May, 2026 - Security Ticks

Selector extends AI-driven observability into multi-cloud environments

Selector extends AI-driven observability into multi-cloud environments 2026-05-19 at 16:58 By Industry News Selector has announced the expansion of its platform with AI-powered multi-cloud observability capabilities. The extension of Selector’s AI-driven observability approach into multi-cloud environments enables organizations to correlate signals across the full hybrid path. By unifying rich telemetry data from cloud, network, and […]

Selector extends AI-driven observability into multi-cloud environments Read More »

LaunchDarkly adds real-time controls for AI agents in production

Industry news / SecurityTicks

LaunchDarkly adds real-time controls for AI agents in production 2026-05-19 at 16:58 By Industry News LaunchDarkly has launched AgentControl, a new solution that gives software teams real-time control over AI agents in production. With AgentControl, teams can change how an agent behaves at runtime without redeploying the underlying application. As AI agents move into production,

LaunchDarkly adds real-time controls for AI agents in production Read More »

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Endpoint Security, Malware, Malware & Threats, mshta, Windows / SecurityTicks

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks 2026-05-19 at 16:58 By Kevin Townsend Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based attack chains. The post Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks appeared first

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks Read More »

Unpatched ChromaDB Vulnerability Can Lead to Server Takeover

ChromaDB, Vulnerabilities, vulnerability / SecurityTicks

Unpatched ChromaDB Vulnerability Can Lead to Server Takeover 2026-05-19 at 16:58 By Ionut Arghire The security defect can be exploited remotely, without authentication, to execute arbitrary code and leak sensitive information. The post Unpatched ChromaDB Vulnerability Can Lead to Server Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Unpatched ChromaDB Vulnerability Can Lead to Server Takeover Read More »

Canonical ships Ubuntu Core 26 with 15 years of security maintenance

Linux, News, Ubuntu / SecurityTicks

Canonical ships Ubuntu Core 26 with 15 years of security maintenance 2026-05-19 at 15:47 By Anamarija Pogorelec Operators of industrial sensors, edge AI controllers, and connected medical equipment now have a refreshed long-term Linux option for fleets that must stay patched for more than a decade. Canonical released Ubuntu Core 26, the latest long-term supported

Canonical ships Ubuntu Core 26 with 15 years of security maintenance Read More »

The New Phishing Click: How OAuth Consent Bypasses MFA

Uncategorized / SecurityTicks

The New Phishing Click: How OAuth Consent Bypasses MFA 2026-05-19 at 15:47 By In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries. The targets of the platform received a message asking them to enter a short code at

The New Phishing Click: How OAuth Consent Bypasses MFA Read More »

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare

Uncategorized / SecurityTicks

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare 2026-05-19 at 15:47 By Drupal has issued an alert stating that it intends to release a “core security release” for all supported branches on May 20, 2026, from 5-9 p.m. UTC. “The Drupal Security Team urges you to reserve time for

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare Read More »

New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain

apple, cybercrime, Google, macOS, Malware, Microsoft, News, social engineering / SecurityTicks

New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain 2026-05-19 at 15:35 By Sinisa Markovic A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser data, password managers, and cryptocurrency wallets while establishing persistence for continued access, SentinelOne found.

New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain Read More »

The end of unencrypted Discord calls is here

Encryption, News, Privacy / SecurityTicks

The end of unencrypted Discord calls is here 2026-05-19 at 15:35 By Anamarija Pogorelec Discord has protected voice and video calls in DMs, group DMs, voice channels, and Go Live streams with end-to-end encryption (E2EE) by default. The company began experimenting with E2EE for voice and video in 2023, starting a long-term effort. End-to-end encryption

The end of unencrypted Discord calls is here Read More »

B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards

B1ack Stash, Credit card, cybercrime, dark web, marketplace / SecurityTicks

B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards 2026-05-19 at 15:35 By Ionut Arghire The stolen credit card data was released as a free download, allegedly in response to seller misconduct. The post B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards appeared first on SecurityWeek. This article is an excerpt from

B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards Read More »

Cyber Resilience is the New Business Continuity Plan

resilience, Risk Management, Security Architecture / SecurityTicks

Cyber Resilience is the New Business Continuity Plan 2026-05-19 at 15:35 By Steve Durbin The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose. The post Cyber Resilience is the New Business Continuity Plan appeared first on SecurityWeek. This article is

Cyber Resilience is the New Business Continuity Plan Read More »

201 Arrested in Crackdown on Cybercrime in Middle East, North Africa

arrested, cybercrime, Interpol, MENA, Middle East, North Africa, Tracking & Law Enforcement / SecurityTicks

201 Arrested in Crackdown on Cybercrime in Middle East, North Africa 2026-05-19 at 14:05 By Ionut Arghire The 13-country effort, named Operation Ramz, targeted cyber threats in the Middle East and North Africa region. The post 201 Arrested in Crackdown on Cybercrime in Middle East, North Africa appeared first on SecurityWeek. This article is an

201 Arrested in Crackdown on Cybercrime in Middle East, North Africa Read More »

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access

Uncategorized / SecurityTicks

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access 2026-05-19 at 13:31 By Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance. “These vulnerabilities could

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access Read More »

Symantec DLP Cloud and DPSM are the Power Couple Security Strategists Need

Uncategorized / SecurityTicks

Symantec DLP Cloud and DPSM are the Power Couple Security Strategists Need 2026-05-19 at 12:48 By Nate Fitzgerald How Symantec’s new DSPM solution makes understanding data—and protecting it—easier than ever This article is an excerpt from SECURITY.COM View Original Source

Symantec DLP Cloud and DPSM are the Power Couple Security Strategists Need Read More »

Cyble Named a Challenger in the Inaugural 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies

Announcement, Challenger in Gartner Magic Quadrant, Cyberthreat Intelligence, Cyberthreat Intelligence Technologies, Gartner Magic Quadrant, Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies, Threat Intelligence / SecurityTicks

Cyble Named a Challenger in the Inaugural 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies 2026-05-19 at 12:47 By Mihir Bagwe In a digital landscape that moves at the speed of AI, we feel recognition is more than just a market positioning—it is a validation of vision. We are proud to announce that Cyble has

Cyble Named a Challenger in the Inaugural 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies Read More »

PoC Released for DirtyDecrypt Linux Kernel Vulnerability

DirtyDecrypt, Endpoint Security, Linux vulnerability, privilege escalation, Vulnerabilities, vulnerability / SecurityTicks

PoC Released for DirtyDecrypt Linux Kernel Vulnerability 2026-05-19 at 12:47 By Ionut Arghire Patched in April, the underlying vulnerability allows local attackers to elevate their privileges to root. The post PoC Released for DirtyDecrypt Linux Kernel Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

PoC Released for DirtyDecrypt Linux Kernel Vulnerability Read More »

Babel Street targets AI-driven threats with new agentic investigation capabilities

Industry news / SecurityTicks

Babel Street targets AI-driven threats with new agentic investigation capabilities 2026-05-19 at 11:32 By Industry News Babel Street has launched Insights Investigator, a new agentic capability that puts tradecraft-trained AI agents at the front edge of investigative work while ensuring analysts remain in control of scope, logic, and outcomes of their missions. As part of

Babel Street targets AI-driven threats with new agentic investigation capabilities Read More »

iProov brings identity verification to video meetings to reduce fraud risks

Industry news, iProov / SecurityTicks

iProov brings identity verification to video meetings to reduce fraud risks 2026-05-19 at 11:32 By Industry News iProov has launched iProov Verified Meetings, a new solution that enables organizations to verify the identity of video call participants without adding friction to the user experience. Video meetings have become a trusted and scalable communication channel, but

iProov brings identity verification to video meetings to reduce fraud risks Read More »

Egnyte unveils Email Capture and AI features to unify fragmented data

Egnyte, Industry news / SecurityTicks

Egnyte unveils Email Capture and AI features to unify fragmented data 2026-05-19 at 11:32 By Industry News Egnyte has announced a new set of capabilities designed to consolidate fragmented knowledge. Email Capture centralizes critical communications and attachments from siloed inboxes into the Egnyte folder structure, assisting users to make more informed data-driven decisions based on

Egnyte unveils Email Capture and AI features to unify fragmented data Read More »

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Uncategorized / SecurityTicks

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer 2026-05-19 at 11:32 By Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer Read More »

May 2026