ICYMI: 2026-05-19
Latest Headlines
Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
You Can Get Some of Your Nudes Removed From the Internet Under a New Law
Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation
Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks
Unpatched ChromaDB Vulnerability Can Lead to Server Takeover
B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards
201 Arrested in Crackdown on Cybercrime in Middle East, North Africa
Critical Vulnerability Exposes Industrial Robot Fleets to Hacking
UAC-0184 Malware Chain Uses bitsadmin and HTA Files for Gated Payload Delivery
macOS Malware Installs Fake Google Software Update LaunchAgent for Persistence
The Gentlemen Ransomware Attacks Windows, Linux, NAS, BSD, and ESXi Attacks
Kimsuky Hackers Use LNK and JSE Lures to Target Recruiters, Crypto Users, and Defense Officials
Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI & ASM
Malware Campaign Uses JavaScript, PowerShell, and Shellcode to Deliver Crypto Clipper
DirtyDecrypt Linux Kernel Vulnerability PoC Exploit Code Released
3 Tactics Elite SOCs Use to Operationalize Threat Intelligence
Operation Ramz Seizes 53 Servers Linked to Cyber Scams and Malware Threats
Critical PostgreSQL Vulnerabilities Enables Code Execution and SQL Injections
Max-severity flaw in ChromaDB for AI apps allows server hijacking
Cybercrime service disrupted for abusing Microsoft platform to sign malware
Discord rolls out end-to-end encryption on voice, video calls
FBI: Americans lost over $388 million to scams using crypto ATMs in 2025
Microsoft Self-Service Password Reset abused in Azure data theft attacks
Microsoft plans to improve Windows 11 driver quality in 2026
Microsoft blames macOS update for undismissible Teams location prompts
7-Eleven confirms data breach claimed by the ShinyHunters gang
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
Webinar: The hidden bottlenecks in network incident response
Microsoft confirms patching issues in restricted Windows networks
– MTZ