Latest Cybersecurity News

The Hacker NewsMay 1, 20264m4

30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign

30,000 Facebook accounts hacked via AppSheet phishing emails, exploiting Meta lures, leading to large-scale account theft and resale.

15-year-old detained over French govt agency data breach

BleepingComputerMay 1, 20262m5

15-year-old detained over French govt agency data breach

French authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the country's agency for issuing and managing administrative documents.

BleepingComputerMay 1, 20261m6

Story retracted

BleepingComputer initially published a story about a new data breach at Instructure. Shortly after publication, we determined that the information was incorrect and primarily based on outdated details from a prior incident. The article has been retracted, and we regret the error.

Edtech firm Instructure confirms data breach after Salesforce instance hack

BleepingComputerMay 1, 20261m6

Edtech firm Instructure confirms data breach after Salesforce instance hack

Instructure, the company behind the widely used Canvas learning platform, has disclosed a security incident after a social engineering attack allowed hackers to access data in its Salesforce instance. [...]

In Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability

SecurityWeek

SecurityWeekMay 1, 20265m5

In Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability

Other noteworthy stories that might have slipped under the radar: OFAC hits Iranian central bank crypto reserves, ADT data leak, CISA guidance for zero trust in OT.

If AI's So Smart, Why Does It Keep Deleting Production Databases?

Dark Reading

Dark ReadingMay 1, 20261m5

If AI's So Smart, Why Does It Keep Deleting Production Databases?

The issue isn't artificial intelligence, but rather an industry adding AI agent integrations into production environments before proper security testing.

Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge

SecurityWeek

SecurityWeekMay 1, 20263m5

Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge

The maximum reward for a zero-click Pixel Titan M exploit with persistence has increased to $1.5 million.

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

The Hacker News

The Hacker NewsMay 1, 20263m5

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

Two groups exploit SaaS via vishing since Oct 2025, stealing credentials to access multiple apps, enabling rapid data theft and extortion

Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations

BleepingComputerMay 1, 20264m6

Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations

Raw threat intel isn't enough without real-world context. Criminal IP has partnered with Securonix to integrate exposure-based intelligence into ThreatQ, automating analysis and speeding up investigations.

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

The Hacker News

The Hacker NewsMay 1, 20265m5

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

China-linked hackers exploit Exchange flaws since Dec 2024 across 8 countries, enabling espionage and credential theft operations.

Microsoft fixes Remote Desktop warnings displaying incorrectly

BleepingComputerMay 1, 20263m6

Microsoft fixes Remote Desktop warnings displaying incorrectly

Microsoft has fixed a known issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files.

Name That Toon: Mark of (Security) Progress

Dark Reading