Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-01 13:00 PDT
- Malicious Ad for Homebrew Leads to MacSync Stealer, (Fri, May 1st)
SANS ISC Diary (full) • 2026-05-01 12:01 • isc.sans.eduIntroduction
- 30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
The Hacker News • 2026-05-01 11:09 • thehackernews.com
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a “phishing relay” to distribute phishing emails with an aim to compromise Facebook accounts.
The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen accounts back through an illicit storefront run by the threat actors. In all, roughly 30,000 Facebook accounts are
https://thehackernews.com/2026/05/30000-facebook-accounts-hacked-via.html - 15-year-old detained over French govt agency data breach
BleepingComputer • 2026-05-01 10:52 • www.bleepingcomputer.com
French authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the country’s agency for issuing and managing administrative documents. […]
https://www.bleepingcomputer.com/news/security/15-year-old-detained-over-french-govt-agency-data-breach/ - Story retracted
BleepingComputer • 2026-05-01 09:26 • www.bleepingcomputer.com
BleepingComputer initially published a story about a new data breach at Instructure. Shortly after publication, we determined that the information was incorrect and primarily based on outdated details from a prior incident. The article has been retracted, and we regret the error. […]
https://www.bleepingcomputer.com/news/security/story-retracted/ - Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
The Hacker News • 2026-05-01 07:26 • thehackernews.com
Cybersecurity researchers are warning of two cybercrime groups that are carrying out “rapid, high-impact attacks” operating almost within the confines of SaaS environments, while leaving minimal traces of their actions.
The clusters, Cordial Spider (aka BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) and Snarky Spider (aka O-UNC-025 and UNC6661), have been attributed to high-speed data theft and
https://thehackernews.com/2026/05/cybercrime-groups-using-vishing-and-sso.html - Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
BleepingComputer • 2026-05-01 07:02 • www.bleepingcomputer.com
Raw threat intel isn’t enough without real-world context. Criminal IP has partnered with Securonix to integrate exposure-based intelligence into ThreatQ, automating analysis and speeding up investigations. […]
https://www.bleepingcomputer.com/news/security/criminal-ip-and-securonix-threatq-collaborate-to-enhance-threat-intelligence-operations/ - China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
The Hacker News • 2026-05-01 07:02 • thehackernews.com
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO.
Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to
https://thehackernews.com/2026/05/china-linked-hackers-target-asian.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
