Summary of the last 12 hours (124 new articles)
**Cybercrime & Law Enforcement** The criminal organisation, comprising individuals from Romania, the Republic of Moldova, Bulgaria, Estonia, Poland, and Ukraine, has been operating for nearly two decades, generating at least EUR 240 — Some of Europe’s most wanted fugitives are still at large despite being sentenced to years in prison for serious crimes. A new international campaign launched today is asking the public to help change — For years, the service, known as ‘First VPN’, was promoted on Russian-speaking cybercrime forums as a trusted tool for remaining beyond the reach of law enforcement. It offered users anonymous payment
**Zero-Day Vulnerabilities & Exploits** View CSAF Summary An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who succes — View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of hea — View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability. A network at
**Tech Business: Acquisitions & Partnerships** According to users on X, the website was hijacked by hackers in an attempt to trick visitors into installing malware. — First VPN promised hackers complete anonymity for their cyberattacks. But Europol said it was able to notify the service’s users that they have now been identified. — The loophole allows spammers and scammers to send emails from a legitimate Microsoft email address typically used for sending genuine account alerts.
**AI Security & Compute Infrastructure** France is already moving on from Zoom and Microsoft Teams in favor of homegrown alternatives. Other countries are quickly following suit. — GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations. — Three firms will pay nearly $1 million for selling “Active Listening” technology that they claimed tapped people’s phones for advertising. The FTC alleges the “tech” was just pricey email lists.
**Key Developments** • CISA Adds One Known Exploited Vulnerability to Catalog: CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-9082 Dru • ABB B&R Automation Studio: View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces a • ABB Terra AC Wallbox: View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited t • ABB B&R PCs: View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addres • ABB B&R Automation Runtime: View CSAF Summary An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as
Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. [...]
Fraud losses don't stop at chargebacks. False declines, account takeovers, and abuse also damage revenue and trust. IPQS breaks down why fraud teams need broader visibility into risk and customer impact. [...]
Unit 42 details Screening Serpens' use of AppDomainManager hijacking and new RAT variants to target tech and defense sectors in recent campaigns. The post Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns appeared first on Unit 42.
In the course of the Iran war, gasoline prices have risen sharply recently. The interest in electromobilityhas grown as a result. (electromobility, electric car)
Over-earheadphones from Soundcore with adaptive ANC, hi-res audio and up to 65 hours of battery life are available at Amazon at a special price. (Headphones, audio/video)
CEO Lip-Bu Tan wants Intel to switch from a corporateto a start-up mentality. Decisions should be made faster, products should stay on schedule. (Lip-Bu Tan, Intel)
Jacob Butler, 23, has been arrested in Canada and US authorities are seeking his extradition on computer hacking charges. The post Canadian Man Arrested for Operating Kimwolf Botnet appeared first on SecurityWeek.
Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges. [...]
In Italy, investigators have uncovered a large networkfor illegal streaming. In addition to the sellers, customers are also targeted. (Streaming, Disney)
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-9082 Drupal Core SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnera
The acquisition of VMware and Bitnami by Broadcom has made standardized container images and helmet charts enormously more expensive. Alternatives provide a remedy. An advisory text by Erik Brwaldt (software development, virtualisation)
The Turtle Beach Vulcan II TKL Pro offers customizable reverb switchesfor competitive gaming. At Amazon, it is now massively reduced. (Technology/hardware, keyboard)
Data centersfor AI canalso be a field for municipal utilities and municipalities. But when it comes to solving the question of energy supply, people think far too briefly. (Netcologne, AI)
Attackers are targeting Github repositories. Within about six hours, over 5,500 repos were equipped with a backdoor. (Backdoor, Virus)
The last update for Destiny 2 comes at the beginning of June. According to insiders, this is followed by layoffs and an uncertain futurefor Bungie. (Destiny 2, Steam)
Xiaomi's CEO does not think the previous price of the YU7ischeap enough - the new standard version is 3,800 euros below the price of the Model Y. (Xiaomi, electric car)
Open-source framework ROADtools is being misused by threat actors for cloud intrusions. Learn how to identify its malicious use. The post Paved With Intent: ROADtools and Nation-State Tactics in the Cloud appeared first on Unit 42.
Vibe coding makes apps available quickly. But without testing, prototypes become security holes. A report by Oliver Jessner (Security, AI)
The new launch date of the Starship V3 has been postponed to the night of 23 May 2026. The reason was technical problems. (Starship)
Amazon offers a battery-powered pool robot from Aiper that keeps the pools clean. (Technology/Hardware)