Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-14 08:00 PDT
- Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Hacker News • 2026-05-14 07:00 • thehackernews.com
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine.
Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It’s also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC‑0057
https://thehackernews.com/2026/05/ghostwriter-targets-ukrainian.html - KongTuke hackers now use Microsoft Teams for corporate breaches
BleepingComputer • 2026-05-14 05:12 • www.bleepingcomputer.com
Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. […]
https://www.bleepingcomputer.com/news/security/kongtuke-hackers-now-use-microsoft-teams-for-corporate-breaches/ - PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
The Hacker News • 2026-05-14 04:40 • thehackernews.com
Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure.
The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke the
https://thehackernews.com/2026/05/praisonai-cve-2026-44338-auth-bypass.html - How AI Hallucinations Are Creating Real Security Risks
The Hacker News • 2026-05-14 04:30 • thehackernews.com
AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks certainty, it doesn’t have a mechanism to recognize that. Instead, it generates the most probable response based on patterns in its training data, even if that response is inaccurate. These outputs
https://thehackernews.com/2026/05/how-ai-hallucinations-are-creating-real.html - How Dangerous Is Anthropic’s Mythos AI?
Schneier on Security • 2026-05-14 04:04 • www.schneier.comLast month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not release it to the general public. Instead, it would only be available to a select group of companies to scan and fix their own software.
The announcement requires context—but it contained an essential truth.
While Anthropic’s model is really good at finding software vul…
https://www.schneier.com/blog/archives/2026/05/how-dangerous-is-anthropics-mythos-ai.html - Kimsuky targets organizations with PebbleDash-based tools
Securelist • 2026-05-14 04:00 • securelist.com
Kaspersky researchers analyze a range of new PebbleDash-based tools used in recent Kimsuky campaigns and reveal their connection to the AppleSeed malware cluster.
https://securelist.com/kimsuky-appleseed-pebbledash-campaigns/119785/ - Dell confirms its SupportAssist software causes Windows BSOD crashes
BleepingComputer • 2026-05-14 03:03 • www.bleepingcomputer.com
Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots affecting Dell devices since Friday. […]
https://www.bleepingcomputer.com/news/software/dell-confirms-its-supportassist-software-causes-windows-bsod-crashes/ - When ransomware gets physical: cybercriminals turn to threats of violence
Graham Cluley • 2026-05-14 02:28 • www.bitdefender.com
Pay up, or we’ll pay someone to pay you a visit. Cybercrime gangs are increasingly turning to real-world threats – and even hiring local muscle to deliver the message.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/ransomware-physical-threats-violence - Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
The Hacker News • 2026-05-14 02:25 • thehackernews.com
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON).
The security defects have been codenamed YellowKey and GreenPlasma, respectively, by the researcher, who goes by the online aliases Chaotic Eclipse
https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
