Summary of the last 12 hours (124 new articles)
**Cybercrime & Law Enforcement** The criminal organisation, comprising individuals from Romania, the Republic of Moldova, Bulgaria, Estonia, Poland, and Ukraine, has been operating for nearly two decades, generating at least EUR 240 — Some of Europe’s most wanted fugitives are still at large despite being sentenced to years in prison for serious crimes. A new international campaign launched today is asking the public to help change — For years, the service, known as ‘First VPN’, was promoted on Russian-speaking cybercrime forums as a trusted tool for remaining beyond the reach of law enforcement. It offered users anonymous payment
**Zero-Day Vulnerabilities & Exploits** View CSAF Summary An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who succes — View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of hea — View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability. A network at
**Tech Business: Acquisitions & Partnerships** According to users on X, the website was hijacked by hackers in an attempt to trick visitors into installing malware. — First VPN promised hackers complete anonymity for their cyberattacks. But Europol said it was able to notify the service’s users that they have now been identified. — The loophole allows spammers and scammers to send emails from a legitimate Microsoft email address typically used for sending genuine account alerts.
**AI Security & Compute Infrastructure** France is already moving on from Zoom and Microsoft Teams in favor of homegrown alternatives. Other countries are quickly following suit. — GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations. — Three firms will pay nearly $1 million for selling “Active Listening” technology that they claimed tapped people’s phones for advertising. The FTC alleges the “tech” was just pricey email lists.
**Key Developments** • CISA Adds One Known Exploited Vulnerability to Catalog: CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-9082 Dru • ABB B&R Automation Studio: View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces a • ABB Terra AC Wallbox: View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited t • ABB B&R PCs: View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addres • ABB B&R Automation Runtime: View CSAF Summary An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as
The new Soundcore Liberty 5 Pro Max are Anker'snew top-of-the-line ANChrs and also suitable as adictationmachine with AI functions. (Anchor, Audio)
A vulnerability in Trump Mobile makes customer data freelyaccessible. Internal data also shows much lower sales figures. (Data leak, security breach)
There are security gaps in Trend Micro Apex One and Langflow that cybercriminals are actively attacking. CISA warns against this.
The Zero Trust Security Framework becomes the central guideline of modern IT security. Clear principles and an implementable implementation plan are crucial. An online workshop teaches practical procedures for this. (Golem career world, server applications)
The GTA-6 manufacturer mentions sales expectations, and investors react immediately: According to the new businessfigures, take-two shares are up significantly. (GTA 6, Red Dead Redemption)
For months, there have been little credible accusations in the US that WhatsApp can view completely encrypted content. Now Texas is filing a lawsuit.
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service (DDoS) attacks over the past six months. KrebsOnSecurity publicly named the suspect in February 2026 after the accused launched a volley of DDoS, doxing and swatting campaigns against this author and a security researcher. He now faces criminal h
Three firms will pay nearly $1 million for selling “Active Listening” technology that they claimed tapped people’s phones for advertising. The FTC alleges the “tech” was just pricey email lists.
Those who insert texts into AI chatbots often unintentionally pass on sensitive data. A new Chrome extension of the DFKI is intended to prevent this.
Samsung has averted an 18 ton strike. In return, around 125,000 employees receive a one-time bonus payment in enormous amounts. (Samsung, Business)
First VPN promised hackers complete anonymity for their cyberattacks. But Europol said it was able to notify the service’s users that they have now been identified.
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device. [...]
Cloudflare now integrates with the Claude Compliance API, so that security teams can monitor Claude Enterprise activity directly in the Cloudflare Dashboard.
Vodafone's new chief technology officer explains why 5G Advanced is being brought into the mobile network, but the company is reluctant to do so with Docsis 4.0. By Achim Sawall (Vodafone, cable network)
Only for the second time: Amazon sells the 256 GB Lexar Play Pro MicroSD Express card for Switch 2 forless than 51 euros. (Storage media, Amazon)
Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more. The post The npm Threat Landscape: Attack Surface and Mitigations (Updated May 21) appeared first on Unit 42.
Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years, more than $2.2 billion in potentially fraudulent App Store transactions in 2025 alone. [...]
Modern crypto drainers don't hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. [...]
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]