Visualização de leitura

↗️

The Cyber Express Weekly Roundup: EU AI Act Updates, Malware Expansion, Critical Vulnerabilities, and Rising Cybercrime Trends

✇Firewall Daily – The Cyber Express
Por:Ashish Khaitan

weekly roundup

In this weekly roundup from The Cyber Express, the global cybersecurity landscape continues to show rapid and uneven change, shaped by both regulatory shifts and escalating cyber threats. Governments are tightening oversight of new technologies such as artificial intelligence, while threat actors are simultaneously refining their techniques to exploit businesses, infrastructure, and end users across multiple platforms.  This edition of cybersecurity news brings together some of the most important developments of the week, ranging from significant amendments to the European Union’s AI Act to the expansion of malware campaigns into macOS environments and the discovery of a critical vulnerability in widely used enterprise firewall software.   It also covers major sentencing in a global ransomware case and a fresh warning from the FBI about the growing scale of cyber-enabled cargo theft targeting logistics and supply chain organizations. 

The Cyber Express Weekly Roundup 

EU Updates AI Act with Simpler Rules and New AI Content Bans 

In a significant regulatory update, the European Union has agreed to revise parts of the EU AI Act. The updated framework aims to simplify compliance requirements for businesses while simultaneously introducing stricter restrictions on harmful AI-generated content. Read more.. 

ClickFix Malware Campaign Expands to macOS 

Another key development is the expansion of the ClickFix malware campaign beyond Windows systems. Security researchers at Microsoft have confirmed that the operation is now targeting macOS users using deceptive troubleshooting content. Read more... 

Critical PAN-OS Vulnerability Enables Remote Code Execution 

A critical security flaw has been identified in Palo Alto Networks’ PAN-OS firewall software. Tracked as CVE-2026-0300, the vulnerability carries a CVSS score of 9.3, indicating severe risk. The issue originates from a buffer overflow vulnerability in the User-ID Authentication Portal. Read more... 

Latvian Cybercriminal Sentenced in Global Ransomware Case 

Latvian national Deniss Zolotarjovs has been sentenced to 102 months in prison for his role in a large-scale ransomware operation. According to the U.S. Department of Justice, the group operated under multiple ransomware brands, including Conti, Royal, Akira, and Karakurt. Between 2021 and 2023, the organization carried out attacks against more than 54 companies worldwide, using data theft and encryption-based extortion tactics to pressure victims into paying ransom demands. Read more... 

FBI Warns of Rising Cyber-Enabled Cargo Theft 

The FBI has issued an alert regarding a sharp rise in cyber-enabled cargo theft. Criminal actors are using impersonation techniques to pose as legitimate logistics providers, allowing them to intercept and redirect freight shipments. The agency noted that logistics, shipping, and insurance companies have been targeted since at least 2024. Read more... 

Weekly Takeaway 

This week’s The Cyber Express weekly roundup highlights the growing convergence of regulatory change, advanced malware threats, critical infrastructure vulnerabilities, ransomware enforcement actions, and supply chain fraud. As the global cybersecurity landscape continues to evolve, organizations across all sectors remain under increasing pressure to strengthen defenses and adapt to emerging risks. 
↗️

What the **** is happening in cybersecurity space ?

✇cybersecurity
Por:/u/Infam0

I've been working in cybersecurity for not so long, maybe 8 or 9 years, but I never remember a chaos at this scale. I mean, from this January alone we have: leaking data, compromised applications, breaches, AI-assisted cybercriminals, etc. It looks like every day one major breach is happening, and no one is going to address this shit somehow. This is already insane. I haven't felt such pressure in a long time. This AI shit just makes things worse because it enhances attackers' skills, and AI companies are doing nothing to address or change this. Is it only me, or is the change already here?

submitted by /u/Infam0
[link] [comments]
↗️

Reported a Broken Access Control bug to Instructure via bugcrowd 11 months ago, and also sent directly to canvas and instructure since I didn’t really care about the bounty. It was deemed "not applicable".

✇cybersecurity
Por:/u/coloradical5280

Could show a ton of screenshots but this one sums it up https://imgur.com/gallery/canvas-vuln-declared-n-11-months-ago-zYfHnBs

It showed enough PII from everyone in my course that it would have been cake to privilege escalate through even the most rudimentary social engineering.

Here's another screenshot with email replies (two months later) saying insturcture had no control over bootcampspot.instructure.com :: https://imgur.com/a/BnhgXme

submitted by /u/coloradical5280
[link] [comments]
↗️

How much personal info will be leaked by the recent Canvas hack??

✇cybersecurity
Por:/u/Wonderful-Click9431

So apparently Canvas got hacked by ShinyHunters (3?!) times and is currently completely down. The cybercriminal group said the deadline is on May 12st, and if Instructure doesn't comply, they'll leak the PII of all students and teachers. I'm not a cybersecurity major, and I don't know much about Canvas, but how much will we be affected if no deal is reached? Like, how much information is typically stored on Canvas, and will they be able to figure out more through what is available in the system? I'm genuinely concerned....

submitted by /u/Wonderful-Click9431
[link] [comments]
↗️

Are websites exposed to the internet under attack almost every hour, even if they're small?

✇cybersecurity
Por:/u/jaeone22

I run a few small SaaS platforms and static websites.

When my websites were first launched, I didn't pay much attention because there were only very basic scanning attempts, like trying to load WordPress wp-admin.php pages.

However, starting a few weeks ago, I've noticed attempts to perform SQL injections or extract server information through feedback forms, login forms, and other POST requests.

These requests are coming in every hour. After checking hundreds of log entries, they seem to follow the same patterns as Burp Suite’s automated scanning features. When I double-checked with Claude, it also suggested these look like scans from Burp or ZAP. (I've attached images of two log entries: https://cln.sh/VSw3xy6Q)

About once a week, in addition to these automated requests, I occasionally see attacks that aren't automated scans but seem to actually consider the website's structure. (Last week, there was a 30-minute attempt specifically trying to bypass the CAPTCHA on the login form.)

I'm very interested in cybersecurity, but since I'm just a student still learning and without professional experience, I'm not very familiar with attack attempts or patterns on live services. So, I have a few questions:

  1. Are attack attempts common even for small websites (less than 50 daily visitors)?
  2. I understand that Cloudflare blocks most SQL injection attempts before they even reach the server. Is this feature actually effective in practice?
  3. Besides these two questions, if anyone working in this field has any tips or other useful info, I’d really appreciate it if you could share.

Lastly, this post might feel a bit awkward or sound like it was written by an AI. I live in a non-English speaking country and my English isn't great, so I used a translator for this post. Please bear with me.

submitted by /u/jaeone22
[link] [comments]
❌