[Hackers hack victims hacked by other hackers
| TechCrunch](https://techcrunch.com/2026/05/07/hackers-hack-victims-hacked-by-other-hackers/)
[Hackers hack victims hacked by other hackers
| TechCrunch](https://techcrunch.com/2026/05/07/hackers-hack-victims-hacked-by-other-hackers/)
Coinbase Cuts 700 Jobs Before Q1 Earnings in AI Pivot
Coinbase is cutting 700 employees, or 14% of its workforce, as CEO Brian Armstrong pivots the company towards AI and leaner management structures, citing cost reductions and weak market conditions. This move occurs just before the company’s Q1 earnings report, following a significant net loss in Q4 2025.
Enterprise AI deployment is rewriting the security rulebook - SiliconANGLE
Enterprise AI deployment significantly expands the cybersecurity attack surface, making traditional defenses inadequate for new targets like data pipelines and model training environments. Security must be integrated from the outset of AI projects to avoid costly halts, with approaches like Dell’s treating the AI factory as a single, integrated security surface.
Australia warns of ClickFix attacks pushing Vidar Stealer malware
The Australian Cyber Security Center (ACSC) has issued a warning about ClickFix attacks that are distributing the Vidar Stealer malware. These attacks trick users into executing malicious PowerShell commands through fake verification prompts, leading to the theft of sensitive information like passwords and cryptocurrency. ACSC recommends restricting PowerShell execution, implementing application allow-listing, and keeping WordPress sites updated to mitigate these threats.
The U.S. CISA has added a zero-day vulnerability (CVE-2026-6973) in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog, urging federal agencies to patch by May 10, 2026. This flaw, requiring admin privileges, allows for arbitrary code execution and is already being exploited.
New PCPJack worm steals credentials, cleans TeamPCP infections
A new malware framework named PCPJack is actively stealing credentials from exposed cloud infrastructure and is designed to remove TeamPCP infections. It targets services like Docker, Kubernetes, and MongoDB, and researchers believe it may be operated by a former TeamPCP affiliate.
80% of CEOs worry their job is at risk if AI fails this year - Fast Company
A new survey reveals that 80% of CEOs believe their job is at risk if AI initiatives fail this year, with 72% of U.S. CEOs feeling pressure from their boards to demonstrate AI-driven ROI. Despite concerns about over-investment, 87% of global CEOs acknowledge their roles are dependent on the success of AI.
Backdoored PyTorch Lightning package drops credential stealer
A malicious version of the PyTorch Lightning package, version 2.6.3, was found to contain a credential stealer that targets browsers, environment files, and cloud services. The package, which has over 11 million downloads, automatically downloads and executes a JavaScript payload upon import, potentially compromising secrets, keys, and tokens.
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
A phishing campaign named VENOMOUS#HELPER has impacted over 80 organizations by using legitimate Remote Monitoring and Management (RMM) tools like SimpleHelp and ScreenConnect to gain persistent remote access. The campaign begins with a phishing email impersonating the U.S. Social Security Administration, leading victims to download an executable that installs the RMM software, enabling attackers to control compromised hosts.
Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks - SecurityWeek
Cisco is acquiring Astrix Security to address the growing risks associated with non-human identities (NHIs) like API keys and service accounts, which are increasingly used by AI agents. This acquisition aims to extend zero trust principles to the expanding agentic workforce and integrate Astrix’s technology for discovering, governing, and securing these identities into Cisco’s security platform.
Canvas Instructure Data Breach 2026: Confirmed
Instructure has confirmed a data breach affecting its Canvas platform, with the hacker group ShinyHunters claiming responsibility for exposing personal data including names, emails, and student IDs, as well as user messages. While Instructure states that sensitive data like passwords and financial information were not compromised, ShinyHunters alleges that up to 275 million records from thousands of institutions were stolen.
DigiCert hacked with a malicious screensaver file
A malicious screensaver file was used to hack DigiCert, resulting in the theft of 27 code signing certificates that were later used to sign malware, including the Zhong Stealer. Additionally, two former ransomware negotiators have been sentenced to four years in prison each for deploying ransomware and extorting US companies.
Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats - SecurityWeek
Education technology company Instructure experienced a data breach due to a cyberattack, impacting services that rely on API keys. The company confirmed that personal information like names and email addresses were accessed, but not passwords or financial data. The extortion group ShinyHunters claimed responsibility, alleging the theft of 3.65 terabytes of data affecting millions of individuals across thousands of institutions.
Edu tech firm Instructure discloses cyber incident, probes impact
The edu tech firm Instructure, known for its Canvas learning platform, has disclosed a cybersecurity incident involving a criminal threat actor and is actively investigating its impact with forensic experts. Some services, including Canvas Data 2 and Canvas Beta, have experienced maintenance, with potential issues for tools relying on API keys.
Attackers Deploy AiTM Phishing Pages to Access SharePoint, HubSpot, and Google Workspace
Attackers are using AiTM phishing pages to steal credentials and session tokens for SharePoint, HubSpot, and Google Workspace. These attacks, conducted by groups like CORDIAL SPIDER and SNARKY SPIDER, bypass traditional security by leveraging vishing and manipulating MFA settings to gain access and exfiltrate data rapidly.
New Bluekit Phishing Kit Features AI Assistant - SecurityWeek
A new phishing kit called Bluekit has been discovered, offering miscreants a wide array of features including an AI assistant, automated domain registration, and support for two-factor authentication. This kit, which uses Telegram for data exfiltration, provides templates for various services and has a dashboard for managing domains and captured logs, though it has not yet been used in a live campaign.
ConsentFix v3 attacks target Azure with automated OAuth abuse
The ConsentFix v3 attack targets Microsoft Azure by automating OAuth abuse, tricking victims into granting access via a fake Microsoft login flow. This improved technique uses Pipedream for automation, allowing attackers to obtain tokens and access compromised accounts without needing passwords, even with MFA enabled.
Trellix Source Code Breach - Hackers Gain Unauthorized Access to Repository
Cybersecurity firm Trellix has reported a security incident where hackers gained unauthorized access to a portion of its source code repository. While investigations are ongoing, Trellix has found no evidence of exploitation or compromise of customer-facing products.
Google AppSheet Exploited in 30,000-User Facebook Phishing Operation
A massive phishing operation has been discovered that leverages Google AppSheet and Google Drive to bypass security measures and steal Facebook Business accounts, affecting over 30,000 users globally. The campaign, linked to Vietnam, employs various technical methods, including Netlify clones, reward traps, and live control panels, to trick users into divulging sensitive information like passwords and two-factor authentication codes.
Why ‘Emerging Threats’ Are Harder to Prioritize in the AI Era
The increasing speed, scale, and automation of cyberattacks due to artificial intelligence make it challenging for organizations to prioritize emerging threats. Security leaders must adapt their strategies to address these amplified threats, focusing on visibility, ownership, and aligning technical risks with business impact.
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-31431, a Linux root access bug also known as Copy Fail, to its Known Exploited Vulnerabilities catalog due to active exploitation. This privilege escalation flaw allows unprivileged local users to gain root access by corrupting the kernel’s page cache, posing a significant risk to cloud and containerized environments.
US Military Reaches Deals With 7 Tech Companies to Use Their AI on Classified Systems - SecurityWeek
The Pentagon has partnered with seven tech companies, including Google, Microsoft, and Nvidia, to integrate their artificial intelligence capabilities into classified military networks. This initiative aims to enhance warfighter decision-making and operational efficiency, though concerns about AI ethics, privacy, and the level of human oversight remain subjects of ongoing discussion and development.
Ask.com shuts down after nearly 30 years, marking the end of Ask Jeeves
After nearly 30 years, Ask.com, originally launched as Ask Jeeves in 1997, has shut down operations on May 1, 2026, as its parent company, IAC, pivots away from the search business. The search engine, known for its natural language interface and mascot Jeeves, competed with early web giants but was eventually surpassed by Google, and despite rebranding and attempts to adapt, it faded into irrelevance.
Alberta voter list breach flagged by journalist weeks ago
A Calgary journalist alerted Elections Alberta to a voter list breach weeks ago, but alleges the watchdog failed to act. The article also touches on various other news items across Canada.
Apple CEO Tim Cook has warned that Mac mini and Mac Studio shortages may persist for months due to AI workloads driving demand beyond manufacturing capacity. This surge in demand is attributed to the growing interest in local AI processing, with users opting for on-device AI to address privacy concerns, reduce latency, and avoid rising cloud costs.