News - Security Ticks

Cybersecurity jobs available right now: May 12, 2026

cybersecurity jobs, News / SecurityTicks

Cybersecurity jobs available right now: May 12, 2026 2026-05-12 at 09:27 By Anamarija Pogorelec Application Security Engineer Total Quality Logistics | USA | On-site – View job details As an Application Security Engineer, you will design, implement, and maintain security controls across the software development lifecycle. You will work closely with engineering and product teams […]

Cybersecurity jobs available right now: May 12, 2026 Read More »

iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users

Android, apple, Encryption, Google, News / SecurityTicks

iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users 2026-05-11 at 23:59 By Sinisa Markovic Apple is bringing long-awaited end-to-end encryption to Rich Communication Services (RCS) messaging between iPhone and Android users in iOS 26.5. The feature is launching in beta for iPhone users running iOS 26.5 on supported carriers and

iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users Read More »

Poor security left hackers inside water company network for nearly two years

cyberattack, EU, Government, News, UK / SecurityTicks

Poor security left hackers inside water company network for nearly two years 2026-05-11 at 18:29 By Sinisa Markovic The UK’s data protection regulator, the Information Commissioner’s Office (ICO), fined South Staffordshire Water’s parent company £963,900 over security failures linked to a cyberattack that exposed the personal data of 633,887 people. According to the ICO, the

Poor security left hackers inside water company network for nearly two years Read More »

Linux developers weigh emergency “killswitch” for vulnerable kernel functions

cybersecurity, Don't miss, Hot stuff, Linux, News, operating system, system hardening, vulnerability disclosure, vulnerability management / SecurityTicks

Linux developers weigh emergency “killswitch” for vulnerable kernel functions 2026-05-11 at 16:48 By Zeljka Zorz Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnerable kernel functions at runtime. The proposal, submitted by Linux kernel developer/maintainer Sasha Levin, arrives in the wake of the

Linux developers weigh emergency “killswitch” for vulnerable kernel functions Read More »

Google researchers uncover criminal zero-day exploit likely built with AI

0-day, AI, APT, attack, cybercrime, cybersecurity, Don't miss, exploit, Google, Google Cloud, Hot stuff, Mandiant, News, report, Russian Federation, threats / SecurityTicks

Google researchers uncover criminal zero-day exploit likely built with AI 2026-05-11 at 16:48 By Mirko Zorz Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source web-based system administration tool. It allowed attackers to bypass two-factor authentication once they had valid user credentials.

Google researchers uncover criminal zero-day exploit likely built with AI Read More »

Police take down relaunched criminal marketplace with 22,000 users, €3.6 million in revenue

cybercrime, EU, Germany, law enforcement, News / SecurityTicks

Police take down relaunched criminal marketplace with 22,000 users, €3.6 million in revenue 2026-05-11 at 16:48 By Sinisa Markovic German authorities shut down a relaunched version of the criminal marketplace Crimenetwork and arrested its suspected operator. The domain seizure notice (Source: BKA) A special unit of the Spanish National Police arrested the suspected 35-year-old German

Police take down relaunched criminal marketplace with 22,000 users, €3.6 million in revenue Read More »

Instagram messaging encryption removed, and privacy advocates are pushing back

Encryption, Instagram, Meta, News, Privacy / SecurityTicks

Instagram messaging encryption removed, and privacy advocates are pushing back 2026-05-11 at 13:57 By Anamarija Pogorelec After introducing optional end-to-end encrypted messaging in 2023, Instagram announced in March 2026 that encryption for direct messages would be discontinued, and the feature was removed on May 8. The change allows Instagram to access direct message content, including

Instagram messaging encryption removed, and privacy advocates are pushing back Read More »

The scam economy has found its AI upgrade

AI, consumer, cybersecurity, deepfakes, F-Secure, News, report, scams / SecurityTicks

The scam economy has found its AI upgrade 2026-05-11 at 12:32 By Anamarija Pogorelec Scam attempts continue to reach consumers via email, text messages, social media, online advertising, and phone calls. The volume of exposure has remained stable over the past year, with more than half of consumers encountering scam attempts at least monthly, according

The scam economy has found its AI upgrade Read More »

Rustinel: Open-source endpoint detection for Windows and Linux

Don't miss, Endpoint Security, GitHub, Hot stuff, Linux, News, open source, scanning, security telemetry, Windows / SecurityTicks

Rustinel: Open-source endpoint detection for Windows and Linux 2026-05-11 at 08:51 By Mirko Zorz Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burdens. Rustinel, a

Rustinel: Open-source endpoint detection for Windows and Linux Read More »

Security teams are turning to AI to survive alert overload

AI, automation, cybersecurity, News, report, security operations, SOC, threats, World Economic Forum / SecurityTicks

Security teams are turning to AI to survive alert overload 2026-05-11 at 08:18 By Anamarija Pogorelec The World Economic Forum white paper “Empowering Defenders: AI for Cybersecurity” identified AI as the biggest driver of change in cybersecurity for 94% of survey respondents. The paper found that 77% of organizations already use AI in cybersecurity, with

Security teams are turning to AI to survive alert overload Read More »

Review: Foundations of Cybersecurity, 2nd edition

Don't miss, News, Reviews / SecurityTicks

Review: Foundations of Cybersecurity, 2nd edition 2026-05-11 at 08:18 By Mirko Zorz Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security now extends past data center servers to cloud resources, mobile devices, the Internet of Things, and AI. About the author Jason Andress

Review: Foundations of Cybersecurity, 2nd edition Read More »

Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams

News, Week in review / SecurityTicks

Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams 2026-05-10 at 12:32 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Your work apps are quietly handing 19 data points to someone Office work in 2026 relies on mobile apps used alongside

Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams Read More »

Dirty Frag: Unpatched Linux vulnerability delivers root access

cybersecurity, Don't miss, exploit, Hot stuff, Linux, News, vulnerability / SecurityTicks

Dirty Frag: Unpatched Linux vulnerability delivers root access 2026-05-08 at 18:03 By Zeljka Zorz A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty Frag In effect, Dirty Frag refers to two flaws: A xfrm-ESP Page-Cache Write vulnerability (CVE-2026-43284, aka

Dirty Frag: Unpatched Linux vulnerability delivers root access Read More »

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)

0-day, Don't miss, endpoint management, Hot stuff, Ivanti, News, vulnerability / SecurityTicks

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) 2026-05-08 at 13:30 By Zeljka Zorz Ivanti has released fixes for 5 high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, one of which (CVE-2026-6973) has being exploited as a zero-day by attackers. “We are aware of a very limited number of customers exploited with CVE-2026-6973,” the

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) Read More »

Google is turning Android Studio into a policy watchdog

Android, Google, Google Play, identity verification, News, Privacy, software development / SecurityTicks

Google is turning Android Studio into a policy watchdog 2026-05-08 at 13:09 By Anamarija Pogorelec Google has expanded Play Policy Insights in Android Studio to help developers catch policy issues while coding, including warnings for common problems such as missing login credentials. Later this year, developers who connect their Play developer account directly to Android

Google is turning Android Studio into a policy watchdog Read More »

Helping North Korean IT remote workers is becoming a fast track to prison

FBI, law enforcement, News, North Korea, remote working / SecurityTicks

Helping North Korean IT remote workers is becoming a fast track to prison 2026-05-08 at 12:40 By Sinisa Markovic Two U.S. nationals were sentenced to 18 months in prison for operating “laptop farms” that helped North Korean IT workers gain employment at nearly 70 American companies, generating more than $1.2 million for Pyongyang’s government. Although

Helping North Korean IT remote workers is becoming a fast track to prison Read More »

Your coworker might be selling company logins, and thinks it’s fine

credentials, cybersecurity, fraud, News, report, user behavior / SecurityTicks

Your coworker might be selling company logins, and thinks it’s fine 2026-05-08 at 08:17 By Anamarija Pogorelec Employee behavior once considered unacceptable is becoming tolerated across various industries, particularly in IT and telecommunications, and at all levels of seniority, including leadership. Cifas Workplace Fraud Trends research, based on a survey of 2,000 UK employees working

Your coworker might be selling company logins, and thinks it’s fine Read More »

Product showcase: NetGuard open-source firewall for Android

Android, Don't miss, firewall, Google Play, network monitoring, News, open source, Product showcase, software / SecurityTicks

Product showcase: NetGuard open-source firewall for Android 2026-05-08 at 08:17 By Anamarija Pogorelec NetGuard is a free, open-source firewall for Android phones and tablets that provides users with a simple way to block internet access. Android does not allow VPN services to be chained, so the app uses the Android VPN service to route all

Product showcase: NetGuard open-source firewall for Android Read More »

New infosec products of the week: May 8, 2026

LastPass, News, Sysdig, Viavi Solutions / SecurityTicks

New infosec products of the week: May 8, 2026 2026-05-08 at 08:17 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week LastPass, Operant AI, Sysdig, and VIAVI. Operant AI Endpoint Protector secures AI agents and MCP tools Operant AI has launched Operant Endpoint Protector, a new addition to its

New infosec products of the week: May 8, 2026 Read More »

$250 million cryptocurrency heist funded luxury fashion, nightclub parties, and private jets

Cryptocurrency, cybercrime, law enforcement, News, social engineering, USA / SecurityTicks

$250 million cryptocurrency heist funded luxury fashion, nightclub parties, and private jets 2026-05-08 at 01:14 By Sinisa Markovic 20-year-old California resident Marlon Ferro, known online as “GothFerrari,” was sentenced to 78 months in prison for his role in a cryptocurrency theft operation tied to more than $250 million in stolen digital assets. Federal prosecutors said

$250 million cryptocurrency heist funded luxury fashion, nightclub parties, and private jets Read More »