New York, United States, May 19th, 2026, CyberNewswire New research shows identity dark matter continues to expand and erode enterprise identity, resulting in a fragile foundation for agent AI readine…
cyberintel.kalymoon.com · 37182 articles · updated every 4 hours · grows forever
New York, United States, May 19th, 2026, CyberNewswire New research shows identity dark matter continues to expand and erode enterprise identity, resulting in a fragile foundation for agent AI readine…
The PostgreSQL Global Development Group has released critical security updates for all supported branches, fixing 11 vulnerabilities, including arbitrary code execution and several SQL injection flaws…
AI-powered vulnerability scanning leaves no excuse for unpatched bugs as the EU Cyber Resilience Act pushes firms toward secure-by-design software
Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group
Microsoft’s aging “mshta.exe” utility, a leftover component from Internet Explorer, is still being actively abused in modern malware campaigns years after the browser itself was retired. According to …
Faced with the growing volume of submission to its bug bounty program, GitHub is replacing cash bounties with swag rewards for reports with low security impact — and asking researchers to stop submitt…
Discord has protected voice and video calls in DMs, group DMs, voice channels, and Go Live streams with end-to-end encryption (E2EE) by default. The company began experimenting with E2EE for voice and…
A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser data, password managers, and cryptocurrency …
Operators of industrial sensors, edge AI controllers, and connected medical equipment now have a refreshed long-term Linux option for fleets that must stay patched for more than a decade. Canonical re…
LaunchDarkly has launched AgentControl, a new solution that gives software teams real-time control over AI agents in production. With AgentControl, teams can change how an agent behaves at runtime wit…
Selector has announced the expansion of its platform with AI-powered multi-cloud observability capabilities. The extension of Selector’s AI-driven observability approach into multi-cloud environments …
A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered. The…
The security defect can be exploited remotely, without authentication, to execute arbitrary code and leak sensitive information. The post Unpatched ChromaDB Vulnerability Can Lead to Server Takeover a…
Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based att…
Understanding AI BOMs and where they fit into risk management for artificial intelligence.
Dark Reading editors reflect on two decades of dramatic change — from perimeter defense to assume-breach strategies — and warn that while AI, cloud, and COVID-19 have transformed the threat landscape,…
Drupal has issued an alert stating that it intends to release a "core security release" for all supported branches on May 20, 2026, from 5-9 p.m. UTC. "The Drupal Security Team urges you to reserve ti…
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries. The targe…
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE). Dubbed DirtyDecrypt (aka Dirty…
IT teams are increasingly overwhelmed by alerts from disconnected systems, forcing responders to manually coordinate investigations during network incidents. This webinar explores how automation and A…
Microsoft's total vulnerability count stayed steady in 2025, but critical flaws surged year over year. BeyondTrust breaks down why attackers are increasingly focused on privilege escalation and identi…
Convenience store chain giant 7-Eleven confirmed that its systems were breached in a cyberattack claimed by the ShinyHunters extortion group last month. [...]
Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign. [...]
Public Instagram posts provide raw material for AI phishing campaigns Help Net Security