Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-29 13:00 PDT
- ChatGPT share links abused to host fake outage pages to deliver malware
BleepingComputer • 2026-05-29 11:21 • www.bleepingcomputer.com
Threat actors are abusing ChatGPT’s content-sharing feature to display fake OpenAI outage pages that direct users to download malware disguised as the ChatGPT desktop application. […]
https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/ - California AG sues 23andMe over 2023 breach exposing health data
BleepingComputer • 2026-05-29 11:08 • www.bleepingcomputer.com
California Attorney General Rob Bonta filed a lawsuit against 23andMe, now Chrome Holding Co., over the company’s failure to protect sensitive customer genetic and personal information. […]
https://www.bleepingcomputer.com/news/security/california-ag-sues-23andme-over-2023-breach-exposing-health-data/ - ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
The Hacker News • 2026-05-29 11:07 • thehackernews.com
Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant’s implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks.The technique has been codenamed ChatGPhish by Permiso Security.
“The chatgpt.com response renderer trusts Markdown links and Markdown
https://thehackernews.com/2026/05/chatgphish-vulnerability-turns-chatgpt.html - Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
The Hacker News • 2026-05-29 07:39 • thehackernews.com
An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability.“The attacker compromised an internet-reachable Marimo notebook via CVE-2026-39987, extracted two cloud credentials from the compromised
https://thehackernews.com/2026/05/attackers-use-llm-agent-for-post.html - From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
BleepingComputer • 2026-05-29 07:32 • www.bleepingcomputer.com
DDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare explores how the DDoS-as-a-Service market has evolved from scattered tools into polished attack platforms. […]
https://www.bleepingcomputer.com/news/security/from-5-attacks-to-botnet-powered-platforms-inside-the-ddos-as-a-service-market/ - Dutch govt disrupts malware botnet with 17 million infected devices
BleepingComputer • 2026-05-29 07:26 • www.bleepingcomputer.com
Dutch authorities have taken offline a massive botnet of 17 million devices and seized more than 200 servers at a local provider that supported the operation. […]
https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
