Latest news as of 5/2/2026, 1:47:56 PM
Graham Cluley
When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the person put in charge of the investigation was the actual leaker... who promptly sent an innocent colleague into a career-ending ambush. In this episode, we unravel the jaw-dropping tale of a defence contractor caught selling zero-day exploits to a Russia-linked broker. Plus: are nation states quietly poisoning AI models to bend reality itself? We explore how “foreign information manipulation interference” could target not just social media users, but the large language models we increasingly trust for answers — and what that might mean for truth, trust, and the future of online influence. All this, and much more, in episode 457 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Carl Miller.
The Register
Attack infrastructure attributed to 'several Iran-nexus threat actors' Multiple Iranian hacking crews have been targeting internet-connected surveillance cameras across Israel and other Middle Eastern countries since the war started on February 28, according to Check Point security researchers. …
Bleeping Computer
Bitwarden announced support for logging into Windows 11 devices using passkeys stored in the manager's vault, enabling phishing-resistant authentication. [...]
Bleeping Computer
A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication. [...]
Dark Reading
Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims' cloud environments.
Bleeping Computer
Microsoft has released the KB5075039 Windows Recovery Environment update for Windows 10 to fix a long-standing issue that prevented some users from accessing the Recovery environment. [...]
The Register
Think before you download OpenClaw, the AI agent that can manage just about anything, is risky all by itself, but now fake installers for it are wreaking havoc. Users who searched Bing’s AI results for “OpenClaw Windows” were directed to a malicious GitHub repository that delivered information stealers and GhostSocks onto their machines.…
Bleeping Computer
Password management software provider LastPass is warning users of a phishing campaign targeting its users with fake unauthorized account access alerts. [...]
Bleeping Computer
Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software. [...]
Bleeping Computer
A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks. [...]