Indra rides off with £1.96B Transport for London ticketing deal as Oyster heads for back-office overhaul
Nothing says 'future of urban transit' like a defense contractor running your bus, tube, and train pass
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards
The stolen credit card data was released as a free download, allegedly in response to seller misconduct. The post B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Car…
The New Phishing Click: How OAuth Consent Bypasses MFA
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five …
Cyber Resilience is the New Business Continuity Plan
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose. The post Cyber Resi…
Microsoft confirms patching issues in restricted Windows networks
Microsoft says customers in restricted network environments may encounter Windows Update failures after installing the January 2026 optional non-security preview updates. [...]
Crook leaks 468k+ records, claims they pwned Portugal’s postal carrier
Ordered packages via CTT? Those phishing emails could be tricky to spot
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution.
Laurie Anderson Is Quoting Me
Not by name, but Laurie Anderson quotes me in one of the tracks of her new album: My favorite quote is from a cryptologist who said “If you think technology will solve your problem…
1 in 5 Brits think AI layoffs could trigger civil unrest
UK folk increasingly don't believe AI jobs revolution will end in prosperity for anyone outside the boardroom, say researchers
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
Drupal has issued an alert stating that it intends to release a "core security release" for all supported branches on May 20, 2026, from 5-9 p.m. UTC. "The Drupal Security Team ur…
201 Arrested in Crackdown on Cybercrime in Middle East, North Africa
The 13-country effort, named Operation Ramz, targeted cyber threats in the Middle East and North Africa region. The post 201 Arrested in Crackdown on Cybercrime in Middle East, Nor…
UK Typhoon jets fitted with bargain-bin drone busters for Middle East sorties
Low-cost laser-guided rockets offer cheaper way to swat Shahed-style threats than firing pricey air-to-air missiles
SAP's AI strategy: Come for the openness, stay because you have to
Joule Studio 2.0 waves the flag of interoperability, API policy tells enterprises who's really in charge
ZTE Showcases AI Interactive Flat Panel at the Broadband User Congress in Brazil
AI interactive flat panel aimed at offices, elder care, and classrooms with built-in conferencing, automation, and monitoring features unveiled
PoC Released for DirtyDecrypt Linux Kernel Vulnerability
Patched in April, the underlying vulnerability allows local attackers to elevate their privileges to root. The post PoC Released for DirtyDecrypt Linux Kernel Vulnerability appeare…
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code…
Windows Firewall stands between you and greasy delight
You don't really want that entering your system, do you?
How AI is transforming network incident response (and where it still falls short)
If you’ve sat through any vendor pitch in the last year, you’ve heard the promise. AI will detect the anomaly, correlate the signals, identify the root cause, maybe even remediate …
The class of 2026 has heard enough about AI, thanks
From campus ceremonies to Linux communities and academic journals, resistance to LLM evangelism is getting louder
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extensio…
Baidu says the quiet part out loud – you can’t build AI infrastructure, so clouds can cash in
CFO says GPU rentals are ‘structurally higher margin than CPU cloud’
Critical Vulnerability Exposes Industrial Robot Fleets to Hacking
The vulnerability, CVE-2026-8153, affects Universal Robots PolyScope 5 and it can be exploited for OS command injection. The post Critical Vulnerability Exposes Industrial Robot F…
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sen…
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the…
Iran hints it could interfere with submarine cables in the Strait of Hormuz
Threatens unspecified ‘fees’ and warns of economic consequences – yet only major kinetic action could stop data flows entirely
VMware quietly debuts Arm hypervisor tech preview
Supports Nvidia Grace and Ampere processors
Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them
While also spoofing all the trusted domains - Apple, Microsoft, and Google - in the same attack
The big AI companies are going to see their margins disappear
AI will indeed eat the world – if your world involves software-size margins
INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
More than 200 individuals were arrested for cybercrime activities during INTERPOL's Operation Ramz, which focused on the Middle East and North Africa. [...]
Shai-Hulud copycat worm infects yet another npm package
Plus three other stealers in three other packages, all from the same scumbag