๐ Security News Digest - 2026-05-05
-
Security News Digest - 2026-05-05
26 updates from 7 sources:
BleepingComputer: Karakurt extortion gang โcold caseโ negotiator gets 8.5 years in prison
https://www.bleepingcomputer.com/news/security/karakurt-extortion-gang-negotiator-sentenced-to-85-years-in-prison/ The Hacker News: We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is
https://thehackernews.com/2026/05/we-scanned-1-million-exposed-ai.html SecurityWeek: Karakurt Ransomware Negotiator Sentenced to Prison
https://www.securityweek.com/karakurt-ransomware-negotiator-sentenced-to-prison/ SecurityWeek: Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server
https://www.securityweek.com/critical-high-severity-vulnerabilities-patched-in-apache-mina-http-server/ BleepingComputer: Google now offers up to $1.5 million for some Android exploits
https://www.bleepingcomputer.com/news/security/google-now-offers-up-to-15-million-for-some-android-exploits/๐ฆ Malwarebytes: Update WhatsApp now: Two new flaws could expose you to malicious files
https://www.malwarebytes.com/blog/news/2026/05/update-whatsapp-now-two-new-flaws-could-expose-you-to-malicious-files The Hacker News: MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
https://thehackernews.com/2026/05/metinfo-cms-cve-2026-29014-exploited.html darkreading: How the Story of a USB Penetration Test Went Viral
https://www.darkreading.com/cyberattacks-data-breaches/how-story-usb-penetration-test-went-viral The Hacker News: The Back Door Attackers Know About โ and Most Security Teams Still Havenโt Closed
https://thehackernews.com/2026/05/the-back-door-attackers-know-about-and.html SecurityWeek: Critical Remote Code Execution Vulnerability Patched in Android
https://www.securityweek.com/critical-remote-code-execution-vulnerability-patched-in-android-2/ SecurityWeek: Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft
https://www.securityweek.com/critical-bug-could-expose-300000-ollama-deployments-to-information-theft/ The Record from Recorded Future News: Australia launches cyber review board modeled on version disbanded in US
https://therecord.media/australia-launches-cyber-review-board BleepingComputer: Vimeo data breach exposes personal information of 119,000 people
https://www.bleepingcomputer.com/news/security/vimeo-data-breach-exposes-personal-information-of-119-000-people/ SecurityWeek: Hacker Conversations: Joey Melo on Hacking AI
https://www.securityweek.com/hacker-conversations-joey-melo-on-hacking-ai/ Security News | TechCrunch: 4 days left: Get 50% off a second TechCrunch Disruptย 2026ย pass to make more deals faster
https://techcrunch.com/2026/05/05/4-days-left-get-50-off-a-second-techcrunch-disrupt-2026-pass-to-make-more-deals-faster/ BleepingComputer: The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.
https://www.bleepingcomputer.com/news/security/the-eol-blind-spot-in-your-cve-feed-what-sca-tools-dont-check/ The Hacker News: China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
https://thehackernews.com/2026/05/china-linked-uat-8302-targets.html Security News | TechCrunch: Hackers steal studentsโ data during breach at education tech giant Instructure
https://techcrunch.com/2026/05/05/hackers-steal-students-data-during-breach-at-education-tech-giant-instructure/ BleepingComputer: FTC to ban data broker Kochava from selling Americansโ location data
https://www.bleepingcomputer.com/news/security/ftc-to-ban-data-broker-kochava-from-selling-americans-location-data/ SecurityWeek: Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations
https://www.securityweek.com/microsoft-warns-of-sophisticated-phishing-campaign-targeting-us-organizations/ darkreading: Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
https://www.darkreading.com/cyber-risk/microsoft-edge-passwords-enterprise-risk Security News | TechCrunch: Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in โwidespreadโ attack
https://techcrunch.com/2026/05/05/kaspersky-suspects-chinese-hackers-planted-a-backdoor-into-daemon-tools-in-widespread-attack/ The Hacker News: DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
https://thehackernews.com/2026/05/daemon-tools-supply-chain-attack.html The Hacker News: Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html The Record from Recorded Future News: Conti, Akira ransomware affiliate given 8-year sentence
https://therecord.media/conti-akira-ransomware-affiliate-sentenced BleepingComputer: Student hacked Taiwan high-speed rail to trigger emergency brakes
https://www.bleepingcomputer.com/news/security/student-hacked-taiwan-high-speed-rail-to-trigger-emergency-brakes/ -
R relay@relay.infosec.exchange shared this topic
