%term

The UK Government's Open Letter on AI Cyber Threats Underscores the Need for Measurable Security

May 5, 2026 By Greg Keshian In BitSight

A recent open letter from the UK government on AI-driven cyber threats highlights a clear shift in the threat landscape. Cyberattacks are no longer constrained in the same way by human expertise, as advanced AI models can now help identify vulnerabilities, generate exploit code, and increase the speed and scale of attacks.

Read Post

BitSight

Read more about The UK Government's Open Letter on AI Cyber Threats Underscores the Need for Measurable Security

Payment Infrastructure Is Now Part of the Attack Surface

May 5, 2026 By SecuritySenses In SecuritySenses

Every payment creates a moment of trust. A customer enters card details, a gateway approves or rejects the transaction, fraud checks run in the background, and sensitive data moves between systems in seconds. When that process works, it feels invisible. When it fails, the damage can reach far beyond a lost sale.

Read Post

SecuritySenses

Read more about Payment Infrastructure Is Now Part of the Attack Surface

PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers

May 3, 2026 By Tom Abai In Mend

Mend’s security research team has identified a previously undocumented fifth wave of the PhantomRaven campaign, an ongoing NPM supply chain attack that has been stealing developer credentials and secrets since August 2025. This new wave uses a fresh command-and-control server, 33 new malicious packages, and a more sophisticated three-stage payload chain.

Read Post

Mend

Read more about PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers

How to Stop Digital Impersonation Attacks: Why Email Authentication Alone Isn't Enough

May 1, 2026 By Ezra M. In Memcyco

Phishing reports and customer complaints are not early warning signals. By the time they arrive, attackers have already built the infrastructure. Lookalike domains are live, credential harvesting pages are indexed, and the exposure window is open. To stop digital impersonation attacks, organizations need to shift detection to the infrastructure preparation stage, before distribution begins.

Read Post

Memcyco

Read more about How to Stop Digital Impersonation Attacks: Why Email Authentication Alone Isn't Enough

Alert: Payroll-Hijacking Attacks Are Targeting Canadian Employees

May 1, 2026 By KnowBe4 Team In KnowBe4

Microsoft warns that a new criminal threat actor dubbed “Storm-2755” is launching payroll-pirate attacks against Canadian users. These attacks use social engineering to compromise employee accounts and divert salary payments to attacker-controlled bank accounts.

Read Post

KnowBe4

Read more about Alert: Payroll-Hijacking Attacks Are Targeting Canadian Employees

Turning Attackers into Signals: How Deception is Redefining Threat Detection | Fidelis Security

Apr 30, 2026 By Fidelis Security In Fidelis Security

Traditional detection methods are struggling to keep up with modern threats. What if you could turn attackers into your strongest signal? In this session, our Sales Engineer Jim breaks down how deception technology is transforming cybersecurity by: Delivering high-fidelity alerts with minimal noise Adapting dynamically to attacker behavior Extending protection to IoT and non-standard devices Scaling seamlessly across enterprise environments.

View Video

Fidelis Security

Read more about Turning Attackers into Signals: How Deception is Redefining Threat Detection | Fidelis Security

CyberPhysical Security: Protecting the Modern EV Charging Perimeter

Apr 30, 2026 By SecuritySenses In SecuritySenses

Electric vehicles have crossed from niche technology into mainstream infrastructure. Charging networks now form a critical layer of both the energy grid and the transportation system, and attackers have noticed. EV charging sits at a three-way intersection of cloud software, operational technology, and automotive systems. Each domain has its own threat model, its own tooling, and its own team assuming someone else owns the risk. That gap is where adversaries operate.

Read Post

SecuritySenses

Read more about CyberPhysical Security: Protecting the Modern EV Charging Perimeter

'Mini Shai-Hulud' supply chain attack targets SAP npm packages

Apr 29, 2026 By Sophos Counter Threat Unit Research Team In Sophos

On April 29, 2026, security researchers detailed a campaign known as ‘mini Shai-Hulud’ that involves compromised versions of npm packages used in SAP’s Cloud Application Programming Model (CAP). The malicious packages reportedly contain functionality to steal sensitive data such as credentials. The stolen data is encrypted and exfiltrated via public GitHub repositories. The maintainers of known-compromised packages have released updated versions.

Read Post

Sophos

Read more about 'Mini Shai-Hulud' supply chain attack targets SAP npm packages

Mini Shai-Hulud Targets SAP npm Packages With a Bun-Based Secret Stealer

Apr 29, 2026 By Raphael Silva In Aikido

A new npm supply-chain compromise is targeting the SAP developer ecosystem. The affected packages we are tracking so far are: The pattern is familiar but also a bit different: a trusted package receives a new preinstall hook, the hook runs a new setup.mjs file, and that loader downloads the Bun JavaScript runtime to execute a large obfuscated payload named execution.js. The payload is an 11.7 MB credential stealer and propagation framework.

Read Post

Aikido

Read more about Mini Shai-Hulud Targets SAP npm Packages With a Bun-Based Secret Stealer

Stryker Hack: What We Know So Far

Apr 29, 2026 By Outpost24 Threat Intelligence Team In Outpost 24

On March 11, 2026, the Iranian hacktivist group Handala Hack Team claimed responsibility for compromising the American healthcare technology company Stryker. Public reporting suggests more than 200,000 systems were impacted and up to 50TB of data exfiltrated. While these figures remain unverified, the scale of operational disruption alone places this incident among the most significant enterprise cyber events of the year so far.

Read Post