Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare 2026-05-19 at 15:47 By Drupal has issued an alert stating that it intends to release a “core security release” for all supported branches on May 20, 2026, from 5-9 p.m. UTC. “The Drupal Security Team urges you to reserve time for […]
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare Read More »
The end of unencrypted Discord calls is here 2026-05-19 at 15:35 By Anamarija Pogorelec Discord has protected voice and video calls in DMs, group DMs, voice channels, and Go Live streams with end-to-end encryption (E2EE) by default. The company began experimenting with E2EE for voice and video in 2023, starting a long-term effort. End-to-end encryption
The end of unencrypted Discord calls is here Read More »
New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain 2026-05-19 at 15:35 By Sinisa Markovic A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser data, password managers, and cryptocurrency wallets while establishing persistence for continued access, SentinelOne found.
New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain Read More »
B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards 2026-05-19 at 15:35 By Ionut Arghire The stolen credit card data was released as a free download, allegedly in response to seller misconduct. The post B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards appeared first on SecurityWeek. This article is an excerpt from
B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards Read More »
Cyber Resilience is the New Business Continuity Plan 2026-05-19 at 15:35 By Steve Durbin The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose. The post Cyber Resilience is the New Business Continuity Plan appeared first on SecurityWeek. This article is
Cyber Resilience is the New Business Continuity Plan Read More »
201 Arrested in Crackdown on Cybercrime in Middle East, North Africa 2026-05-19 at 14:05 By Ionut Arghire The 13-country effort, named Operation Ramz, targeted cyber threats in the Middle East and North Africa region. The post 201 Arrested in Crackdown on Cybercrime in Middle East, North Africa appeared first on SecurityWeek. This article is an
201 Arrested in Crackdown on Cybercrime in Middle East, North Africa Read More »
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access 2026-05-19 at 13:31 By Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance. “These vulnerabilities could
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access Read More »
Symantec DLP Cloud and DPSM are the Power Couple Security Strategists Need 2026-05-19 at 12:48 By Nate Fitzgerald How Symantec’s new DSPM solution makes understanding data—and protecting it—easier than ever This article is an excerpt from SECURITY.COM View Original Source
Symantec DLP Cloud and DPSM are the Power Couple Security Strategists Need Read More »
Cyble Named a Challenger in the Inaugural 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies 2026-05-19 at 12:47 By Mihir Bagwe In a digital landscape that moves at the speed of AI, we feel recognition is more than just a market positioning—it is a validation of vision. We are proud to announce that Cyble has
PoC Released for DirtyDecrypt Linux Kernel Vulnerability 2026-05-19 at 12:47 By Ionut Arghire Patched in April, the underlying vulnerability allows local attackers to elevate their privileges to root. The post PoC Released for DirtyDecrypt Linux Kernel Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
PoC Released for DirtyDecrypt Linux Kernel Vulnerability Read More »
iProov brings identity verification to video meetings to reduce fraud risks 2026-05-19 at 11:32 By Industry News iProov has launched iProov Verified Meetings, a new solution that enables organizations to verify the identity of video call participants without adding friction to the user experience. Video meetings have become a trusted and scalable communication channel, but
iProov brings identity verification to video meetings to reduce fraud risks Read More »
Babel Street targets AI-driven threats with new agentic investigation capabilities 2026-05-19 at 11:32 By Industry News Babel Street has launched Insights Investigator, a new agentic capability that puts tradecraft-trained AI agents at the front edge of investigative work while ensuring analysts remain in control of scope, logic, and outcomes of their missions. As part of
Babel Street targets AI-driven threats with new agentic investigation capabilities Read More »
Egnyte unveils Email Capture and AI features to unify fragmented data 2026-05-19 at 11:32 By Industry News Egnyte has announced a new set of capabilities designed to consolidate fragmented knowledge. Email Capture centralizes critical communications and attachments from siloed inboxes into the Egnyte folder structure, assisting users to make more informed data-driven decisions based on
Egnyte unveils Email Capture and AI features to unify fragmented data Read More »
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer 2026-05-19 at 11:32 By Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer Read More »
Critical Vulnerability Exposes Industrial Robot Fleets to Hacking 2026-05-19 at 09:34 By Eduard Kovacs The vulnerability, CVE-2026-8153, affects Universal Robots PolyScope 5 and it can be exploited for OS command injection. The post Critical Vulnerability Exposes Industrial Robot Fleets to Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Critical Vulnerability Exposes Industrial Robot Fleets to Hacking Read More »
Earbud sensors can authenticate users by their heartbeat, study finds 2026-05-19 at 09:17 By Mirko Zorz Researchers built a continuous authentication system called AccLock that identifies a wearer by the tiny vibrations a heartbeat makes inside the ear canal. The signal comes from an accelerometer of the kind already sitting inside many wireless earbuds, so
Earbud sensors can authenticate users by their heartbeat, study finds Read More »
Public Instagram posts provide raw material for AI phishing campaigns 2026-05-19 at 09:17 By Sinisa Markovic A handful of public Instagram posts can give attackers enough material to generate convincing phishing emails with GenAI. Research from the University of Texas at Arlington and Louisiana State University showed how public social media activity can be turned
Public Instagram posts provide raw material for AI phishing campaigns Read More »
AI infrastructure is cracking under sovereignty demands 2026-05-19 at 09:17 By Anamarija Pogorelec AI deployments are moving into environments with tighter controls around data, infrastructure, and system operations. Organizations are building AI systems across multiple providers, platforms, and computing environments while managing governance, security, and compliance obligations within defined boundaries. NTT DATA’s 2026 Global AI
AI infrastructure is cracking under sovereignty demands Read More »
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account 2026-05-19 at 09:17 By Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave. “The attack affects packages tied to the npm maintainer
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account Read More »
GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials 2026-05-19 at 09:17 By In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server. “Every existing tag in the repository has been
GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials Read More »