EPISODE · May 9, 2026 · 5 MIN
May 09, 2026 · #51
from Security Brief Daily · host Security Brief Daily
Episode 51 — 09 May 2026 1. NVIDIA confirms GeForce NOW data breach affecting Armenian users Source: Bleeping Computer NVIDIA has confirmed in a statement for BleepingComputer that GeForce NOW user information has been exposed in a data breach. The gaming and hardware giant has clarified that the impact is limited to Armenia, and was caused by a compromise of the infrastructure operated by a... 2. Trellix source code breach claimed by RansomHouse hackers Source: Bleeping Computer The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion. Yesterday, the threat actor published on their data leak site screenshots indicating access to... 3. Former govt contractor convicted for wiping dozens of federal databases Source: Bleeping Computer A 34-year-old Virginia man was found guilty of conspiring to destroy dozens of government databases after getting fired from his job as a federal contractor. In 2016, Sohaib Akhter and his twin brother and co-defendant Muneeb Akhter were also sentenced to several years in... 4. New Linux 'Dirty Frag' zero-day gives root on all major distros Source: Bleeping Computer A new Linux zero-day exploit, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command. Security researcher Hyunwoo Kim, who disclosed it earlier today and published a proof-of-concept (PoC) exploit, says this... 5. Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access Source: The Hacker News Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions... 6. PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems Source: The Hacker News Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments. "The toolset harvests credentials from cloud, container, developer,... 7. Canvas Breach Disrupts Schools & Colleges Nationwide Source: Krebs on Security An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service’s login page with a ransom demand... 8. PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux Source: The Hacker News Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems. "While these wheel packages do implement the...
What this episode covers
Episode 51 — 09 May 2026 1. NVIDIA confirms GeForce NOW data breach affecting Armenian users Source: Bleeping Computer NVIDIA has confirmed in a statement for BleepingComputer that GeForce NOW user information has been exposed in a data breach. The gaming and hardware giant has clarified that the impact is limited to Armenia, and was caused by a compromise of the infrastructure operated by a... 2. Trellix source code breach claimed by RansomHouse hackers Source: Bleeping Computer The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion. Yesterday, the threat actor published on their data leak site screenshots indicating access to... 3. Former govt contractor convicted for wiping dozens of federal databases Source: Bleeping Computer A 34-year-old Virginia man was found guilty of conspiring to destroy dozens of government databases after getting fired from his job as a federal contractor. In 2016, Sohaib Akhter and his twin brother and co-defendant Muneeb Akhter were also sentenced to several years in... 4. New Linux 'Dirty Frag' zero-day gives root on all major distros Source: Bleeping Computer A new Linux zero-day exploit, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command. Security researcher Hyunwoo Kim, who disclosed it earlier today and published a proof-of-concept (PoC) exploit, says this... 5. Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access Source: The Hacker News Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions... 6. PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems Source: The Hacker News Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments. "The toolset harvests credentials from cloud, container, developer,... 7. Canvas Breach Disrupts Schools & Colleges Nationwide Source: Krebs on Security An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service’s login page with a ransom demand... 8. PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux Source: The Hacker News Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems. "While these wheel packages do implement the...
NOW PLAYING
May 09, 2026 · #51
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.