CyberSecure Specialist

08 May

In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner

Information, News

SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: US government targets 72-hour patch cycles US cybersecurity officials are proposing…

Read More
08 May

Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants

Information, News

Poland’s Internal Security Agency (ABW) has documented a significant escalation in cyberattacks targeting industrial control systems (ICS) and other operational technology (OT) infrastructure during 2024 and 2025, with state-sponsored threat actors increasingly shifting focus toward the physical disruption of critical services. A Polish official revealed in August 2025 that a cyberattack could have caused a city to lose its water supply, but the attack was thwarted. No technical information was shared at the time.  The…

Read More
08 May

Fake call logs, real payments: How CallPhantom tricks Android users

Information

There’s an app for everything nowadays… right? Well, looking up call records for a phone number of choice is not one of those things, as potentially millions of Android users found out after paying for app subscriptions promising just that. The offending apps, which we named CallPhantom based on their false claims, purport to provide access to call histories, SMS records, and even WhatsApp call logs for any phone number. To unlock this supposed feature,…

Read More
08 May

Fixing the password problem is as easy as 123456

Information

Digital Security How come it’s still possible to ‘secure’ an online account with a six-digit string? Tony Anscombe 07 May 2026  •  , 4 min. read The most-used password globally is exactly what you think it is: ‘123456.’ That’s according to NordPass’s latest annual report on passwords exposed in data breaches globally. Other all-too-predictable choices, such as ‘123456789’, ‘12345678’, ‘12345’ and ‘admin’, also prove to have staying power year after year. My first instinct is…

Read More
08 May

Ransomware Group Takes Credit for Trellix Hack

Data Breaches, Information, News

The RansomHouse ransomware group has taken credit for the recent attack on the cybersecurity firm Trellix. The Trellix hack came to light this week when the company announced on its website that part of its source code repository had been breached. “Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited,” the company stated. No other…

Read More
07 May

Canvas Breach Disrupts Schools & Colleges Nationwide

Data Breaches, Information, Insights

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service’s login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions. A screenshot shared by a reader showing the extortion message that was shown on the Canvas login page today. Canvas…

Read More
07 May

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

Information

ESET researchers uncovered a multiplatform supply-chain attack by North Korea-aligned APT group ScarCruft, targeting the Yanbian region in China – home to ethnic Koreans and a crossing point for North Korean refugees and defectors. In the attack, probably ongoing since late 2024, ScarCruft compromised Windows and Android components of a video game platform dedicated to Yanbian-themed games, trojanizing them with a backdoor. The backdoor, named BirdCall by ESET, was originally known to target Windows only;…

Read More
06 May

Autonomous Offensive Security Firm XBOW Raises $35 Million

Information, News

Autonomous offensive security firm XBOW on Wednesday announced raising $35 million in an extension of the Series C funding round announced earlier this year. The initial Series C, in which it raised $120 million, increased the company’s valuation to more than $1 billion. The latest investment brings the total raised by XBOW to more than $270 million. The new funding came from Accenture Ventures, DNX Ventures, Liberty Global Tech Ventures, NVentures, Samsung Ventures, and SentinelOne…

Read More
06 May

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls

Information, News

Palo Alto Networks is working on patches for a critical PAN-OS zero-day that has been exploited to hack some of the company’s firewall models. Tracked as CVE-2026-0300, the vulnerability has been described as a buffer overflow affecting the User-ID Authentication Portal (Captive Portal) service of PAN-OS software.  The zero-day affects PA and VM series firewalls, allowing an unauthenticated attacker to execute malicious code with root privileges via specially crafted packets.  “Limited exploitation has been observed…

Read More
04 May

Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks

Information, News

Cisco on Monday announced its intent to acquire Astrix Security, a startup focused on securing non-human identities (NHIs) such as API keys, service accounts, and OAuth tokens increasingly used by applications and AI agents. In a blog post, Cisco said the acquisition is aimed at extending zero trust principles to the emerging “agentic workforce,” where AI agents and machine identities are rapidly expanding the enterprise attack surface. Astrix’s technology is designed to help organizations discover, govern, and…

Read More