed to upload files… Read More "Malicious npm Package Stole Files From Claude AI User Directory via GitHub"
Major Linux distributions are rushing to fix two new vulnerabilities after the disclosure embargo was broken. The vulnerability, comprised of two chained issues in subsystems of the Linux kernel and known as ‘Dirty Frag,’ was detected in late April 2026… Read More "Rushed Patches Follow Broken Embargo on Linux Kernel Vulnerabilities"
A Romanian national has been sentenced to prison in the United States after he admitted to selling access to an Oregon state network. The hacker is 45-year-old Catalin Dragomir. He was arrested in Romania in November 2024 and extradited to… Read More "Romanian Hacker Sentenced to Prison in US for Selling Access to State Network"
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That’s according to new findings from WatchGuard and ESET, which have observed the… Read More "Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users"
In its fourth year, cyber resilience non-profit Cybermindz is urging organizations to reframe burnout, not as a standalone wellness issue, but as a critical risk, shifting the conversation towards a more measurable, impact-driven approach aligned with real-world operational resilience. Burnout… Read More "Why Burnout in Cybersecurity Demands Risk-Based Response"
Often regarded as the Californian version of the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) aims to protect the personal information rights of Californian-based employees, contractors, customers, and vendors. The inclusion of third-party vendors means your… Read More "Free CCPA Vendor Questionnaire Template (2026 Edition)"
Researchers at Novee Security have disclosed a high-severity vulnerability in Pretalx, an open source platform that powers the call-for-papers (CFP) and scheduling processes for many technical conferences worldwide. The flaw, tracked as CVE-2026-41241 and described as a stored XSS issue,… Read More "Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate"
Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They drift in disguised as routine activity, hide inside legitimate processes,… Read More "3 SOC Steps that Shut Down Incident Risks Early"
An application can be exposed even if its developers never installed Starlette, because another component may have, X41 D-Sec said. Starlette has more than 400,000 dependent projects on GitHub, according to the firm. Who is most exposed Not every dependent… Read More "FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework"
