Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

19/05/2026 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN’s Satori Threat Intelligence and Research Team, encompassed

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

19/05/2026 0 Comments 0 tags

Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE). Dubbed DirtyDecrypt (aka DirtyCBC),

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare

19/05/2026 0 Comments 0 tags

Drupal has issued an alert stating that it intends to release a “core security release” for all supported branches on May 20, 2026, from 5-9 p.m. UTC. “The Drupal Security

The New Phishing Click: How OAuth Consent Bypasses MFA

19/05/2026 0 Comments 0 tags

In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries.  The targets of the

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access

19/05/2026 0 Comments 0 tags

Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

19/05/2026 0 Comments 0 tags

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

19/05/2026 0 Comments 0 tags

Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

19/05/2026 0 Comments 0 tags

In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an

INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests

18/05/2026 0 Comments 0 tags

INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects. The initiative

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

18/05/2026 0 Comments 0 tags

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a