Cyber Security News Daily Recap

Cybersecurity News | Daily Recap [08 May 2026]

admin
Cybersecurity News | Daily Recap [08 May 2026]
Daily Recap, Ivanti pushed urgent fixes for an actively exploited EPMM zero-day in EPMM after CISA ordered federal agencies to patch the targeted flaw within 4 days, while Linux “Dirty Frag” and a Palo Alto edge-device zero-day demonstrated continued exploitation of high-risk vulnerabilities. In other updates, RansomHouse claimed Trellix source-code theft, ShinyHunters’ Canvas extortion campaign reportedly affected nearly 9,000 schools, and new threats included TCLBanker spreading via WhatsApp and Outlook alongside PCPJack’s credential-stealing worm behavior. #Ivanti #EPMM #CISA #DirtyFrag #PaloAlto #RansomHouse #Trellix #ShinyHunters #Canvas #Zara #TCLBanker #WhatsApp #Outlook #PCPJack #TeamPCP #Vidar #ClickFix #Claude #Chrome #RansomHouse #NorthKorea #SOC

Zero-Days & Patching

  • Ivanti rushed fixes for another actively exploited zero-day in EPMM, while CISA ordered federal agencies to patch the targeted flaw within 4 days after exploitation was confirmed – Ivanti Patch, EPMM Zero-Day, New EPMM, Exploited Flaw
  • A new Linux “Dirty Frag” zero-day was shown to grant root access on major distributions, underscoring the need for urgent kernel hardening – Dirty Frag
  • A Palo Alto zero-day was exploited in a campaign with hallmarks of Chinese state hacking, highlighting continued abuse of edge-device flaws – Palo Alto Exploit

Ransomware & Breaches

  • Trellix source code theft was claimed by RansomHouse, with a separate report also attributing the breach to a ransomware group – Trellix Claim, Trellix Hack
  • ShinyHunters said its mass Canvas extortion campaign hit nearly 9,000 schools and involved hacked login portals – Canvas Breach, Login Hack
  • Zara disclosed a data breach exposing personal information of 197,000 people, adding to a busy week of retail exposure incidents – Zara Breach

Malware & Worms

  • TCLBanker is a new self-spreading malware strain that propagates through WhatsApp and Outlook, broadening its reach across messaging and email channels – TCLBanker
  • PCPJack worm removes TeamPCP infections while stealing credentials, with multiple reports confirming its cleaning-and-theft behavior – PCPJack Worm, PCPJack Malware
  • Vidar Stealer is being pushed via ClickFix lures, prompting Australia to warn users about the social-engineering campaign – Vidar Warning

AI Security

  • A flaw in Claude‘s Chrome extension let other plugins hijack the AI agent, showing how browser add-ons can become an AI takeover path – Claude Plugin, Claude Takeover
  • Trump officials are steering a cybersecurity scholarship program toward AI, signaling a policy shift in workforce priorities – AI Scholarship
  • Debates over AI‘s risks to humanity resurfaced as Musk and OpenAI leaders faced off in court – AI Trial

Threat Ops & Law Enforcement

  • A former U.S. government contractor was convicted of wiping dozens of federal databases, illustrating the damage insider access can cause – Federal Wipes
  • Two American facilitators were sentenced for running laptop farms that supported North Korean IT worker schemes – Laptop Farm
  • Analysts were reminded that adding more staff won’t fix a SOC alert overload problem, pointing to process and tooling gaps instead – SOC Alerts

Cybersecurity News | Daily Recap – hendryadrian.com

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint