1. A new phishing campaign targeting Japanese online banking users is utilizing a domain and branding typo related to PayPoy (https://www.reddit.com/r/cybersecurity/comments/1tpvisr/new_phishing_campaign_targeting_japanese_online/).
2. Threat actor JINX-0164 is targeting cryptocurrency firms using fake recruiter lures and custom macOS malware to facilitate asset theft (https://thehackernews.com/2026/05/jinx-0164-targets-cryptocurrency-firms.html).
3. A malicious npm package named mouse5212-super-formatter was discovered stealing files from the local directory used by the Claude AI tool (https://thehackernews.com/2026/05/malicious-npm-package-stole-files-from.html).
4. A global smishing operation has been identified impacting users across 19 countries and 3 continents (https://www.reddit.com/r/cybersecurity/comments/1tpaj22/exposed_global_smishing_operation_hitting_19/).
5. Iranian threat actors are targeting the US aviation sector using an AI-assisted backdoor known as MiniFast (https://www.reddit.com/r/cybersecurity/comments/1tpb3ia/iranian_threat_group_targets_us_aviation_sector/).
6. A coordinated cryptojacking campaign is using SEO poisoning and manipulated AI chatbot recommendations to spread GPU mining malware (https://www.bleepingcomputer.com/news/security/gpu-mining-malware-spreads-via-seo-poisoning-ai-chatbots/).
7. A vulnerability in Gitea tracked as CVE-2026-27771 allows unauthenticated attackers to pull private container images from affected deployments (https://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html).
8. Security researchers and industry partners dismantled the GlassWorm developer supply chain campaign which used malicious npm packages and VS Code extensions (https://thehackernews.com/2026/05/glassworm-malware-takedown-disrupts.html).
9. Banking trojan campaigns involving Grandoreiro and BTMOB RAT are actively targeting Windows and Android users in Europe and Latin America (https://thehackernews.com/2026/05/grandoreiro-malware-and-btmob-rat.html).
10. The FBI reported that the Silent Ransom Group has shifted tactics to include IT support impersonation to facilitate their attacks (https://www.reddit.com/r/cybersecurity/comments/1tp6fg2/fbi_silent_ransom_group_turns_to_it_support_ploy/).
11. A critical remote code execution flaw in Microsoft SharePoint has been identified, necessitating immediate patching (https://www.reddit.com/r/cybersecurity/comments/1tp19o3/microsoft_sharepoint_has_a_new_rce_flaw_if_you/).
12. A popular Chrome VPN extension was found to have a vulnerability where the word toad allowed any website to gain full control of the application (https://www.reddit.com/r/cybersecurity/comments/1tp4x6l/the_word_toad_gave_any_website_full_control_of/).
13. A Canadian man was sentenced to 33 years in prison for a long-term sextortion scheme that targeted over 145 children (https://www.bleepingcomputer.com/news/security/sextortionist-sentenced-to-33-years-for-targeting-145-children/).
14. CISA faced criticism after a contractor published plain-text credentials to a public GitHub profile (https://grahamcluley.com/smashing-security-podcast-469/).
Be First to Comment