HeartlessSoul Wants Map Data. Russian Aerospace and Drone Operators Are Giving It to Them.

Kaspersky disclosed cyber espionage group HeartlessSoul on May 11, targeting Russian aerospace firms and drone operators through SourceForge malvertising to steal GIS shape files, GPS data, and terrain models. The operational ground truth Russian analysts use is the prize.

TeamPCP Just Backdoored Checkmarx for the Third Time in Three Months

TeamPCP compromised the Checkmarx Jenkins AST Plugin on May 9, the third attack on Checkmarx in three months. The Dune-themed defacement reads "Checkmarx fails to rotate secrets again." Either secrets rotation was incomplete or TeamPCP retained access through an unremediated persistence mechanism.

cPanel Update: Mr_Rot13 Has Been Backdooring Servers Through CVE-2026-41940 For Six Years

The cPanel CVE-2026-41940 story continues. A new threat actor has been named, the backdoor it deploys has been documented, and the most operationally relevant fact is that this group has been operating since 2020 with detection rates close to zero. BEIJING, CHINA — A new threat actor designated Mr_Rot13 has

Mandia, Stamos, and Adamski Just Told Everyone the Next Two Years Will Be 'Insane'

Three of cybersecurity's most prominent voices used the RSA Conference in March to deliver a unified warning: AI is finding vulnerabilities faster than organizations can patch them, and the next two years will outpace anything the industry has seen.

Cybersecurity Students Took a Federal Scholarship Deal. Now They May Owe Six Figures.

Participants in the CyberCorps Scholarship for Service program face hundreds of thousands of dollars in potential debt as Trump administration hiring freezes have led federal agencies to rescind job and internship offers. The Trump administration has proposed cutting SFS funding by 65 percent.

40 Million People Ask ChatGPT a Health Question Every Day. HIPAA Doesn't Cover Any of It.

More than 40 million people ask ChatGPT a healthcare-related question every day. OpenAI's ChatGPT Health and Anthropic's Claude for Healthcare are not HIPAA-compliant for consumers — and that is by design.

Across Party Lines and Industry, the Verdict Is the Same: CISA Is in Trouble

After more than a year of the second Trump administration, observers across the political spectrum told CyberScoop that CISA has been significantly diminished, losing roughly one-third of its personnel.

PCPJack Doesn't Just Steal Your Credentials. It Kicks Out Other Hackers First.

SentinelLABS disclosed PCPJack on May 7 — a Linux cloud worm that exploits 5 CVEs across Docker, Kubernetes, Redis, MongoDB, and RayML, then evicts rival TeamPCP malware before stealing credentials. The "PCP replaced" telemetry field is the editorial differentiator.

A DoD Contractor Just Patched a 150-Day-Old Bug That Exposed Where Military Personnel Are Stationed

Schemata, a DoD contractor providing AI-powered training to US military customers, patched a zero-authorization API flaw on May 1, 2026 — 150 days after researcher Strix first disclosed it.

NVIDIA's Armenian Cloud Gaming Partner Was Hacked

A breach of GFN.am, NVIDIA's authorized GeForce NOW partner in Armenia, exposed user data including roughly 6,000 customer payment cards. ShinyHunters claimed responsibility, but BleepingComputer and Cybernews assess the claimant as a likely impersonator.

Microsoft Edge Loads All Your Passwords in Plaintext RAM. Microsoft Says It's Working as Intended.

Norwegian researcher Tom Jøran Sønstebyseter Rønning of Statnett SF demonstrated at the Palo Alto Networks Norway BIG Bite of Tech conference that Microsoft Edge keeps every saved password loaded in plaintext RAM during a browser session. Microsoft's response: by design.

Chrome Is Installing a 4GB AI Model on Your Machine Without Consent

Privacy researcher Alexander Hanff documented Chrome silently downloading a 4GB Gemini Nano model to user devices without consent.