54873
Be Cyber Aware. Our vacancies channel: @CyberSecurityJobs Our chat: t.me/cybersecuritynewschat LinkedIn: https://www.linkedin.com/company/securitynews/ Facebook: https://www.facebook.com/BreakingCyberSecNews 📩 Cooperation: @cybersecadmin
Meta AI Support Bug Let Attackers Hijack 20,225 Instagram Accounts
Meta disclosed that its AI-powered High Touch Support tool failed to verify whether the email submitted for a password reset actually matched the target account, letting anyone request a reset link for accounts without 2FA.
The abuse started on April 17 and ran undetected until May 31, when Meta yanked the tool and invalidated all generated links.
Exposed data may include DMs, posts, contact info, birthdays, and linked services; affected users have been force-reset and pushed through security checkpoints.
@Cyber_Security_Channel
🤝 Cyber Security News is looking for ADVERTISERS
Our community is continuously growing and we are searching for exciting companies & products to share with our audience.
Requirements to Qualify
• Relevant to channels niche / industry
• Long-term approach and collaboration mindset
• $2,000+ monthly ad spend budget to invest in campaigns
What We Offer
• Exposure to 60,000+ community members
• Personal success manager to scale your campaigns
• Brand awareness, leads, sign-ups, customers, followers, etc.
📩 Contact for Partnership
If you are serious about promoting your business, send us an introduction Email → cybersecnewsinfo@gmail.com
Important Note
Spots to become a sponsor are limited.
Reach out before they fill up.
(we only have 7 left)
- - - - -
@Cyber_Security_Channel
Cisco: Leading AI Models Crack at 88% Under Multi-Turn Prompt Attacks Vendors Don't Test
Cisco researchers tested 15 leading models from OpenAI, Anthropic, Google, Amazon and xAI and found multi-turn attack success rates of 8–88% versus 2–65% for single-turn — every model proved vulnerable when an attacker could adapt across turns.
Grok 4.1 Fast Non-Reasoning was the worst at 88% multi-turn ASR; Amazon Nova 2 Lite the best at 8%, still flagged as meaningful residual risk.
Successful tactics included role-play, misdirection, information decomposition, refusal reframing and incremental escalation.
Vendor safety reports lean on single-turn benchmarks, so published claims understate real-world risk for enterprises deploying these models.
@Cyber_Security_Channel
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 — No Patch Yet
Cisco disclosed CVE-2026-20245, a flaw in Catalyst SD-WAN Manager letting a netadmin-level attacker upload a crafted file and run arbitrary commands as root.
Mandiant has observed limited in-the-wild exploitation, in some cases pushing rogue configurations down to edge devices.
No patch and no workaround are available; attackers can chain it with earlier SD-WAN bugs (CVE-2026-20182, CVE-2026-20127) to obtain the required privileges.
@Cyber_Security_Channel
FBI: Silent Ransom Group Now Walking Into Law Firms Posing as IT Staff
The FBI warned that Silent Ransom Group (aka Luna Moth, Chatty Spider, UNC3753) is now showing up in person at US law firms — when phishing fails — pretending to be IT support to plug storage devices into machines under the pretext of post-phishing imaging.
The crew has targeted US legal, insurance, finance and healthcare firms consistently since spring 2023.
After minimal privilege escalation, operators exfiltrate unencrypted data with WinSCP or renamed Rclone, then extort victims by threatening to leak files to employees and clients.
Defenders are urged to reinforce physical access controls many organizations deprioritized as workloads moved to the cloud.
@Cyber_Security_Channel
19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access
According to SpaceX security engineer Asim Viladi Oglu Manizada, the kernel does not check the origin of the request and the key description, which allows an attacker to call the request_key function directly and can supply their own key description fields, bypassing CIFS origin.
Cyber_Security_Channel
Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
The company filed a lawsuit targeting Fox Tempest and Vanilla Tempest.
In cybercrime disruption operations, lawsuits serve as powerful legal mechanisms to seize malicious domains, dismantle server infrastructure, and compel third-party providers to take criminal operations offline.
Cyber_Security_Channel
Over 10,000 Zimbra Servers Under Active XSS Attack
CISA confirmed active exploitation of CVE-2025-48700, an XSS flaw in Zimbra that lets unauthenticated attackers execute arbitrary JavaScript and steal session data just by getting a user to open a malicious email.
More than 10,500 unpatched instances remain exposed worldwide. Synacor released a fix in June 2025 — affected versions include ZCS 8.8.15, 9.0, 10.0, and 10.1.
@Cyber_Security_Channel
Slack Scam Alert: Fake Linux Foundation Leader Tricks Devs into Handing Over Secrets
Attackers impersonated a Linux Foundation leader on Slack, tricking developers into clicking a phishing link and installing a fake root certificate to steal credentials and intercept encrypted traffic.
@Cyber_Security_Channel
Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
No other information has been shared about the attacks exploiting CVE-2026-0300, but limited exploitation typically indicates that a flaw has been leveraged in highly targeted attacks by sophisticated threat actors, often state-sponsored groups.
Cyber_Security_Channel
Join the Webinar: Marketing Myths Versus the Reality to enhance your ImmuniWeb® AI Platform skills, earn CPE credits, and qualify to become ImmuniWeb® Certified Professional.
✔️ Key Insights:
• Brief history of AI and ML
• AI trends in cybersecurity and cybercrime
• Misuse of AI by cybercrime and fraud actors
• Regulatory & compliance trends for AI usage
• Vendor marketing vs real 2026 AI capabilities
• Novel vulnerabilities: OWASP Top 10 for LLMs
• Review of AI-specific attacks: MITRE ATLAS™
• Leveraging AI in cybersecurity and cyber-defense in 2026
• Review of agentic AI: OWASP Top 10 for Agentic Applications
→ Date & Time: May 20 at 10am and 5pm CEST.
→ Host: Dr. Ilia Kolochenko, CEO & Chief Architect at ImmuniWeb, Attorney-at-Law.
✅ Register Now:
Session 1 – May 20, 2026 – Geneva 10am | Dubai 1pm | Singapore 5pm
👉 Click here.
Session 2 – May 20, 2026 – Geneva 5pm | New York 11am | California 8am
👉 Click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
Hackers Breach Canvas Learning Platform, Exposing Data on Millions of Students and Teachers
A cybersecurity attack on the nation's most widely used classroom software has potentially exposed the personal data of millions of students and educators across the country.
Instructure, the company that runs the Canvas learning management system used by more than 7,000 universities, K-12 districts and education ministries worldwide, disclosed the breach to affected institutions this week.
The company confirmed names, email addresses, student ID numbers and private messages between users had been accessed before the breach was contained.
ShinyHunters warned that a failure to pay could result in the release of "several billions of private messages among students and teachers."
A ransom message on the platform appears to give Infrastructure until May 12 to respond and "negotiate a settlement" before the hackers leak information.
@Cyber_Security_Channel
🚨 Lazarus APT is Running An Active Campaign
They are using fake meetings to gain full access to corporate systems, credentials, and sensitive data.
• Who is at risk: Fintech, crypto, and high-value environments where macOS is widely used by developers, executives, and decision-makers.
• Why this is hard to detect: The attack relies on social engineering and native macOS binaries, reducing visibility for traditional EDR tools.
• How SOCs should respond: Identify credential exposure early by introducing @anyrun_app’s cross-platform analysis capabilities during triage that offers a 36% higher detection rate.
→ Read the breakdown and get key defense steps: available here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
Zero-Day Alert: Adobe Reader Under Siege by Malicious PDFs Data Theft & RCE Risks Exposed!
Attackers have been exploiting an unpatched Adobe Reader zero-day via malicious PDFs since December 2025, enabling data theft and potential remote code execution even on updated systems. Users are urged to avoid untrusted files until a patch is released.
@Cyber_Security_Channel
Why U.S. Critical Infrastructure Is the Highest-Value Target in the Global Cyber War
This surge is directly tied to rising cybersecurity threats to the US critical infrastructure.
Attackers are no longer experimenting; they are executing repeatable, scalable campaigns designed to disrupt essential services.
Cyber_Security_Channel
Microsoft: Attackers Impersonate ChatGPT, Claude, Copilot, and DeepSeek in New Phishing Wave
Microsoft Threat Intelligence documented credential-harvesting emails, AI-themed malvertising, and SEO poisoning that lean on the trust users place in big AI brands.
One ChatGPT-themed wave hit 100,000 inboxes a day across Switzerland, Austria, and South Africa, while a Claude lure framed as a policy violation reached 2,000+ orgs in the US, UK, and India.
A fake DeepSeek V4 repo on GitHub also dropped Vidar Stealer; defenders should turn on phishing-resistant MFA, Safe Links, and train staff on AI-pretexted lures.
@Cyber_Security_Channel
Residential AI Data Centers: Security, Privacy, and Governance Concerns
Another major concern is the blurring of ownership, accountability, and liability.
Many of these emerging models fail to clearly define who owns processed data, who controls logs and telemetry, and who assumes responsibility following a breach or criminal misuse.
Cyber_Security_Channel
VaultJacking Hands Over an Entire Google Password Manager Vault for One Phished 6-Digit PIN
Phishu researchers disclosed VaultJacking, which abuses Google Password Manager's cross-device sync so a single phished 6-digit GPM PIN unlocks the Security Level Secret protecting the vault.
The attacker registers a fresh device in the victim's security domain and pulls every synced password and passkey — even hardware-backed ones — with no malware or device foothold required.
Google is treating this as an accepted design trade-off rather than a bug, so no patch is on the way for Chrome 359 and later.
Defenders are urged to split work and personal Chrome profiles, prefer on-prem password managers, train users on auth prompts, and tighten sync-layer security tiering.
@Cyber_Security_Channel
Join the Webinar: Leveraging CTI and Dark Web Monitoring in Geopolitical Chaos to enhance your ImmuniWeb® AI Platform skills, earn CPE credits, and qualify to become ImmuniWeb® Certified Professional.
✔️ Key Insights:
• New risks & cyber threats
• AI in cybercrime: myths, reality
• Dark Web Monitoring best practices to maximize ROI
• Best practices of Cyber Threat Intelligence
• Data sovereignty, supply chain and third-party risk management (TRPM)
• Legal response to phishing and malware
• Dealing with ransomware attacks & cyber insurance
• Cybersecurity insurance and its pitfalls
• Regulatory landscape in 2026
• Live demo of ImmuniWeb
Date & Time: June 11 at 10am and 5pm CEST
Host: Dr. Ilia Kolochenko, CEO & Chief Architect at ImmuniWeb, Attorney-at-Law.
✅ Register:
Session 1 – June 11 , 2026 – Geneva 10am | Dubai 1pm | Singapore 5pm
👉 Click here.
Session 2 – June 11 2026 – Geneva 5pm | New York 11am | California 8am
👉 Click here.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
🚨 Phishing is Becoming Harder to Catch as Recent Attacks don’t Look like Phishing At All
They hide behind Microsoft logins, OAuth flows, fake AI tool guides, banking alerts, and fake event invites.
One click leads to stolen credentials, OTP theft, token abuse, or remote access.
Bring faster phishing detection into your SOC to cut guesswork, speed up triage, and act before one click turns into business risk.
👉 Try ANY.RUN now: tap here to get started.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
CrowdStrike and Google Dismantle Glassworm Botnet Targeting Open Source Developers
CrowdStrike, Google and the Shadowserver Foundation dismantled the Glassworm botnet, active for two years and used to compromise software developers via malicious marketplace extensions, malvertising and stolen credentials.
Over 300 GitHub repos were poisoned to seed supply-chain attacks downstream.
Four C2 channels were disrupted, including ones abusing the Solana blockchain, BitTorrent, Google Calendar and rented VPSes.
Related developer-targeting campaigns include the recent Mini Shai-Hulud incident hitting two OpenAI developers and the March Axios hijack tied to suspected North Korean activity.
@Cyber_Security_Channel
Romanian Hacker Sentenced to Prison in US for Selling Access to State Network
According to the US Justice Department, Dragomir hacked into the network of an Oregon state government office in June 2021.
He sold access to this and other compromised networks in the United States, resulting in losses exceeding $250,000.
Cyber_Security_Channel
Preparing for Identity Attacks: What Steps Do You Need to Take?
For partners, helping customers to spot gaps in their identity security is an opportunity.
As environments become more fragmented and identity becomes the primary attack surface, how can you help your customers get ahead of these risks?
Cyber_Security_Channel
🚀 Scale Your SOC With Special Offers From @anyrun_app
1. Give your team more visibility across Windows, Linux, macOS, and Android.
2. Detect threats earlier and reduce response time.
3. Boost investigation efficiency by up to 3x.
Save on enterprise-grade security workflows with limited-time offers through May 31: click here to explore all the deals.
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
Security Fatigue: How Too Many Alerts Are Making Us All Less Safe Online
New research reveals that constant security demands, including password resets, phishing alerts, and training sessions, lead to "security fatigue."
This causes employees to ignore warnings and weaken organizational cyber defenses.
@Cyber_Security_Channel
AI Titans Unite: Project Glasswing Deploys Frontier AI to Hunt Down Zero-Days in Critical Software
Project Glasswing, backed by tech giants and powered by Anthropic’s Claude Mythos Preview, uses AI to uncover and patch thousands of zero-day vulnerabilities in critical software, giving defenders the edge in the AI-driven cybersecurity era.
@Cyber_Security_Channel
EU’s Age Verification App Cracked in 2 Minutes: Security Expert Exposes Fatal Flaws
Security researcher Paul Moore bypassed the EU’s new age verification app in under two minutes by editing a config file, exposing critical design flaws and weak local data storage.
@Cyber_Security_Channel
Cisco Releases Open Source Tool for AI Model Provenance
The new Model Provenance Kit from Cisco, a Python-based toolkit and command-line interface (CLI), aims to address these issues by generating a ‘fingerprint’ for each model based on “metadata signals, tokenizer similarity, and weight-level identity signals such as embedding geometry, normalization layers, energy profiles, and direct weight comparisons”.
Cyber_Security_Channel
Cloudflare Races to Beat Quantum Threats: Full Post-Quantum Security by 2029
Cloudflare accelerates its post-quantum security roadmap, aiming for full protection, including authentication, across all services by 2029 as quantum computing threats loom closer than expected.
@Cyber_Security_Channel
GPUBreach Exploit: How Hackers Can Hijack Your System Using Just a GPU
New research reveals the GPUBreach attack, which exploits GPU memory (Rowhammer) to escalate privileges and fully compromise systems — affecting major vendors like NVIDIA, AMD, and Qualcomm.
@Cyber_Security_Channel