…it’s not IF, it’s WHEN. – Wiadomości i narzędzia z dziedziny bezpieczeństwa cyfrowego.

NEWS PL

QLNX: bezplikowy linuxowy RAT ukierunkowany na skrytość, trwałość i kradzież poświadczeń
Source: SecurityBezTabu.pl Published on 2026-05-10
RansomHouse deklaruje naruszenie Trellix. Jakie ryzyka dla łańcucha dostaw ujawnia ten incydent?
Source: SecurityBezTabu.pl Published on 2026-05-10
ShinyHunters deklaruje drugi atak na Instructure. Incydent Canvas ujawnia skalę ryzyka dla edukacji
Source: SecurityBezTabu.pl Published on 2026-05-10
Incydent Braintrust pokazuje ryzyka łańcucha dostaw AI i ekspozycji kluczy API
Source: SecurityBezTabu.pl Published on 2026-05-10
Ataki na wodociągi w Polsce ujawniają słabości OT i rosnące ryzyko dla infrastruktury krytycznej
Source: SecurityBezTabu.pl Published on 2026-05-10
Fałszywe repozytorium OpenAI na Hugging Face rozprowadzało infostealera
Source: SecurityBezTabu.pl Published on 2026-05-10
cPanel i WHM łatają trzy nowe podatności: ryzyko odczytu plików, wykonania kodu i eskalacji uprawnień
Source: SecurityBezTabu.pl Published on 2026-05-10
Atak na łańcuch dostaw JDownloader: złośliwe instalatory z Python RAT zagroziły użytkownikom Windows i Linux
Source: SecurityBezTabu.pl Published on 2026-05-10
TCLBANKER: nowy trojan bankowy z Brazylii wykorzystuje WhatsApp i Outlook do samoistnego rozprzestrzeniania
Source: SecurityBezTabu.pl Published on 2026-05-10
OhMyCloud! – Dokąd Tupta Nocą CyberSec Expert?
Source: SecurityBezTabu.pl Published on 2026-05-09
ACSC ostrzega przed kampanią ClickFix z Vidar Stealer wymierzoną w australijską infrastrukturę
Source: SecurityBezTabu.pl Published on 2026-05-09
PCPJack: nowy robak usuwa ślady TeamPCP i wykrada poświadczenia z chmury
Source: SecurityBezTabu.pl Published on 2026-05-09
Luka w rozszerzeniu Claude dla Chrome może umożliwić przejęcie agenta AI
Source: SecurityBezTabu.pl Published on 2026-05-09
Próba ataku na meksykańskie wodociągi z użyciem Claude pokazuje nowe ryzyka dla środowisk OT
Source: SecurityBezTabu.pl Published on 2026-05-09
Instructure potwierdza incydent cyberbezpieczeństwa w Canvas. Naruszenie objęło dane użytkowników platform edukacyjnych
Source: SecurityBezTabu.pl Published on 2026-05-09
Incydent bezpieczeństwa w Braintrust pokazuje ryzyko w łańcuchu dostaw AI
Source: SecurityBezTabu.pl Published on 2026-05-09
Cyberataki na polskie wodociągi jako model działań hybrydowych przeciwko infrastrukturze krytycznej
Source: SecurityBezTabu.pl Published on 2026-05-09
25 milionów alertów ujawnia ukryte ryzyko: jak alerty niskiego priorytetu prowadzą do realnych incydentów
Source: SecurityBezTabu.pl Published on 2026-05-09
PamDOORa: nowy backdoor dla Linuksa wykorzystuje PAM do kradzieży poświadczeń SSH
Source: SecurityBezTabu.pl Published on 2026-05-09
CallPhantom w Google Play: fałszywe aplikacje historii połączeń wyłudziły płatności od milionów użytkowników
Source: SecurityBezTabu.pl Published on 2026-05-09
Quasar Linux RAT (QLNX): nowe zagrożenie dla deweloperów i łańcucha dostaw oprogramowania
Source: SecurityBezTabu.pl Published on 2026-05-09
TCLBANKER: nowy trojan bankowy atakuje użytkowników w Brazylii przez WhatsApp Web i Outlook
Source: SecurityBezTabu.pl Published on 2026-05-09
Dirty Frag w jądrze Linuksa: nowy wektor lokalnej eskalacji uprawnień do roota
Source: SecurityBezTabu.pl Published on 2026-05-09
cPanel i WHM łatają trzy nowe podatności. Pilna aktualizacja ogranicza ryzyko RCE, DoS i eskalacji uprawnień
Source: SecurityBezTabu.pl Published on 2026-05-09
Były kontraktor skazany za usunięcie dziesiątek federalnych baz danych
Source: SecurityBezTabu.pl Published on 2026-05-09
Naruszenie danych klientów Zara po incydencie u zewnętrznego dostawcy
Source: SecurityBezTabu.pl Published on 2026-05-09
Naruszenie repozytorium kodu źródłowego Trellix. RansomHouse deklaruje odpowiedzialność za incydent
Source: SecurityBezTabu.pl Published on 2026-05-09
CISA nakazuje pilne łatanie luki zero-day w Ivanti EPMM
Source: SecurityBezTabu.pl Published on 2026-05-09
NVIDIA potwierdza naruszenie danych GeForce NOW u partnera regionalnego w Armenii
Source: SecurityBezTabu.pl Published on 2026-05-09
#CyberMagazyn: Terrorgram jako cyfrowa infrastruktura skrajnie prawicowego terroru
Source: cyberdefence24 Published on 2026-05-09
Weekendowa Lektura: odcinek 675 [2026-05-08]. Bierzcie i czytajcie
Source: zaufanatrzeciastrona Published on 2026-05-08
Technologie łączności tworzone w Polsce. „Promujmy je w NATO i Europie”
Source: cyberdefence24 Published on 2026-05-08
Uniwersytet Baumana jako zaplecze GRU. Oto jak Rosja szykuje kadry do wojny hybrydowej
Source: cyberdefence24 Published on 2026-05-08
Umowa SAFE podpisana. Pieniądze pójdą na m.in. wojskową AI
Source: cyberdefence24 Published on 2026-05-08
Cyberprzestępcy przebiegle podszywają się pod mObywatela
Source: cyberdefence24 Published on 2026-05-08
Przestań zgadywać, jak działa sieć
Source: sekurak Published on 2026-05-08
Chrome właśnie załatał ponad 120 podatności (!)
Source: sekurak Published on 2026-05-08
Wchodzisz na stronę juwenaliów… a tu taka niespodzianka [możliwa infekcja malware]
Source: sekurak Published on 2026-05-08
Lokalizacja ukraińskiego wojska ujawniona na TikToku
Source: cyberdefence24 Published on 2026-05-08
Dirty Frag – kolejna metoda na root’a pod Linuxem
Source: sekurak Published on 2026-05-08
Atak na polską spółkę medyczną. Białoruski ślad
Source: cyberdefence24 Published on 2026-05-08
Ale sprytna próba podszycia się pod mObywatela. Wygląda jakbyś rzeczywiście dostał komunikat z prawdziwej, rządowej appki. Uważajcie!
Source: sekurak Published on 2026-05-08
Zmiany korzystne dla rozwoju AI. UE upraszcza przepisy
Source: cyberdefence24 Published on 2026-05-08
Małe firmy i ich cyberbezpieczeństwo. Największe ryzyka często są najprostsze do naprawy
Source: kpt Hack Published on 2026-05-08
Pierwszy głośny cyberatak wspierany przez AI nie zdołał sforsować systemów OT
Source: SecurityBezTabu.pl Published on 2026-05-08
CVE-2025-34282 w ThingsBoard: podatność SSRF przez złośliwe pliki SVG w Image Upload Gallery
Source: SecurityBezTabu.pl Published on 2026-05-08
Nowa metoda obejścia szyfrowania Google Chrome zagraża danym sesyjnym użytkowników
Source: SecurityBezTabu.pl Published on 2026-05-08
Krytyczna luka w NocoBase pozwala na ucieczkę z sandboxa VM i zdalne wykonanie kodu
Source: SecurityBezTabu.pl Published on 2026-05-08
Bludit CMS przed wersją 3.18.4 podatny na RCE przez nieograniczone przesyłanie plików
Source: SecurityBezTabu.pl Published on 2026-05-08
LuaJIT 2.1.x i FFI: jak niezaufane skrypty mogą prowadzić do zdalnego wykonania kodu
Source: SecurityBezTabu.pl Published on 2026-05-08

NEWS

JDownloader site hacked to replace installers with Python RAT malware
Source: bleepingcomputer Published on 2026-05-09
Fake OpenAI repository on Hugging Face pushes infostealer malware
Source: bleepingcomputer Published on 2026-05-09
Hackable Robot Lawn Mower Unlocks a New Nightmare
Source: WIREDSEC Published on 2026-05-09
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
Source: The Hacker News Published on 2026-05-09
ShinyHunters Claims Second Attack Against Instructure
Source: darkreading Published on 2026-05-08
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
Source: The Hacker News Published on 2026-05-08
NVIDIA confirms GeForce NOW data breach affecting Armenian users
Source: bleepingcomputer Published on 2026-05-08
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Source: The Hacker News Published on 2026-05-08
Why More Analysts Won’t Solve Your SOC’s Alert Problem
Source: bleepingcomputer Published on 2026-05-08
Trellix source code breach claimed by RansomHouse hackers
Source: bleepingcomputer Published on 2026-05-08
Microsoft says Edge’s plaintext password behavior is “by design”
Source: malwarebytes Published on 2026-05-08
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
Source: bleepingcomputer Published on 2026-05-08
Shifting Budget Dynamics for Identity Security and AI Agents
Source: darkreading Published on 2026-05-08
ShinyHunters escalates Canvas attacks with school login defacements
Source: malwarebytes Published on 2026-05-08
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
Source: The Hacker News Published on 2026-05-08
Zara data breach exposed personal information of 197,000 people
Source: bleepingcomputer Published on 2026-05-08
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
Source: The Hacker News Published on 2026-05-08
Former govt contractor convicted for wiping dozens of federal databases
Source: bleepingcomputer Published on 2026-05-08
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
Source: The Hacker News Published on 2026-05-08
Meet Rassvet, Russia’s Answer to Starlink
Source: WIREDSEC Published on 2026-05-08
New Linux 'Dirty Frag' zero-day gives root on all major distros
Source: bleepingcomputer Published on 2026-05-08
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
Source: The Hacker News Published on 2026-05-08
The Canvas Hack Is a New Kind of Ransomware Debacle
Source: WIREDSEC Published on 2026-05-08
Canvas login portals hacked in mass ShinyHunters extortion campaign
Source: bleepingcomputer Published on 2026-05-07
New TCLBanker malware self-spreads over WhatsApp and Outlook
Source: bleepingcomputer Published on 2026-05-07
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
Source: darkreading Published on 2026-05-07
How to Disable Google's Gemini in Chrome
Source: WIREDSEC Published on 2026-05-07
New PCPJack worm steals credentials, cleans TeamPCP infections
Source: bleepingcomputer Published on 2026-05-07
Australia warns of ClickFix attacks pushing Vidar Stealer malware
Source: bleepingcomputer Published on 2026-05-07
Unplug your way to better code
Source: talos Published on 2026-05-07
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Source: The Hacker News Published on 2026-05-07
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
Source: The Hacker News Published on 2026-05-07
Has CISA Finally Found Its New Leader in Tom Parker?
Source: darkreading Published on 2026-05-07
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Source: bleepingcomputer Published on 2026-05-07
Massive AI investment scam network spans 15,500 domains
Source: malwarebytes Published on 2026-05-07
The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls
Source: bleepingcomputer Published on 2026-05-07
One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth Breaches
Source: The Hacker News Published on 2026-05-07
Americans sentenced for running 'laptop farms' for North Korea
Source: bleepingcomputer Published on 2026-05-07
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Source: The Hacker News Published on 2026-05-07
'TrustFall' Convention Exposes Claude Code Execution Risk
Source: darkreading Published on 2026-05-07

INFLUENCERS

Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia
Source: Bruce Schneier Published on 2026-05-08
Insider Betting on Polymarket
Source: Bruce Schneier Published on 2026-05-08
Canvas Breach Disrupts Schools & Colleges Nationwide
Source: Brian Krebs Published on 2026-05-08
Smart Glasses for the Authorities
Source: Bruce Schneier Published on 2026-05-07
Rowhammer Attack Against NVIDIA Chips
Source: Bruce Schneier Published on 2026-05-06
Weekly Update 502
Source: TroyHunt Published on 2026-05-06
DarkSword Malware
Source: Bruce Schneier Published on 2026-05-05
Hacking Polymarket
Source: Bruce Schneier Published on 2026-05-04

CYBERLAW

Jak zarządzać RODO w grupie kapitałowej
Source: dane osobowe Published on 2026-05-05
RODO aktualności – 05.05.2026 r.
Source: dane osobowe Published on 2026-05-05

CERT EU Latest News

CERT EU Latest News

No feed items found.

ADVISORIES / BULLETINS

ADVISORIES / BULLETINS

New Ivanti Security Controls Content Available – 05/08/2026
Source: ivanti patch Published on 2026-05-08
New Ivanti Security Controls Content Available – 05/07/2026
Source: ivanti patch Published on 2026-05-07
New Ivanti Security Controls Content Available – 05/06/2026
Source: ivanti patch Published on 2026-05-06
New Ivanti Security Controls Content Available – 05/05/2026
Source: ivanti patch Published on 2026-05-05
New Ivanti Security Controls Content Available – 05/04/2026
Source: ivanti patch Published on 2026-05-04

ALERTS

No feed items found.

TOOLS

No feed items found.

VULNERABILITIES

VULNERABILITIES

No feed items found.

EXPLOITS

[webapps] ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)
Source: exploit-db Published on 2026-05-07
[webapps] Bludit CMS 3.18.4 - RCE
Source: exploit-db Published on 2026-05-07
[webapps] LuaJIT 2.1.1774638290 - Arbitrary Code Execution
Source: exploit-db Published on 2026-05-07
[webapps] Ghost CMS 6.19.0 - SQLi
Source: exploit-db Published on 2026-05-07
[remote] telnetd 2.7 - Buffer Overflow
Source: exploit-db Published on 2026-05-07
[local] NocoBase 2.0.27 - VM Sandbox Escape
Source: exploit-db Published on 2026-05-07
[local] Windows 11 24H2 - Local Privilege Escalation
Source: exploit-db Published on 2026-05-04
[webapps] Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH)
Source: exploit-db Published on 2026-05-04
[hardware] Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)
Source: exploit-db Published on 2026-05-04
[local] Linux nf_tables 6.19.3 - Local Privilege Escalation
Source: exploit-db Published on 2026-05-04
[local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation
Source: exploit-db Published on 2026-05-04
[webapps] MindsDB 25.9.1.1 - Path Traversal
Source: exploit-db Published on 2026-05-04

MALWARE

Qilin Ransomware Strikes Imex International
Source: malwarenews Published on 2026-05-10
TheGentlemen Ransomware Group Strikes Heinrich KUPER GmbH
Source: malwarenews Published on 2026-05-10
TheGentlemen Ransomware Group Strikes TDS Telecommunications LLC
Source: malwarenews Published on 2026-05-10
LockBit 5.0 Ransomware Breaches VP Brands International
Source: malwarenews Published on 2026-05-10
KillSec Ransomware Attack on MRS Holdings
Source: malwarenews Published on 2026-05-10
Qilin Strikes Ruiz Barbarin Arquitectos in Spain
Source: malwarenews Published on 2026-05-10
LockBit 5.0 Targets Rhactus Hotel in Egypt
Source: malwarenews Published on 2026-05-10
TheGentlemen Ransomware Group Targets Hillside Lumber
Source: malwarenews Published on 2026-05-10
The Gentlemen Ransomware Strikes Arizona Professional Painting
Source: malwarenews Published on 2026-05-10
The Gentlemen Ransomware Attack on VeriCon Engineering Firm
Source: malwarenews Published on 2026-05-10
TheGentlemen Breach DermaPharm A/S
Source: malwarenews Published on 2026-05-10
Genesis Ransomware Strikes Rain Makers Solutions
Source: malwarenews Published on 2026-05-10
Supply Chain Security Incident Update: May 9
Source: malwarenews Published on 2026-05-09
Blackwater Targets Minidoka Memorial Hospital in Ransomware Attack
Source: malwarenews Published on 2026-05-09
2026-05-08: macOS Shub Stealer infection
Source: malwareanalysys Published on 2026-05-08
Technical Advisory: ShinyHunters Breach of Instructure Canvas LMS
Source: malwarenews Published on 2026-05-08
Unmanaged PowerShell Execution: Hunting Beyond powershell.exe
Source: malwarenews Published on 2026-05-08
Using IDA to Find Bugs in IDA (with Claude)
Source: malwareanalysys Published on 2026-05-08
cPanel security advisory (AV26-437)
Source: malwarenews Published on 2026-05-08
AL26-011 - Vulnerabilities affecting Linux - CVE-2026-43284 and CVE-2026-43500
Source: malwarenews Published on 2026-05-08

CYBERCRIME

No feed items found.

ANONYMOUS

No feed items found.

INFOOPS

The parade that shrank: Russia’s Victory Day under pressure
Source: EUvsDISINFO Published on 2026-05-09
Fake European crises and real Russian failures
Source: EUvsDISINFO Published on 2026-05-08

APT

No feed items found.

CYBERTERRORISM

No feed items found.

CYBERWARFARE

Worried Britons ‘prepping’ for major disruption with stash of tins and cash, survey shows
Source: theguardian cyberwar Published on 2026-05-09
Revealed: Russia’s top secret spy school teaching hacking and election meddling
Source: theguardian cyberwar Published on 2026-05-07

ARTICLES

Pentest-Tools.com Releases Free Scanner for CVE-2026-41940 as cPanel Authentication Bypass Enters Its Third Week of Active Exploitation
Source: itsecurityguru Published on 2026-05-08
The Creativity Gap: Why Bold Thinking is Now a Strategic Necessity
Source: raconteur Published on 2026-05-08
From cybersecurity to cyber resilience: a systemic and scalable approach for improving resilience and adaptive capacity
Source: oxford journal of cybersecurity Published on 2026-05-08
Cyber Blind Spots: The hidden technology that poses the greatest security risk
Source: itsecurityguru Published on 2026-05-07
World Password Day 2026: The Credential Crisis Hasn’t Gone Away, It’s Just Got More Dangerous
Source: itsecurityguru Published on 2026-05-07
UK Finance Sector Puts Cyber Defences to the Test in National Hackathon
Source: itsecurityguru Published on 2026-05-06
Recruitment under siege: the rise of AI-generated job fraud
Source: raconteur Published on 2026-05-06
Majority of IT Leaders Struggle to Manage Growing Identity Footprint Amid AI Expansion
Source: itsecurityguru Published on 2026-05-06
When the Breach Gets In Through the CEO’s Inbox, Not the Firewall
Source: itsecurityguru Published on 2026-05-06
Bot Defense Is No Longer Optional for High Tempo Consumer Platforms
Source: itsecurityguru Published on 2026-05-06
OpenAI rolls out ads on ChatGPT, but marketers remain unconvinced
Source: raconteur Published on 2026-05-05
Huntress Expands Channel Partnerships to Boost Cybersecurity Reach Across Mid-Market and Public Sector
Source: itsecurityguru Published on 2026-05-05
Proton Mail rolls out post-quantum encryption for all users as industry braces for ‘harvest now, decrypt later’ threat
Source: itsecurityguru Published on 2026-05-05
The Billionaire Blueprint: why leadership is now a system, not a vision
Source: raconteur Published on 2026-05-04