Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-06 08:00 PDT
- Why ransomware attacks succeed even when backups exist
BleepingComputer • 2026-05-06 07:04 • www.bleepingcomputer.com
Backups don’t fail because they’re missing, they fail because attackers destroy them first. Acronis explains how ransomware targets backup systems before encryption, leaving no path to recovery. […]
https://www.bleepingcomputer.com/news/security/why-ransomware-attacks-succeed-even-when-backups-exist/ - MuddyWater hackers use Chaos ransomware as a decoy in attacks
BleepingComputer • 2026-05-06 06:02 • www.bleepingcomputer.com
The MuddyWater Iranian hackers disguised their operations as a Chaos ransomware attack, relying on Microsoft Teams social engineering to gain access and establish persistence. […]
https://www.bleepingcomputer.com/news/security/muddywater-hackers-use-chaos-ransomware-as-a-decoy-in-attacks/ - OceanLotus suspected of using PyPI to deliver ZiChatBot malware
Securelist • 2026-05-06 06:00 • securelist.com
Kaspersky researchers uncovered malicious wheel packages in PyPI that targeted both Windows and Linux and contained a dropper delivering malware dubbed ZiChatBot. We attribute this activity to OceanLotus APT.
https://securelist.com/oceanlotus-suspected-pypi-zichatbot-campaign/119603/ - MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Hacker News • 2026-05-06 06:00 • thehackernews.com
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a “false flag” operation.
The attack, observed by Rapid7 in early 2026, has been found to leverage social engineering techniques via Microsoft Teams to initiate the infection sequence. Although the incident
https://thehackernews.com/2026/05/muddywater-uses-microsoft-teams-to.html - Webinar: Why network incidents escalate and how to fix response gaps
BleepingComputer • 2026-05-06 05:56 • www.bleepingcomputer.com
Most network incidents don’t escalate due to a lack of alerts; they escalate when response breaks down. This webinar explores how to fix gaps in triage, enrichment, and coordination. […]
https://www.bleepingcomputer.com/news/security/webinar-why-network-incidents-escalate-and-how-to-fix-response-gaps/ - The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open
The Hacker News • 2026-05-06 05:03 • thehackernews.com
For nearly 20 years, we at The Hacker News have mostly told scary stories about cyberspace — big hacks, broken systems, and new threats.
But behind every headline, there’s a quieter, better story.
It’s the story of leaders making tough calls under pressure, teams building smarter defenses, and security products that keep hunting threats 24/7 — even when it’s hard.
Most of the time, this work is
https://thehackernews.com/2026/05/the-hacker-news-launches-cybersecurity.html - Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?
The Hacker News • 2026-05-06 03:57 • thehackernews.com
Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, Gartner states that “enterprise adoption of AI agents is accelerating, outpacing maturity of governance policy controls.” Enterprise leaders can request access to the Gartner Market Guide for
https://thehackernews.com/2026/05/your-ai-agents-are-already-inside.html - Rowhammer Attack Against NVIDIA Chips
Schneier on Security • 2026-05-06 03:36 • www.schneier.comA new rowhammer attack gives complete control of NVIDIA CPUs.
On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generation that take GPU rowhammering into new—and potentially much more consequential—territory: GDDR bitflips that give adversaries full control of CPU memory, resulting in full sy…
https://www.schneier.com/blog/archives/2026/05/rowhammer-attack-against-nvidia-chips.html - Websites with an undefined trust level: avoiding the trap
Securelist • 2026-05-06 02:30 • securelist.com
We explain what suspicious websites are and how to distinguish a safe site from a fraudulent one. A new category in Kaspersky solutions: we’re sharing global statistics on untrusted site detection.
https://securelist.com/suspicious-websites-undefined-trust-level/119675/ - Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
BleepingComputer • 2026-05-06 02:18 • www.bleepingcomputer.com
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. […]
https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-actively-exploited-firewall-zero-day/ - Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
The Hacker News • 2026-05-06 02:13 • thehackernews.com
Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks.
“This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute,” Google’s product and security teams said.
The initiative builds upon the foundation of Pixel Binary Transparency, which Google introduced in October 2021
https://thehackernews.com/2026/05/android-apps-get-public-verification.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
