Security Bulletin
27 May 2026
Biztonsági szemle
Cybercriminals increasingly use AI for deepfake-based KYC bypass, report finds
New research from Flashpoint highlights a significant trend where threat actors are not focused on developing novel AI tools but rather on refining existing ones.
26 May 2026
Biztonsági szemle
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
In just six hours, the campaign quietly pushed thousands of malicious commits to more than 5,500 GitHub repositories, stealing credentials, developer secrets, and more.
26 May 2026
Biztonsági szemle
State Cyber Leaders Beg Congress for More Funding, Support
A recent congressional hearing highlighted how states are reeling from federal cutbacks to important cyber grants and information sharing initiatives amid damaging attacks to critical infrastructure.
26 May 2026
Biztonsági szemle
The Hackers Behind Shai-Hulud: Lucky or Skilled?
TeamPCP, the hackers behind the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it's not necessarily due to skill alone.
26 May 2026
Biztonsági szemle
For Enterprises, Security Remains Agentic AI's Biggest Challenge
Every company needs an agentic AI strategy, but the tools to allow agentic AI frameworks be safely and securely adopted are just starting to appear.
26 May 2026
Biztonsági szemle
Microsoft Issues Out-of-Band SharePoint Patch
SharePoint access often means access to the keys of the kingdom, something attackers and defenders understand all too well.
26 May 2026
Biztonsági szemle
Detectify launches MCP server to integrate security testing into AI coding workflows
The Detectify MCP Server utilizes the Model Context Protocol (MCP), an open standard adopted across the AI industry for agent-tool communication.
26 May 2026
Biztonsági szemle
CypherLoc scareware tricks millions into identity theft traps
The CypherLoc attack begins with a phishing email containing a malicious link or attachment.
26 May 2026
Biztonsági szemle
Critical vulnerability in Universal Robots' PolyScope OS allows remote command execution
The vulnerability, tracked as CVE-2026-8153 with a CVSS score of 9.8, affects all PolyScope software versions prior to 5.25.1.
26 May 2026
Biztonsági szemle
Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike
The vulnerability, CVE-2026-5426, stems from the use of hard-coded ASP.NET machine keys within the LMS.
26 May 2026
Biztonsági szemle
The Oncology Institute reports patient data potentially exposed in third-party vendor breach
The Oncology Institute disclosed on May 20, 2026, that Kroll, a third-party administrator for an unnamed vendor, detected unauthorized access to systems that may have affected patient data.
26 May 2026
Biztonsági szemle
Zero-click attack hijacks WhatsApp accounts on iOS 16
The attack exploits vulnerabilities in iOS 16, specifically CVE-2025-43300 within the ImageIO framework and potentially CVE-2025-55177, to gain unauthorized access to WhatsApp sessions.
Pagination
- Previous page ‹‹
- Page 71
- Next page ››