…it’s not IF, it’s WHEN. – Wiadomości i narzędzia z dziedziny bezpieczeństwa cyfrowego.

NEWS PL

Polskie technologie dual-use. Czego potrzebuje wojsko?
Source: cyberdefence24 Published on 2026-05-11
Krytyczny zero-day w systemach Palo Alto! Pierwsza łatka dopiero 13 maja
Source: kpt Hack Published on 2026-05-11
Krytyczna luka w Ollama umożliwia zdalny wyciek pamięci procesu
Source: SecurityBezTabu.pl Published on 2026-05-11
Niemieckie służby zlikwidowały odtworzone Crimenetwork i zatrzymały administratora
Source: SecurityBezTabu.pl Published on 2026-05-11
Kampania malvertisingowa atakuje macOS przez reklamy Google i udostępnione czaty Claude
Source: SecurityBezTabu.pl Published on 2026-05-11
Nowe luki w cPanel i WHM: ryzyko odczytu plików, wykonania kodu i eskalacji uprawnień
Source: SecurityBezTabu.pl Published on 2026-05-11
Atak na łańcuch dostaw JDownloader: złośliwe instalatory dla Windows i Linux na oficjalnej stronie
Source: SecurityBezTabu.pl Published on 2026-05-11
CrowdStrike 2026: AI, Tożsamość I Nowe Ataki
Source: SecurityBezTabu.pl Published on 2026-05-10
Dlaczego Raport Dragos 2026 Powinien Obudzić Każdą Firmę Przemysłową
Source: SecurityBezTabu.pl Published on 2026-05-10
QLNX: bezplikowy linuxowy RAT ukierunkowany na skrytość, trwałość i kradzież poświadczeń
Source: SecurityBezTabu.pl Published on 2026-05-10
RansomHouse deklaruje naruszenie Trellix. Jakie ryzyka dla łańcucha dostaw ujawnia ten incydent?
Source: SecurityBezTabu.pl Published on 2026-05-10
ShinyHunters deklaruje drugi atak na Instructure. Incydent Canvas ujawnia skalę ryzyka dla edukacji
Source: SecurityBezTabu.pl Published on 2026-05-10
Incydent Braintrust pokazuje ryzyka łańcucha dostaw AI i ekspozycji kluczy API
Source: SecurityBezTabu.pl Published on 2026-05-10
Ataki na wodociągi w Polsce ujawniają słabości OT i rosnące ryzyko dla infrastruktury krytycznej
Source: SecurityBezTabu.pl Published on 2026-05-10
Fałszywe repozytorium OpenAI na Hugging Face rozprowadzało infostealera
Source: SecurityBezTabu.pl Published on 2026-05-10
cPanel i WHM łatają trzy nowe podatności: ryzyko odczytu plików, wykonania kodu i eskalacji uprawnień
Source: SecurityBezTabu.pl Published on 2026-05-10
Atak na łańcuch dostaw JDownloader: złośliwe instalatory z Python RAT zagroziły użytkownikom Windows i Linux
Source: SecurityBezTabu.pl Published on 2026-05-10
TCLBANKER: nowy trojan bankowy z Brazylii wykorzystuje WhatsApp i Outlook do samoistnego rozprzestrzeniania
Source: SecurityBezTabu.pl Published on 2026-05-10
OhMyCloud! – Dokąd Tupta Nocą CyberSec Expert?
Source: SecurityBezTabu.pl Published on 2026-05-09
ACSC ostrzega przed kampanią ClickFix z Vidar Stealer wymierzoną w australijską infrastrukturę
Source: SecurityBezTabu.pl Published on 2026-05-09
PCPJack: nowy robak usuwa ślady TeamPCP i wykrada poświadczenia z chmury
Source: SecurityBezTabu.pl Published on 2026-05-09
Luka w rozszerzeniu Claude dla Chrome może umożliwić przejęcie agenta AI
Source: SecurityBezTabu.pl Published on 2026-05-09
Próba ataku na meksykańskie wodociągi z użyciem Claude pokazuje nowe ryzyka dla środowisk OT
Source: SecurityBezTabu.pl Published on 2026-05-09
Instructure potwierdza incydent cyberbezpieczeństwa w Canvas. Naruszenie objęło dane użytkowników platform edukacyjnych
Source: SecurityBezTabu.pl Published on 2026-05-09
Incydent bezpieczeństwa w Braintrust pokazuje ryzyko w łańcuchu dostaw AI
Source: SecurityBezTabu.pl Published on 2026-05-09
Cyberataki na polskie wodociągi jako model działań hybrydowych przeciwko infrastrukturze krytycznej
Source: SecurityBezTabu.pl Published on 2026-05-09
25 milionów alertów ujawnia ukryte ryzyko: jak alerty niskiego priorytetu prowadzą do realnych incydentów
Source: SecurityBezTabu.pl Published on 2026-05-09
PamDOORa: nowy backdoor dla Linuksa wykorzystuje PAM do kradzieży poświadczeń SSH
Source: SecurityBezTabu.pl Published on 2026-05-09
CallPhantom w Google Play: fałszywe aplikacje historii połączeń wyłudziły płatności od milionów użytkowników
Source: SecurityBezTabu.pl Published on 2026-05-09
Quasar Linux RAT (QLNX): nowe zagrożenie dla deweloperów i łańcucha dostaw oprogramowania
Source: SecurityBezTabu.pl Published on 2026-05-09
TCLBANKER: nowy trojan bankowy atakuje użytkowników w Brazylii przez WhatsApp Web i Outlook
Source: SecurityBezTabu.pl Published on 2026-05-09
Dirty Frag w jądrze Linuksa: nowy wektor lokalnej eskalacji uprawnień do roota
Source: SecurityBezTabu.pl Published on 2026-05-09
cPanel i WHM łatają trzy nowe podatności. Pilna aktualizacja ogranicza ryzyko RCE, DoS i eskalacji uprawnień
Source: SecurityBezTabu.pl Published on 2026-05-09
Były kontraktor skazany za usunięcie dziesiątek federalnych baz danych
Source: SecurityBezTabu.pl Published on 2026-05-09
Naruszenie danych klientów Zara po incydencie u zewnętrznego dostawcy
Source: SecurityBezTabu.pl Published on 2026-05-09
Naruszenie repozytorium kodu źródłowego Trellix. RansomHouse deklaruje odpowiedzialność za incydent
Source: SecurityBezTabu.pl Published on 2026-05-09
CISA nakazuje pilne łatanie luki zero-day w Ivanti EPMM
Source: SecurityBezTabu.pl Published on 2026-05-09
NVIDIA potwierdza naruszenie danych GeForce NOW u partnera regionalnego w Armenii
Source: SecurityBezTabu.pl Published on 2026-05-09
#CyberMagazyn: Terrorgram jako cyfrowa infrastruktura skrajnie prawicowego terroru
Source: cyberdefence24 Published on 2026-05-09
Weekendowa Lektura: odcinek 675 [2026-05-08]. Bierzcie i czytajcie
Source: zaufanatrzeciastrona Published on 2026-05-08
Technologie łączności tworzone w Polsce. „Promujmy je w NATO i Europie”
Source: cyberdefence24 Published on 2026-05-08
Uniwersytet Baumana jako zaplecze GRU. Oto jak Rosja szykuje kadry do wojny hybrydowej
Source: cyberdefence24 Published on 2026-05-08
Umowa SAFE podpisana. Pieniądze pójdą na m.in. wojskową AI
Source: cyberdefence24 Published on 2026-05-08
Cyberprzestępcy przebiegle podszywają się pod mObywatela
Source: cyberdefence24 Published on 2026-05-08
Przestań zgadywać, jak działa sieć
Source: sekurak Published on 2026-05-08
Chrome właśnie załatał ponad 120 podatności (!)
Source: sekurak Published on 2026-05-08
Wchodzisz na stronę juwenaliów… a tu taka niespodzianka [możliwa infekcja malware]
Source: sekurak Published on 2026-05-08
Lokalizacja ukraińskiego wojska ujawniona na TikToku
Source: cyberdefence24 Published on 2026-05-08
Dirty Frag – kolejna metoda na root’a pod Linuxem
Source: sekurak Published on 2026-05-08
Atak na polską spółkę medyczną. Białoruski ślad
Source: cyberdefence24 Published on 2026-05-08

NEWS

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
Source: The Hacker News Published on 2026-05-11
A week in security (May 4 – May 10)
Source: malwarebytes Published on 2026-05-11
Hackers abuse Google ads, Claude.ai chats to push Mac malware
Source: bleepingcomputer Published on 2026-05-10
Police shut down reboot of Crimenetwork marketplace, arrest admin
Source: bleepingcomputer Published on 2026-05-10
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
Source: The Hacker News Published on 2026-05-10
JDownloader site hacked to replace installers with Python RAT malware
Source: bleepingcomputer Published on 2026-05-09
Fake OpenAI repository on Hugging Face pushes infostealer malware
Source: bleepingcomputer Published on 2026-05-09
Hackable Robot Lawn Mower Unlocks a New Nightmare
Source: WIREDSEC Published on 2026-05-09
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
Source: The Hacker News Published on 2026-05-09
ShinyHunters Claims Second Attack Against Instructure
Source: darkreading Published on 2026-05-08
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
Source: The Hacker News Published on 2026-05-08
NVIDIA confirms GeForce NOW data breach affecting Armenian users
Source: bleepingcomputer Published on 2026-05-08
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Source: The Hacker News Published on 2026-05-08
Why More Analysts Won’t Solve Your SOC’s Alert Problem
Source: bleepingcomputer Published on 2026-05-08
Trellix source code breach claimed by RansomHouse hackers
Source: bleepingcomputer Published on 2026-05-08
Microsoft says Edge’s plaintext password behavior is “by design”
Source: malwarebytes Published on 2026-05-08
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
Source: bleepingcomputer Published on 2026-05-08
Shifting Budget Dynamics for Identity Security and AI Agents
Source: darkreading Published on 2026-05-08
ShinyHunters escalates Canvas attacks with school login defacements
Source: malwarebytes Published on 2026-05-08
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
Source: The Hacker News Published on 2026-05-08
Zara data breach exposed personal information of 197,000 people
Source: bleepingcomputer Published on 2026-05-08
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
Source: The Hacker News Published on 2026-05-08
Former govt contractor convicted for wiping dozens of federal databases
Source: bleepingcomputer Published on 2026-05-08
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
Source: The Hacker News Published on 2026-05-08
Meet Rassvet, Russia’s Answer to Starlink
Source: WIREDSEC Published on 2026-05-08
New Linux 'Dirty Frag' zero-day gives root on all major distros
Source: bleepingcomputer Published on 2026-05-08
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
Source: The Hacker News Published on 2026-05-08
The Canvas Hack Is a New Kind of Ransomware Debacle
Source: WIREDSEC Published on 2026-05-08
Canvas login portals hacked in mass ShinyHunters extortion campaign
Source: bleepingcomputer Published on 2026-05-07
New TCLBanker malware self-spreads over WhatsApp and Outlook
Source: bleepingcomputer Published on 2026-05-07
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
Source: darkreading Published on 2026-05-07
How to Disable Google's Gemini in Chrome
Source: WIREDSEC Published on 2026-05-07
New PCPJack worm steals credentials, cleans TeamPCP infections
Source: bleepingcomputer Published on 2026-05-07
Australia warns of ClickFix attacks pushing Vidar Stealer malware
Source: bleepingcomputer Published on 2026-05-07
Unplug your way to better code
Source: talos Published on 2026-05-07
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Source: The Hacker News Published on 2026-05-07
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
Source: The Hacker News Published on 2026-05-07
Has CISA Finally Found Its New Leader in Tom Parker?
Source: darkreading Published on 2026-05-07
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Source: bleepingcomputer Published on 2026-05-07
Massive AI investment scam network spans 15,500 domains
Source: malwarebytes Published on 2026-05-07

INFLUENCERS

Welcoming the Costa Rican Government to Have I Been Pwned
Source: TroyHunt Published on 2026-05-11
Weekly Update 503
Source: TroyHunt Published on 2026-05-11
Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia
Source: Bruce Schneier Published on 2026-05-08
Insider Betting on Polymarket
Source: Bruce Schneier Published on 2026-05-08
Canvas Breach Disrupts Schools & Colleges Nationwide
Source: Brian Krebs Published on 2026-05-08
Smart Glasses for the Authorities
Source: Bruce Schneier Published on 2026-05-07
Rowhammer Attack Against NVIDIA Chips
Source: Bruce Schneier Published on 2026-05-06
Weekly Update 502
Source: TroyHunt Published on 2026-05-06
DarkSword Malware
Source: Bruce Schneier Published on 2026-05-05
Hacking Polymarket
Source: Bruce Schneier Published on 2026-05-04

CYBERLAW

Nowelizacja ustawy KSC już obowiązuje. Kto stał się podmiotem kluczowym lub ważnym i co to oznacza w praktyce
Source: sylwia czub Published on 2026-05-11
Jak zarządzać RODO w grupie kapitałowej
Source: dane osobowe Published on 2026-05-05
RODO aktualności – 05.05.2026 r.
Source: dane osobowe Published on 2026-05-05

CERT EU Latest News

CERT EU Latest News

No feed items found.

ADVISORIES / BULLETINS

ADVISORIES / BULLETINS

New Ivanti Security Controls Content Available – 05/08/2026
Source: ivanti patch Published on 2026-05-08
New Ivanti Security Controls Content Available – 05/07/2026
Source: ivanti patch Published on 2026-05-07
New Ivanti Security Controls Content Available – 05/06/2026
Source: ivanti patch Published on 2026-05-06
New Ivanti Security Controls Content Available – 05/05/2026
Source: ivanti patch Published on 2026-05-05
New Ivanti Security Controls Content Available – 05/04/2026
Source: ivanti patch Published on 2026-05-04

ALERTS

No feed items found.

TOOLS

No feed items found.

VULNERABILITIES

VULNERABILITIES

No feed items found.

EXPLOITS

[webapps] ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)
Source: exploit-db Published on 2026-05-07
[webapps] Bludit CMS 3.18.4 - RCE
Source: exploit-db Published on 2026-05-07
[webapps] LuaJIT 2.1.1774638290 - Arbitrary Code Execution
Source: exploit-db Published on 2026-05-07
[webapps] Ghost CMS 6.19.0 - SQLi
Source: exploit-db Published on 2026-05-07
[remote] telnetd 2.7 - Buffer Overflow
Source: exploit-db Published on 2026-05-07
[local] NocoBase 2.0.27 - VM Sandbox Escape
Source: exploit-db Published on 2026-05-07

MALWARE

Measuring Threat Detection Accuracy
Source: malwarenews Published on 2026-05-11
ISC Stormcast For Monday, May 11th, 2026 https://isc.sans.edu/podcastdetail/9926, (Mon, May 11th)
Source: malwarenews Published on 2026-05-11
YARA-X 1.16.0 Release, (Sun, May 10th)
Source: malwarenews Published on 2026-05-11
A government contractor hired twin brothers who were convicted felons. A year later, they regretted it
Source: malwarenews Published on 2026-05-10
Cognyte Recognized in the Global InfoSec Awards 2026 for Innovation in Digital Risk Protection and Threat Intelligence
Source: malwarenews Published on 2026-05-10
인스타그램 DM 으로 유포 되는 네이버 계정 탈취 목적 김수키(Kimsuky)에서 만든 네이버 피싱 사이트 분석
Source: malwareanalysys Published on 2026-05-10
Python Backdoor Threat Analysis Following an AI Deepfake Impersonation Campaign
Source: malwarenews Published on 2026-05-10
Qilin Ransomware Strikes Imex International
Source: malwarenews Published on 2026-05-10
TheGentlemen Ransomware Group Strikes Heinrich KUPER GmbH
Source: malwarenews Published on 2026-05-10
TheGentlemen Ransomware Group Strikes TDS Telecommunications LLC
Source: malwarenews Published on 2026-05-10
LockBit 5.0 Ransomware Breaches VP Brands International
Source: malwarenews Published on 2026-05-10
KillSec Ransomware Attack on MRS Holdings
Source: malwarenews Published on 2026-05-10
Qilin Strikes Ruiz Barbarin Arquitectos in Spain
Source: malwarenews Published on 2026-05-10
LockBit 5.0 Targets Rhactus Hotel in Egypt
Source: malwarenews Published on 2026-05-10
TheGentlemen Ransomware Group Targets Hillside Lumber
Source: malwarenews Published on 2026-05-10
The Gentlemen Ransomware Strikes Arizona Professional Painting
Source: malwarenews Published on 2026-05-10
The Gentlemen Ransomware Attack on VeriCon Engineering Firm
Source: malwarenews Published on 2026-05-10
TheGentlemen Breach DermaPharm A/S
Source: malwarenews Published on 2026-05-10
Genesis Ransomware Strikes Rain Makers Solutions
Source: malwarenews Published on 2026-05-10
Supply Chain Security Incident Update: May 9
Source: malwarenews Published on 2026-05-09

CYBERCRIME

No feed items found.

ANONYMOUS

No feed items found.

INFOOPS

How Russia lies about the stolen Ukrainian children
Source: EUvsDISINFO Published on 2026-05-11
The parade that shrank: Russia’s Victory Day under pressure
Source: EUvsDISINFO Published on 2026-05-09
Fake European crises and real Russian failures
Source: EUvsDISINFO Published on 2026-05-08

APT

No feed items found.

CYBERTERRORISM

No feed items found.

CYBERWARFARE

Worried Britons ‘prepping’ for major disruption with stash of tins and cash, survey shows
Source: theguardian cyberwar Published on 2026-05-09
Revealed: Russia’s top secret spy school teaching hacking and election meddling
Source: theguardian cyberwar Published on 2026-05-07

ARTICLES

The behavioural edge: what drives high-performing teams
Source: raconteur Published on 2026-05-11
Pentest-Tools.com Releases Free Scanner for CVE-2026-41940 as cPanel Authentication Bypass Enters Its Third Week of Active Exploitation
Source: itsecurityguru Published on 2026-05-08
The Creativity Gap: Why Bold Thinking is Now a Strategic Necessity
Source: raconteur Published on 2026-05-08
From cybersecurity to cyber resilience: a systemic and scalable approach for improving resilience and adaptive capacity
Source: oxford journal of cybersecurity Published on 2026-05-08
Cyber Blind Spots: The hidden technology that poses the greatest security risk
Source: itsecurityguru Published on 2026-05-07
World Password Day 2026: The Credential Crisis Hasn’t Gone Away, It’s Just Got More Dangerous
Source: itsecurityguru Published on 2026-05-07
UK Finance Sector Puts Cyber Defences to the Test in National Hackathon
Source: itsecurityguru Published on 2026-05-06
Recruitment under siege: the rise of AI-generated job fraud
Source: raconteur Published on 2026-05-06
Majority of IT Leaders Struggle to Manage Growing Identity Footprint Amid AI Expansion
Source: itsecurityguru Published on 2026-05-06
When the Breach Gets In Through the CEO’s Inbox, Not the Firewall
Source: itsecurityguru Published on 2026-05-06
Bot Defense Is No Longer Optional for High Tempo Consumer Platforms
Source: itsecurityguru Published on 2026-05-06
OpenAI rolls out ads on ChatGPT, but marketers remain unconvinced
Source: raconteur Published on 2026-05-05
Huntress Expands Channel Partnerships to Boost Cybersecurity Reach Across Mid-Market and Public Sector
Source: itsecurityguru Published on 2026-05-05
Proton Mail rolls out post-quantum encryption for all users as industry braces for ‘harvest now, decrypt later’ threat
Source: itsecurityguru Published on 2026-05-05
The Billionaire Blueprint: why leadership is now a system, not a vision
Source: raconteur Published on 2026-05-04