Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-01 08:00 PDT
- Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
The Hacker News • 2026-05-01 07:26 • thehackernews.com
Cybersecurity researchers are warning of two cybercrime groups that are carrying out “rapid, high-impact attacks” operating almost within the confines of SaaS environments, while leaving minimal traces of their actions.
The clusters, Cordial Spider (aka BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) and Snarky Spider (aka O-UNC-025 and UNC6661), have been attributed to high-speed data theft and
https://thehackernews.com/2026/05/cybercrime-groups-using-vishing-and-sso.html - Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
BleepingComputer • 2026-05-01 07:02 • www.bleepingcomputer.com
Raw threat intel isn’t enough without real-world context. Criminal IP has partnered with Securonix to integrate exposure-based intelligence into ThreatQ, automating analysis and speeding up investigations. […]
https://www.bleepingcomputer.com/news/security/criminal-ip-and-securonix-threatq-collaborate-to-enhance-threat-intelligence-operations/ - China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
The Hacker News • 2026-05-01 07:02 • thehackernews.com
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO.
Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to
https://thehackernews.com/2026/05/china-linked-hackers-target-asian.html - Microsoft fixes Remote Desktop warnings displaying incorrectly
BleepingComputer • 2026-05-01 05:46 • www.bleepingcomputer.com
Microsoft has fixed a known issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-remote-desktop-warnings-displaying-incorrectly/ - A Ransomware Negotiator Was Working for a Ransomware Gang
Schneier on Security • 2026-05-01 04:18 • www.schneier.comSomeone pleaded guilty to secretly working for a ransomware gang as he negotiated ransomware payments for clients.
- Microsoft now lets admins choose pre-installed Store apps to uninstall
BleepingComputer • 2026-05-01 04:10 • www.bleepingcomputer.com
Microsoft has updated a Windows 11 in-box app removal policy introduced in October to include a dynamic list that lets IT admins choose which preinstalled Store apps to uninstall. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-now-lets-admins-choose-pre-installed-store-apps-to-uninstall/ - Top Five Sales Challenges Costing MSPs Cybersecurity Revenue
The Hacker News • 2026-05-01 03:30 • thehackernews.com
The managed security services market is projected to grow from $38.31 billion in 2025 to $69.16 billion by 2030[1], with cybersecurity being the fastest-growing sector[2]. Despite this opportunity, many MSPs leave revenue on the table because their go-to-market strategy fails to connect technical expertise with business needs.
This execution gap is where most deals stall. MSPs often focus on
https://thehackernews.com/2026/05/top-five-sales-challenges-costing-msps.html - Windows 11 KB5083631 update released with 34 changes and fixes
BleepingComputer • 2026-05-01 03:00 • www.bleepingcomputer.com
Microsoft has released the KB5083631 optional cumulative update for Windows 11, which includes 34 changes, such as a new Xbox mode for Windows PCs, enhanced security and performance for batch files, and performance improvements for launching startup apps. […]
https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5083631-update-released-with-34-changes-and-fixes/ - Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
The Hacker News • 2026-05-01 02:56 • thehackernews.com
The U.S. Department of Justice (DoJ) on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023.
Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accused of deploying the ransomware against multiple victims located throughout the U.S. between April and December 2023.
https://thehackernews.com/2026/05/two-cybersecurity-professionals-get-4.html - Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
The Hacker News • 2026-05-01 02:43 • thehackernews.com
A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence.
The activity has been attributed to the GitHub account “BufferZoneCorp,” which has published a set of repositories that are associated with malicious Ruby gems and Go modules. As of
https://thehackernews.com/2026/05/poisoned-ruby-gems-and-go-modules.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
