News for May 3, 2026

News for May 3, 2026

By I_g_o_r | Some news | 2 May 2026


America's largest home security brand ADT confirms data breach linked to ShinyHunters group

https://www.neowin.net/news/americas-largest-home-security-brand-adt-confirms-data-breach-linked-to-shinyhunters-group/

https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/

 

New ClickFix attack Hides in Native Windows Tools to Reduce Detection Risk

https://hackread.com/clickfix-variant-native-windows-tools-bypass-security/

 

AI Just Made Every Crypto at Risk (Nobody's Ready)

https://www.youtube.com/watch?v=o0pvDGUmHBU

 

Governments on high alert after CISA snuffs out Firestarter backdoor on fed network

https://www.theregister.com/2026/04/24/government_cni_on_high_alert/

 

10 Hacks Every YouTube Music User Should Know

https://lifehacker.com/tech/10-hacks-every-youtube-music-user-should-know

 

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

https://www.securityweek.com/china-linked-apt-gopherwhisper-abuses-legitimate-services-in-government-attacks/

 

15-Bit ECC Key Broken on Publicly Accessible Quantum Hardware Wins Q-Day Prize

https://thequantuminsider.com/2026/04/24/project-eleven-q-day-prize-quantum-ecc-attack/

https://phemex.com/blogs/elliptic-curve-key-quantum-computer-hacked

https://www.google.com/search?q=ECC+Key+Broken+on+Publicly+Accessible+Quantum+Hardware+Wins+Q-Day+Prize

 

Hackers Exploit Agent ID Administrator Role to Hijack Service Principals

https://gbhackers.com/hackers-exploit-agent-id-administrator-role/

 

Coinbase Advisers Warn Quantum Computing Will Crack Blockchain Encryption — And The Window to Prepare Is Narrowing

https://thequantuminsider.com/2026/04/25/coinbase-advisers-warn-quantum-computing-will-crack-blockchain-encryption-and-the-window-to-prepare-is-narrowing/

 

CrowdStrike CEO on Project QuiltWorks: The window to find & patch AI vulnerabilities has collapsed

https://www.cnbc.com/video/2026/04/24/crowdstrike-ceo-on-project-quiltworks-the-window-to-find-patch-ai-vulnerabilities-has-collapsed.html

 

The Internet Was Never Secure: Hacking, Backdoors and Control

https://www.youtube.com/watch?v=Wo7VR9aTmdw

 

18 Shocking Facts That Prove The US Economy Is In Far Worse Shape Than Most People Realize

https://www.zerohedge.com/markets/18-shocking-facts-prove-us-economy-far-worse-shape-most-people-realize

 

Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos

https://www.wired.com/story/security-news-this-week-discord-sleuths-gained-unauthorized-access-to-anthropics-mythos/

 

They Finally Translated the Last Sumerian Tablet — It Describes How Humanity Ends

https://www.youtube.com/watch?v=eL0cEy6PLiM

 

Threat actor uses Microsoft Teams to deploy new “Snow” malware

https://www.bleepingcomputer.com/news/security/threat-actor-uses-microsoft-teams-to-deploy-new-snow-malware/

 

DECAYING SEVERE WEATHER WARNING SYSTEMS

https://gizadeathstar.com/2026/04/decaying-severe-weather-warning-systems/

 

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

https://www.theregister.com/2026/04/25/new_crime_crew_impersonates_help_desks/

 

Fake CAPTCHA Scam Abuses Verification Clicks to Send Costly International Texts

https://hackread.com/fake-captcha-pages-exploit-clicks-send-texts/

 

America: Land of the (Not Really) Free

https://dailyreckoning.com/america-land-of-the-not-really-free/

 

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

https://thehackernews.com/2026/04/researchers-uncover-pre-stuxnet-fast16.html

 

The EU 'Democracy Shield' Is The End Of Freedom In Europe

https://www.zerohedge.com/political/eu-democracy-shield-end-freedom-europe

 

The End of Digital Security? (RSA-2048 Broken)

https://www.youtube.com/watch?v=z13T0AIKXdw

 

Expert Warns Freezing Dormant Bitcoin Could Impact Market Pricing

https://www.binance.com/en/square/post/316707195657314

 

36-year-old left the U.S. for China—now pays $1,000 rent and $100 for groceries for family of 4: It’s my ‘version of the American Dream’

https://www.cnbc.com/2026/04/25/36-year-old-left-the-us-for-chinanow-pays-1000-rent-and-100-for-groceries-for-family-of-4.html

 

Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation

https://hackread.com/microsoft-entra-agent-id-flaw-tenant-takeover/

 

Chernobyl virus turned 27 today, and it could brick your PC in ways modern malware can't by overwriting BIOS firmware

https://www.tomshardware.com/tech-industry/cyber-security/the-chernobyl-virus-turned-27-today-and-it-could-brick-your-pc-in-ways-modern-malware-cant

 

Fast16: Cyberweapon that predates Stuxnet by five years

https://hackingpassion.com/fast16-pre-stuxnet-cyber-sabotage/

 

10 Businesses That Are THRIVING in This BAD ECONOMY

https://www.youtube.com/watch?v=KxFuBZ_cPeM

 

American utility firm Itron discloses breach of internal IT network

https://www.bleepingcomputer.com/news/security/american-utility-firm-itron-discloses-breach-of-internal-it-network/

 

Scallop Identifies Vulnerability in sSUI Reward Pool Contract

https://www.binance.com/en/square/post/316694627993410

 

Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files

https://hackread.com/vidar-infostealer-fake-captchas-jpeg-txt-files/

 

Elon Musk Vies to Turn X Into Super App With Banking Tool Near Launch

https://news.slashdot.org/story/26/04/26/2155259/elon-musk-vies-to-turn-x-into-super-app-with-banking-tool-near-launch

 

Pesticide exposure linked to 150% higher cancer risk in major study

https://www.sciencedaily.com/releases/2026/04/260426012314.htm

 

Microsoft says Outlook.com outage is causing sign-in failures

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-outlookcom-outage-is-causing-sign-in-failures/

 

Fake Income Tax Notices Used to Spread Malware

https://gbhackers.com/fake-income-tax/

 

AI Just Broke the Internet’s Encryption (And Nobody’s Talking About This Part)

https://www.youtube.com/watch?v=-vhzRxLAJIU

 

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years

https://www.securityweek.com/openssh-flaw-allowing-full-root-shell-access-lurked-for-15-years/

 

82 Chrome Extensions Found Selling User Data, 6.5 Million Users Affected

https://hackread.com/82-chrome-extensions-selling-user-data/

 

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

https://www.bleepingcomputer.com/news/security/glassworm-malware-attacks-return-via-73-openvsx-sleeper-extensions/

 

Incomplete Windows Patch Opens Door to Zero-Click Attacks

https://www.securityweek.com/incomplete-windows-patch-opens-door-to-zero-click-attacks/

 

'An interesting evolution in tactics': Google security experts flag new cyber scam which abuses Microsoft Teams to steal your data

https://www.techradar.com/pro/security/an-interesting-evolution-in-tactics-google-security-experts-flag-new-cyber-scam-which-abuses-microsoft-teams-to-steal-your-data

 

Litecoin Experiences 13-Block Reorganization After Double-Spending Attack

https://www.binance.com/en/square/post/317032707066834

 

UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware

https://hackread.com/unc6692-hackers-microsoft-teams-snow-malware/

 

Itron Discloses Data Breach After Hackers Access Internal Systems

https://gbhackers.com/itron-discloses-data-breach/

https://www.securityweek.com/energy-and-water-management-firm-itron-hacked/

 

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

https://thehackernews.com/2026/04/researchers-uncover-73-fake-vs-code.html

 

UFO INVASION IN BRAZIL?! UAP Sightings

https://www.youtube.com/watch?v=1XbqombdCak

 

ShinyHunters strike again as hackers claim to have pinched 7.5 million Carnival cruise emails

https://www.techradar.com/pro/security/they-dont-care-shinyhunters-strike-again-as-hackers-claim-to-have-pinched-7-5-million-carnival-cruise-emails

 

IQM to Deploy Quantum Computer to TOYO in Japan

https://thequantuminsider.com/2026/04/27/iqm-toyo-quantum-deployment/

 

Firefox bug CVE-2026-6770 enabled cross-site tracking and Tor fingerprinting

https://securityaffairs.com/191374/security/firefox-bug-cve-2026-6770-enabled-cross-site-tracking-and-tor-fingerprinting.html

 

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

https://thehackernews.com/2026/04/phantomcore-exploits-trueconf.html

 

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google

https://www.securityweek.com/malicious-ai-prompt-injection-attacks-increasing-but-sophistication-still-low-google/

 

North Korea Infiltrated Ethereum And Stole Millions!

https://www.youtube.com/watch?v=-7dDRdvkx9g

 

Cybersec is a thankless job: expanding workload and shrinking pay packet

https://www.theregister.com/2026/04/27/from_a_massive_skills_gap/

 

French prosecutors charge 88 individuals linked to crypto wrench attacks

https://www.theblock.co/post/398939/french-charge-88-crypto-wrench-attacks

 

10 Debit Card Scams Spreading Right Now (Most People Have No Clue)

https://www.youtube.com/watch?v=COC96oiGoxo

 

Consumers lost $2.1B to social media scams in 2025, FTC reports

https://techcrunch.com/2026/04/27/consumers-lost-2-1-billion-to-social-media-scams-in-2025-ftc-reports/

 

ShinyHunters Leaks Data of Udemy, Zara, 7-Eleven in Salesforce Linked Breach

https://hackread.com/shinyhunters-leak-udemy-zara-7-eleven-data-breach/

 

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud

https://thehackernews.com/2026/04/fake-captcha-irsf-scam-and-120-keitaro.html

 

Vitamin D boosts breast cancer treatment success by 79%

https://www.sciencedaily.com/releases/2026/04/260428004119.htm

 

Medical and utility tech companies admit digital breakins

https://www.theregister.com/2026/04/27/itron_medtronic_hacked/

https://www.securityweek.com/medtronic-hack-confirmed-after-shinyhunters-threatens-data-leak/

 

'Unfortunately, it needs to be said: Do not send a text to confirm you are human': Experts reveal how fake CAPTCHAs are driving a global SMS scam campaign

https://www.techradar.com/pro/security/unfortunately-it-needs-to-be-said-do-not-send-a-text-to-confirm-you-are-human-experts-reveal-how-fake-captchas-are-driving-a-global-sms-scam-campaign

 

'We don't take Satoshi's bitcoin': eCash fork sparks backlash over 'reassigned' coins

https://www.theblock.co/post/399054/we-dont-take-satoshis-bitcoin-ecash-fork-backlash-reassigned-coins

 

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

https://thehackernews.com/2026/04/checkmarx-confirms-github-repository.html

https://www.securityweek.com/checkmarx-confirms-data-stolen-in-supply-chain-attack/

https://gbhackers.com/checkmarx-confirms-security-incident/

 

How Quantum-Shatter Bypassed Bank Unity Global's RSA Encryption

https://www.youtube.com/watch?v=i6V2BbqLCHM

https://www.google.com/search?q=How+Quantum-Shatter+Bypassed+Unity+Global%27s+RSA+Encryption&oq=How+Quantum-Shatter+Bypassed+Unity+Global%27s+RSA+Encryption&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIHCAEQABjvBTIHCAIQABjvBTIHCAMQABjvBTIKCAQQABiABBiiBDIHCAUQABjvBTIGCAYQRRg90gEHNjcwajBqOagCBbACAfEF609crbzbU9w

 

Hugging Face LeRobot Flaw Opens Door to Remote Code Execution Attacks

https://gbhackers.com/hugging-face-lerobot-flaw/

 

DeFi lost $13B this month as the KelpDAO rescue shows both the best and worst of DeFi

https://cryptoslate.com/defi-lost-13b-this-month-as-the-kelpdao-rescue-shows-both-the-best-and-worst-of-defi/

 

Tennessee to Ban Cryptocurrency Kiosks Starting July 1

https://www.binance.com/en/square/post/317165361406433

 

Open source package with 1 million monthly downloads stole user credentials

https://arstechnica.com/security/2026/04/open-source-package-with-1-million-monthly-downloads-stole-user-credentials/

 

Study Finds a Third of New Websites Are AI-Generated

https://tech.slashdot.org/story/26/04/27/2123224/study-finds-a-third-of-new-websites-are-ai-generated

 

New Linux FIRESTARTER Backdoor Targets Cisco Firepower Devices

https://hackread.com/linux-firestarter-backdoor-cisco-firepower-devices/

 

Claude-Powered Agent Apparently Deletes Company Database, Debases Itself Further in Confession

https://gizmodo.com/claude-powered-agent-apparently-deletes-company-database-debases-itself-further-in-confession-2000751528

 

The Nobel Prize in Physics Was Just Awarded for Proving the Universe Isn't Real — Einstein Was Wrong

https://www.youtube.com/watch?v=CM4TXfpsWUg

 

Dozens of Open VSX Extension Clones Linked to GlassWorm Malware

https://www.securityweek.com/dozens-of-open-vsx-extension-clones-linked-to-glassworm-malware/

 

Your dreams aren’t random. Here’s what’s really happening

https://www.sciencedaily.com/releases/2026/04/260428045538.htm

 

Inside an OPSEC Playbook: How Threat Actors Evade Detection

https://www.bleepingcomputer.com/news/security/inside-an-opsec-playbook-how-threat-actors-evade-detection/

 

Proposed Bitcoin Hard Fork in August 2026 to Introduce eCash

https://www.binance.com/en/square/post/317371372749410

 

The AI Delusion: Why the $850 Billion Tech Bubble is About to BURST

https://www.youtube.com/watch?v=Uxd7D92AshA

 

Signal Phishing Campaign Targets German Officials in Suspected Russian Operation

https://securityaffairs.com/191425/intelligence/signal-phishing-campaign-targets-german-officials-in-suspected-russian-operation.html

 

Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About

https://thehackernews.com/2026/04/why-secure-data-movement-is-zero-trust.html

 

Chinese engineer stole US military and NASA software for years

https://www.malwarebytes.com/blog/news/2026/04/chinese-engineer-stole-us-military-and-nasa-software-for-years

 

40,000 U.S. Retail Stores Could Close By 2030

https://www.zerohedge.com/markets/40000-us-retail-stores-could-close-2030

 

Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety

https://www.securityweek.com/electric-motorcycles-and-scooters-face-hacking-risks-to-security-and-rider-safety/

 

Microsoft to deprecate legacy TLS in Exchange Online starting July

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-deprecate-legacy-tls-in-exchange-online-starting-july/

 

United Arab Emirates says it will leave OPEC amid energy turmoil

https://ground.news/article/f6d236e2-ae06-4cee-85b0-df95ae421c8e

 

IonQ Partners with Florida LambdaRail on Secure Network Project

https://thequantuminsider.com/2026/04/27/ionq-florida-lambdarail-quantum-safe-network/

 

WORLD GOVERNMENTS Secretly CONTROL LINUX And 5 CRYPTO EXCHANGES USING THIS!

https://www.youtube.com/watch?v=a2TT0MBwpcM

 

New Android spyware Morpheus linked to Italian surveillance firm

https://securityaffairs.com/191398/malware/new-android-spyware-morpheus-linked-to-italian-surveillance-firm.html

 

VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi

https://thehackernews.com/2026/04/vect-20-ransomware-irreversibly.html

 

Ethereum backers pledge up to 30,000 ETH to rsETH recovery after bridge incident

https://cointelegraph.com/news/ethereum-backers-commit-up-to-30000-eth-to-rseth-recovery-after-bridge-incident

 

The Sumerian Tablet That Describes a Second Moon — And the Night It Disappeared

https://www.youtube.com/watch?v=UTVpZrBbcUg

 

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

https://thehackernews.com/2026/04/brazilian-lofygang-resurfaces-after.html

 

Barclays takes £228mn hit from MFS exposure

https://www.thebanker.com/content/80f00706-492a-48c8-b7b6-3ff955eee673

 

'The data should be a wake-up call': Report finds cybersecurity workers feel underpaid, undervalued and overstressed — and that's putting everyone at risk

https://www.techradar.com/pro/the-data-should-be-a-wake-up-call-report-finds-cybersecurity-workers-feel-underpaid-undervalued-and-overstressed-and-thats-putting-everyone-at-risk

 

Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise

https://hackread.com/pack2theroot-linux-packagekit-flaw-full-compromise/

 

The Semiconductor Bubble Goes Nuclear

https://dailyreckoning.com/the-semiconductor-bubble-goes-nuclear/

 

Have I Been Pwned claims Pitney Bowes hit by 8.2M email address leak

https://www.theregister.com/2026/04/28/pitney_bowes_is_the_latest/

 

The Sumerian Scorpion Men Who Guarded the Underworld — And the Tunnels Archaeologists Actually Found

https://www.youtube.com/watch?v=TIaxGZENx-0

 

Electrical current might be the key to a better cup of coffee

https://arstechnica.com/science/2026/04/electrical-current-might-be-the-key-to-a-better-cup-of-coffee/

 

Ft. Knox Full Of Impure Gold Unfit For International Transactions

https://www.zerohedge.com/precious-metals/ft-knox-full-impure-gold-unfit-international-transactions

 

Vimeo Confirms User and Customer Data Breach

https://www.securityweek.com/vimeo-confirms-user-and-customer-data-breach/

https://www.bleepingcomputer.com/news/security/video-service-vimeo-confirms-anodot-breach-exposed-user-data/

 

Dead Internet Theory Is 17% of the Way to Becoming Reality, Study Finds

https://gizmodo.com/dead-internet-theory-is-17-of-the-way-to-becoming-reality-study-finds-2000751718

 

HUGE password manager got compromised

https://www.youtube.com/watch?v=-_TWFbw8XjU

 

Don't pay Vect a ransom - your data's likely already wiped out

https://www.theregister.com/2026/04/28/dont_pay_vect_a_ransom/

 

Scientists catch antimatter “atom” acting like a wave for the first time

https://www.sciencedaily.com/releases/2026/04/260428045612.htm

 

Kyber Ransomware And The Post-Quantum Illusion

https://www.pcrisk.com/internet-threat-news/35205-kyber-ransomware-and-the-post-quantum-illusion

 

Pro-Iran hackers claim eBay attack, say ‘rapid fire assaults’ will continue if company doesn’t respond

https://threatbeat.com/attacks-and-incidents/pro-iran-hackers-claim-ebay-attack-say-rapid-fire-assaults-will-continue-if-company-doesnt-respond/

 

T-Mobile Will Give You $200 to Switch From Another Carrier

https://lifehacker.com/tech/t-mobile-will-give-you-200-dollars-to-switch-from-another-carrier

 

20 Forgotten Ways Americans Made Money Without a Job

https://www.youtube.com/watch?v=DKVWDrterms

 

New Bitcoin Hard Fork Proposal Raises Tax Concerns Because eCash Plan Could Mean Unexpected Liabilities for Holders

https://www.mexc.com/news/1056383

 

Brinker Introduces a Novel Approach to Deepfake Detection

https://hackread.com/brinker-introduces-a-novel-approach-to-deepfake-detection/

 

Why Sharing a Screenshot Can Get You Jailed in the UAE

https://www.wired.com/story/why-sharing-a-screenshot-can-get-you-jailed-in-the-uae/

 

8 Quantum Computing Cybersecurity Risks

https://www.paloaltonetworks.com/cyberpedia/what-is-quantum-computings-threat-to-cybersecurity

 

You Don’t Believe in UFOs? Watch This.

https://www.youtube.com/watch?v=G--d1T-2EC4

 

Hackers exploit Robinhood account creation tool to launch worrying phishing scam

https://www.techradar.com/pro/security/hackers-exploit-robinhood-account-creation-tool-to-launch-worrying-phishing-scam

 

Did A $1.5 Trillion Pin Just Pop The Entire AI Bubble?

https://www.zerohedge.com/news/2026-04-28/did-15-trillion-pin-just-pop-entire-ai-bubble

 

BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures

https://www.darkreading.com/cyberattacks-data-breaches/bluenoroff-turns-victims-into-new-attack-lures

 

I Tested 5 “Private” Browsers — Only One Didn’t Spy

https://www.youtube.com/watch?v=k4jLOZ8bf-4

 

Fake CAPTCHA scam turns a quick click into a costly phone bill

https://www.malwarebytes.com/blog/news/2026/04/fake-captcha-scam-turns-a-quick-click-into-a-costly-phone-bill

 

Crypto Security Incidents Lead to Significant Losses in April 2026

https://www.binance.com/en/square/post/317732440009218

 

GoDaddy customer claims registrar transferred 27-year-old domain without any security checks

https://www.theregister.com/2026/04/29/godaddy_megagaffe_wrongly_transferred_27yearold/

 

Cursor AI IDE vulnerability allows code execution via hidden Git hooks

https://hackread.com/cursor-ai-ide-vulnerability-code-execution-git-hooks/

https://gbhackers.com/cursor-ai-coding-agent-vulnerability/

 

U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog

https://securityaffairs.com/191442/security/u-s-cisa-adds-microsoft-windows-shell-and-connectwise-screenconnect-flaws-to-its-known-exploited-vulnerabilities-catalog.html

 

Microsoft says backend change broke Teams Free chat and calls

https://www.bleepingcomputer.com/news/security/microsoft-says-backend-change-broke-teams-free-chat-and-calls/

 

The AI Bubble Literally Just CRASHED As OpenAI Falls

https://www.youtube.com/watch?v=XA0z1pL3GQU

 

Hundreds of Internet-Facing VNC Servers Expose ICS/OT

https://www.securityweek.com/hundreds-of-internet-facing-vnc-servers-expose-ics-ot/

 

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

https://thehackernews.com/2026/04/critical-cpanel-authentication.html

 

ZetaChain dismissed bug report that could have prevented $334K exploit

https://cointelegraph.com/news/zetachain-dismissed-bug-report-that-could-have-prevented-334k-exploit

 

New report claims workplace apps gathering far more personal data than we all think — and its even being used for advertising

https://www.techradar.com/pro/security/watching-keeping-tabs-and-sharing-new-report-claims-workplace-apps-gathering-far-more-personal-data-than-we-all-think-and-its-even-being-used-for-advertising

 

Japan Airlines Tests Humanoid Robots for Airport Baggage Handling

https://ground.news/daily-briefing/japan-airlines-to-pilot-humanoid-robots-at-tokyo-haneda-airport_755cde

 

GitHub says sorry and vows to do better as uptime slips and devs complain

https://www.theregister.com/2026/04/29/github_says_sorry_and_says/

 

Aliens Already Live Here! NASA Physicist Reveals UFOs Shutting Down Nuclear Missiles Since The 1960s

https://www.youtube.com/watch?v=T3xAfuvIaqE

 

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure

https://www.securityweek.com/fresh-litellm-vulnerability-exploited-shortly-after-disclosure/

 

New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks

https://hackread.com/bluekit-phishing-kit-targets-platforms-mfa-bypass-attack/

 

Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining

https://www.bleepingcomputer.com/news/security/hackers-exploit-rce-flaws-in-qinglong-task-scheduler-for-cryptomining/

 

Lazarus Targets macOS Users With New “Mach-O Man” Malware Kit

https://gbhackers.com/lazarus-targets-macos-users/

 

Yet another experiment proves it's too damn simple to poison large language models

https://www.theregister.com/2026/04/29/poisoning_large_language_models_6nimmt/

 

NSA + secret AI + hacking millions: this got out of control

https://www.youtube.com/watch?v=fNJsvnGiZkk

 

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

https://thehackernews.com/2026/04/sap-npm-packages-compromised-by-mini.html

 

After $800 million in hacks, the DeFi market faced capital outflows and declining trust

https://frank.uz/en/news-en/after-800-million-in-hacks-the-defi-market-faced-capital-outflows-and-declining-trust/

 

Polymarket Rejects Data Breach Claims as Hacker Alleges 300K Records Stolen

https://hackread.com/polymarket-rejects-data-breach-hacker-records-stolen/

 

Kid Reportedly Consumes 13,000 YouTube Videos in Three Months During School Hours

https://gizmodo.com/kid-reportedly-consumes-13000-youtube-videos-in-three-months-during-school-hours-2000752505

 

Emma Kok & Milan van Waardenburg - The Phantom of the Opera

https://www.youtube.com/watch?v=4iB2MRqQ7ds

https://www.youtube.com/watch?v=9oHkA1A4Gmg

 

Is this 'the largest breach in football history'? Hackers allegedly breach Cristiano Ronaldo's Saudi team and AFC governing body, leak passports, contracts, and emails online

https://www.techradar.com/pro/security/is-this-the-largest-breach-in-football-history-hackers-allegedly-breach-cristiano-ronaldos-saudi-team-and-afc-governing-body-leak-passports-contracts-and-emails-online

 

Crypto Hack Losses Surge to $629.7 Million in April

https://www.binance.com/en/square/post/318102642588113

https://cointelegraph.com/news/crypto-hacks-cause-630m-losses-in-april-highest-since-february-2025

 

Tether Freezes Millions. Crypto No Longer Safe?

https://www.youtube.com/watch?v=hJHGbw1xrew

 

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

https://thehackernews.com/2026/04/new-wave-of-dprk-attacks-uses-ai.html

 

Kim Jong Un Confirms Suicide Orders for Troops in Kursk

https://ground.news/daily-briefing/north-korea-kim-jong-un-praises-troops-who-self-blasted-to-avoid-capture

 

Wasabi Protocol hit by more than $5 million exploit across multiple chains, security firms say

https://www.theblock.co/post/399558/wasabi-protocol-hit-by-more-than-5-million-exploit-across-multiple-chains-security-firms-say

 

Linux cryptographic code flaw offers fast route to root

https://www.theregister.com/2026/04/30/linux_cryptographic_code_flaw/

https://hackread.com/linux-kernel-vulnerability-copy-fail-full-root-access/

 

Harvard Just Caught AI Lying to Every Executive in America

https://www.youtube.com/watch?v=pd1Km6bT104

 

The Secretary Of Health & Human Services Doesn’t Believe In The Foundation Of Modern Medicine

https://www.techdirt.com/2026/04/28/the-secretary-of-health-human-services-doesnt-believe-in-the-foundation-of-modern-medicine/

 

A photon was teleported across 270 meters in stunning quantum breakthrough

https://www.sciencedaily.com/releases/2026/04/260429102030.htm

 

Cursor AI Agent Wipes PocketOS Database and Backups in 9 Seconds

https://hackread.com/cursor-ai-agent-wipes-pocketos-database-backups/

 

Nearly half of UK businesses pwned last year as phishing keeps doing the job like it's 2005

https://www.theregister.com/2026/04/30/almost_half_of_uk_firms/

 

Meta accused of violating DSA by failing to safeguard minors

https://securityaffairs.com/191511/laws-and-regulations/meta-accused-of-violating-dsa-by-failing-to-safeguard-minors.html

 

Humanoid Robots Enter The Workforce. How Long Before Workers Revolt? Tyler Durden's Photo

https://www.zerohedge.com/markets/humanoid-robots-enter-workforce-how-long-workers-revolt

 

Police dismantles 9 crypto scam centers, arrests 276 suspects

https://www.bleepingcomputer.com/news/security/police-dismantles-9-crypto-investment-scam-centers-arrests-276-suspects/

 

Simon Bown Details Alien Encounters Most People Never Hear About

https://www.youtube.com/watch?v=VSjsLVjaLMA

 

Artificial IntelligenceCritical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks

https://www.securityweek.com/critical-gemini-cli-flaw-enabled-host-code-execution-supply-chain-attacks/

 

'Chaining vulnerabilities is the hallmark of a sophisticated attack': 750,000 websites must be patched as Microsoft's popular open source Dotnetnuke CMS hit by an XSS flaw that allows attackers to hijack admin sessions and take over entire web servers

https://www.techradar.com/pro/security/chaining-vulnerabilities-is-the-hallmark-of-a-sophisticated-attack-750-000-websites-must-be-patched-as-microsofts-popular-open-source-dotnetnuke-cms-hit-by-an-xss-flaw-that-allows-attackers-to-hijack-admin-sessions-and-take-over-entire-web-servers

 

Third Of Americans Are Having An Existential Crisis Right Now

https://studyfinds.com/americans-having-existential-crisis/

 

North Korea accounts for 76% of 2026 crypto hack losses, with theft since 2017 topping $6 billion: TRM Labs

https://www.theblock.co/post/399569/north-korea-accounts-for-76-of-2026-crypto-hack-losses-with-theft-since-2017-topping-6-billion-trm-labs

 

TOKENIZING TREES: THE SOVIET TREE PROBLEM IS SOLVED

https://gizadeathstar.com/2026/04/tokenizing-air-water-and-everything/

 

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

https://thehackernews.com/2026/04/new-python-backdoor-uses-tunneling.html

 

Why It’s SO HARD To Get Ahead, Even When You Do Everything Right

https://www.youtube.com/watch?v=T5p592k4W-4

 

Private Chats, Photos of Celebs Exposed in Suspected Stalkerware Leak

https://hackread.com/private-chats-photos-celebs-expose-stalkerware-leak/

 

French Prosecutors Link 15-Year-Old To Mega-Breach At State's Secure Document Agency

https://it.slashdot.org/story/26/04/30/1949206/french-prosecutors-link-15-year-old-to-mega-breach-at-states-secure-document-agency

 

FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'

https://www.theregister.com/2026/04/30/fbi_cyber_boss_chinas_hackerforhire/

 

Hackers are actively exploiting a bug in cPanel, used by millions of websites

https://techcrunch.com/2026/04/30/hackers-are-actively-exploiting-a-bug-in-cpanel-used-by-millions-of-websites/

 

Misconfigured Server Run by Hackers Leaks 345,000 Stolen Credit Cards

https://hackread.com/misconfigured-server-hackers-leak-stolen-credit-cards/

 

New Bluekit phishing service includes an AI assistant, 40 templates

https://www.bleepingcomputer.com/news/security/new-bluekit-phishing-service-includes-an-ai-assistant-40-templates/

 

Government Hacking Tools Are Now in Criminals' Hands (with Lorenzo Franceschi-Bicchierai)

https://www.youtube.com/watch?v=MWxLqopMo5o

 

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

https://thehackernews.com/2026/04/pytorch-lightning-compromised-in-pypi.html

 

AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours

https://www.securityweek.com/ai-fuels-industrial-cybercrime-as-time-to-exploit-shrinks-to-hours/

 

Tokenized gold spot trading volume reached $90.7 billion in the first quarter, surpassing the $84.6 billion recorded throughout 2025

https://www.binance.com/en/square/post/318350446296898

 

Tax the Rich, Watch Them Leave

https://dailyreckoning.com/tax-the-rich-watch-them-leave/

 

'Nearly two-thirds of spam came from US-based infrastructure': Your free Gmail account could be helping criminals send 46% of all commercial spam while wearing down employees with email fatigue

https://www.techradar.com/pro/security/nearly-two-thirds-of-spam-came-from-us-based-infrastructure-your-free-gmail-account-is-helping-criminals-send-46-of-all-commercial-spam-while-wearing-down-employees-with-email-fatigue

 

Hundreds of Wallets Emptied on Ethereum Mainnet in Suspected Real-Time Vulnerability Attack

https://www.binance.com/en/square/post/318326430913618

 

The Sumerian Tablet That Lists Every Star With Life — And Marks the One That Contacts Earth

https://www.youtube.com/watch?v=vQRjst2vNGo

 

PoC Disclosed for Critical Root ASUSTOR ADM RCE Flaw

https://gbhackers.com/poc-disclosed-for-critical-root-asustor-adm-rce-flaw/

 

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

https://thehackernews.com/2026/04/threatsday-bulletin-sms-blaster-busts.html

 

Tokenized Real-World Asset Market Surges Over 420% in 2025

https://www.binance.com/en/square/post/318365760284770

 

US falls below Ukraine in press freedom as global autocracy takes hold

https://arstechnica.com/tech-policy/2026/04/us-falls-below-ukraine-in-press-freedom-as-global-autocracy-takes-hold/

 

AI-Powered Ransomware Surge Hits 7,831 Victims Worldwide

https://gbhackers.com/ai-powered-ransomware/

 

Crypto hacks hit record high in April as exploits kept piling up

https://www.theblock.co/post/399666/crypto-hacks-hit-record-high-in-april-as-exploits-kept-piling-up

 

Belgium Plans To Nationalize Nuclear Power Plants

https://hardware.slashdot.org/story/26/04/30/2029222/belgium-plans-to-nationalize-nuclear-power-plants

 

The Secret History of Gold: What They Never Told You | Dominic Frisby & Michelle Makori

https://www.youtube.com/watch?v=jo1D9S_P3cE

 

QR code phishing surges 146% as Microsoft detects and analyzes 8.3 billion phishing threats in Q1 2026 – attackers are changing tactics to bypass security

https://www.techradar.com/pro/security/qr-code-phishing-surges-146-percent-as-microsoft-detects-and-analyzes-8-3-billion-phishing-threats-in-q1-2026-attackers-are-changing-tactics-to-bypass-security

 

US ransomware negotiators get 4 years in prison over BlackCat attacks

https://www.bleepingcomputer.com/news/security/us-ransomware-negotiators-get-4-years-in-prison-over-blackcat-attacks/

 

France Is Replacing 2.5 Million Windows Desktops With Linux

https://www.linuxtoday.com/blog/france-is-replacing-2-5-million-windows-desktops-with-linux-and-i-mapped-out-its-new-stack/

 

EtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise Admins

https://gbhackers.com/etherrat-uses-seo-poisoning/

 

DeFi protocol Carrot becomes first casualty of $285M Drift exploit

https://cointelegraph.com/news/defi-protocol-carrot-becomes-first-casualty-of-285m-drift-exploit

 

First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially exposed

https://www.theregister.com/2026/05/01/critical_cpanel_vuln_hits_cisa/

 

South Africa Just Proved They CAN Steal Your Bitcoin

https://www.youtube.com/watch?v=bzFs_Mm6H5Q

 

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

https://www.securityweek.com/sophisticated-deepdoor-backdoor-enables-espionage-disruption/

 

Finance company stores DB credentials in helpfully labeled spreadsheet

https://www.theregister.com/2026/04/30/finance_company_stored_their_db_pwned_column/

 

Domestic Surveillance Is Expanding With New, AI-Powered Tools

https://www.wsj.com/podcasts/tech-news-briefing/domestic-surveillance-is-expanding-with-new-ai-powered-tools/fc4de4a3-f759-46e6-ab79-0ba4e9acf71a

 

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

https://thehackernews.com/2026/05/poisoned-ruby-gems-and-go-modules.html

 

Blue Aliens Phenomenon Investigators Cannot Explain | Ross Coulthart

https://www.youtube.com/watch?v=YeKp31EZ0EE

 

Hackers Use Jenkins Access to Deploy DDoS Botnet Against Gaming Servers

https://hackread.com/hackers-jenkins-ddos-botnet-gaming-servers/

 

FBI says hackers are making millions from stolen cargo - losses 'surged' to nearly $725 million in 2025

https://www.techradar.com/pro/security/fbi-says-hackers-are-making-millions-from-stolen-cargo-losses-surged-to-nearly-usd725-million-in-2025

 

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

https://thehackernews.com/2026/05/cybercrime-groups-using-vishing-and-sso.html

 

Cyber-Insecurity in the AI Era

https://www.technologyreview.com/2026/05/01/1136779/cyber-insecurity-in-the-ai-era/

 

Credit Cards Are Vulnerable To Brute Force Kind Attacks

https://metin.nextc.org/posts/Credit_Cards_Are_Vulnerable_To_Brute_Force_Kind_Attacks.html

 

15-year-old detained over French govt agency data breach

https://www.bleepingcomputer.com/news/security/15-year-old-detained-over-french-govt-agency-data-breach/

 

Recent Hacks Result in Over $606 Million in Losses Across 12 Protocols

https://www.binance.com/en/square/post/318761463787362

 

Ubuntu services hit by outages after DDoS attack

https://techcrunch.com/2026/05/01/ubuntu-services-hit-by-outages-after-ddos-attack/

 

CybercrimeIn Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability

https://www.securityweek.com/in-other-news-scattered-spider-hacker-arrested-soc-effectiveness-metrics-nsa-tool-vulnerability/

 

45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation

https://hackread.com/45k-attacks-53k-backdoor-china-cybercrime-operation/

 

76% of All Crypto Stolen in 2026 Is Now in North Korea

https://www.darkreading.com/cybersecurity-analytics/crypto-stolen-2026-north-korea

 

30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign

https://thehackernews.com/2026/05/30000-facebook-accounts-hacked-via.html

 

Why do crabs walk sideways? Scientists trace it back 200 million years

https://www.sciencedaily.com/releases/2026/05/260501052844.htm

 

ConsentFix v3 attacks target Azure with automated OAuth abuse

https://www.bleepingcomputer.com/news/security/consentfix-v3-attacks-target-azure-with-automated-oauth-abuse/

 

'Beyond the financial risk, there are real public safety implications': Hackers crawled Canadian streets with SMS blasters, attacking every target in sight — causing 13 million network disruptions and hacking thousands of devices

https://www.techradar.com/pro/security/beyond-the-financial-risk-there-are-real-public-safety-implications-hackers-crawled-canadian-streets-with-sms-blasters-attacking-every-target-in-sight-causing-13-million-network-disruptions-and-hacking-thousands-of-devices

 

Massive Facebook Phishing Operation Leverages AppSheet, Netlify, and Telegram

https://gbhackers.com/massive-facebook-phishing-operation/

 

Pawn America Reaches $3.185 Million Settlement Over Data Breach

https://www.binance.com/en/square/post/318813859485281

 

Hidden IT problems are quietly creating risk, shadow IT, and lost productivity

https://venturebeat.com/technology/hidden-it-problems-are-quietly-creating-risk-shadow-it-and-lost-productivity

 

Paradigm researcher proposes timestamp 'escape hatch' to protect Satoshi-era bitcoin from quantum threats

https://www.theblock.co/post/399738/paradigm-researcher-timestamp-escape-hatch-satoshi-era-bitcoin-quantum

 

Amtrak data breach exposes millions of customer records

https://www.foxnews.com/tech/amtrak-data-breach-exposes-millions-customer-records

 

Trellix Confirms Source Code Breach With Unauthorized Repository Access

https://thehackernews.com/2026/05/trellix-confirms-source-code-breach.html

 

Binance Launches ST Trading Competition with $200K in Rewards

https://www.binance.com/en/square/post/317724096357153

 

Sam Fender, Olivia Dean - Rein Me In

https://www.youtube.com/watch?v=cycUv9zTiAc

 

P.S. For those who want to have a list of annotations, here is the link to the article on how to do it with ChatGPT and Zapier https://zapier.com/blog/how-to-use-chatgpt-to-summarize-an-article/

 

Some links:

Get highly discounted domains

Get public DPG for mobile devices

Get free XNO

Get an offline public DPG

Get your passwords and private keys to be prepared for the Q day

How to estimate time for the Q-day, in a simple way?

How to protect your cryptos from zero-click attacks?

Quantum Doomsday Clock

Learn and Practice Post Quantum algorithms, online

RSA-2048 was broken on the 433 qubit quantum computer, in less than 17 hours!

Banks hacked with quantum computers breaking RSA-2048 encryptions

Bitcoin may take 7 years to upgrade to post-quantum: BIP-360 co-author

Q-Day and the Dollar Peg

Top 10 Countries with the Weakest Password Habits

Why younger professionals pose higher cybersecurity risks than older professionals?

 

 

 

 

 

How do you rate this article?

19


I_g_o_r
I_g_o_r

I am curious about science, technologies and their applications to solving real problems.


Some news
Some news

News on cyber security, data breaches, crypto security, trends, etc. Image of Suzy Hazelwood from pexels.com

Publish0x

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.