Latest news as of 5/1/2026, 8:39:37 AM
Bleeping Computer
A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal VPN credentials from unsuspecting users. [...]
Dark Reading
The latest banking Trojan campaign to hit Brazil combines classic malware with a real-time human operator, waiting for the perfect moment to strike.
The Register
Operation Synergia's third season is the most productive to date Ninety-four people were arrested as part of a global, multi-month cybercrime crackdown, Interpol revealed today.…
The Register
Take your YOLO and box it up NanoClaw, an open source agent platform, can now run inside Docker Sandboxes, furthering the project's commitment to security.… exclusive
The Register
Skia graphics lib and V8 JavaScript engine brings browser's tally of actively exploited bugs to three in 2026 Google has pushed out an emergency Chrome update to fix two previously unknown vulnerabilities that attackers were already exploiting before the patches landed.…
The Hacker News
Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel's AppArmor module that could be exploited by unprivileged users to circumvent kernel protections, escalate to root, and undermine container isolation guarantees. The nine confused deputy vulnerabilities have been collectively codenamed CrackArmor by the Qualys Threat Research Unit (TRU). The
The Hacker News
Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have been exploited in the wild. The list of vulnerabilities is as follows - CVE-2026-3909 (CVSS score: 8.8) - An out-of-bounds write vulnerability in the Skia 2D graphics library that allows a remote attacker to perform out-of-bounds memory access via a crafted HTML
Bleeping Computer
Starbucks has disclosed a data breach affecting hundreds of employees after threat actors gained access to their Starbucks Partner Central accounts. [...]
Bleeping Computer
Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks. [...]
The Hacker News
A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for committing large-scale fraud. "SocksEscort infected home and small business internet routers with malware," the U.S. Department of Justice (DoJ) said. "The malware allowed SocksEscort to direct internet