Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-08 08:00 PDT
- Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)
SANS ISC Diary (full) • 2026-05-08 07:53 • isc.sans.eduLess than two weeks after the public disclosure of the Copy Fail vulnerability (CVE-2026-31431), another local privilege escalation (LPE) vulnerability in the Linux kernel has been revealed. Referred to as “Dirty Frag,” this vulnerability was discovered and reported by Hyunwoo Kim (@v4bel) [1]. In this diary, I will provide a brief background on Dirty Frag, and discuss its relationship to Copy Fail. I will then discuss how to mitigate Dirty Frag and outline recommended next steps for system owners.
- Inside Department 4: Russia’s secret school for hackers
Graham Cluley • 2026-05-08 07:36 • www.bitdefender.com
Most universities have a careers fair. At Bauman Moscow State Technical University, however, an elite group of students appear to have something rather more unusual: a direct pipeline into some of the world’s most notorious state-sponsored hacking groups.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/inside-department-4-russias-secret-school-for-hackers - Why More Analysts Won’t Solve Your SOC’s Alert Problem
BleepingComputer • 2026-05-08 07:02 • www.bleepingcomputer.com
Attackers move faster than overwhelmed SOC teams can realistically investigate alerts. Prophet Security breaks down how AI can help analysts investigate alerts faster and focus on real threats. […]
https://www.bleepingcomputer.com/news/security/why-more-analysts-wont-solve-your-socs-alert-problem/ - Trellix source code breach claimed by RansomHouse hackers
BleepingComputer • 2026-05-08 06:23 • www.bleepingcomputer.com
The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion. […]
https://www.bleepingcomputer.com/news/security/trellix-source-code-breach-claimed-by-ransomhouse-hackers/ - CISA gives feds four days to patch Ivanti flaw exploited as zero-day
BleepingComputer • 2026-05-08 05:16 • www.bleepingcomputer.com
CISA has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. […]
https://www.bleepingcomputer.com/news/security/cisa-gives-feds-four-days-to-patch-ivanti-flaw-exploited-as-zero-day/ - Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
The Hacker News • 2026-05-08 04:00 • thehackernews.com
A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers’ systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network tunneling.
“QLNX targets developers and DevOps credentials across the software supply chain,”
https://thehackernews.com/2026/05/quasar-linux-rat-steals-developer.html - Zara data breach exposed personal information of 197,000 people
BleepingComputer • 2026-05-08 03:42 • www.bleepingcomputer.com
Hackers who gained access to the databases of Spanish fast-fashion retailer Zara stole data belonging to more than 197,000 customers, according to data breach notification service Have I Been Pwned. […]
https://www.bleepingcomputer.com/news/security/zara-data-breach-exposed-personal-information-of-197-000-people/ - One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
The Hacker News • 2026-05-08 03:30 • thehackernews.com
The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and low-severity, across live enterprise environments.
The dataset behind these findings includes 10 million monitored
https://thehackernews.com/2026/05/one-missed-threat-per-week-what-25m.html - Sri Lanka makes 37 arrests as it raids another scam centre
Graham Cluley • 2026-05-08 02:30 • www.bitdefender.com
You don’t need to live near a scam compound for it to wreck your life. Americans lost $5.8 billion to crypto investment scams last year alone – and a raid in Sri Lanka this month shows exactly how the operations behind them keep finding new places to hide.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/sri-lanka-37-arrests-scam-centre
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
