Mastodawn

-FCC relaxes foreign router ban to allow for security updates
-ShinyHunters disrupts schools across US
-21-year-old RCE found in FreeBSD
-Another Linux zero-day LPE
-Mexican water utility hacked with AI
-SailPoint breach
-Recordings leak US-Israel-Argentina plan to destabilize LATAM govts with fake news
-France opens investigation of Musk and Twitter (X)
-FCC wants KYC for telcos
-CyberCorps scholarship rebrands to AI

Newsletter: https://news.risky.biz/risky-bulletin-fcc-relaxes-foreign-router-ban-to-allow-for-security-updates/
Podcast: https://risky.biz/RBNEWS562/

Show thread

Catalin Cimpanu 1d ago

-EU calls VPNs a "loophole" for age checks
-JDownloader supply chain attack
-Checkmarx hack update
-RansomHouse claims Trellix hack
-The Dutch fine Yango €100m
-GM gets a tiny fine for selling driver data
-TrustedVolumes hacked for $6.7m
-Google sabotages de-Googled smartphones with new reCAPTCHA
-Trenchant exec on the hook for an extra $10m
-Infosec exec arrested in CSAM investigation
-Twin pleads guilty to destroying govt DBs
-Kingdom Market admin sentenced to prison
-Crimenetwork 2 takedown

Show thread

Catalin Cimpanu 1d ago

-WhatsApp bans scam accounts in India
-Malware found on HuggingFace and npm
-Malware reports on Lorem Ipsum backdoor, Needle MaaS, Doko PhaaS, PamDOORa Linux backdoor, Jenkins DDoS botnet
-NZ sanctions Russian cyber actors
-Argentina detains La Compañía disinfo network boss
-Russian disinfo networks go wild on TikTok
-New LiteLLM exploitation in the wild
-New ClaudeBleed vulnerability
-Vulnerabilities in Yarbo lawn mowers
-Cloudflare layoffs
-DistrictCon and SREcon 2026 videos

Who may be at risk: Only people who downloaded and installed from jdownloader.org during 6th-7th May 2026 (UTC) using one or more website download links for "Download Alternative Installer" and/or the affected Linux shell installer link - see the timeline below.
Who is not affected: Everything that is not among the at-risk cases above - all other downloads and install paths on this site, existing installations, in-app updates, and installations from any other source.

SHINYHUNTERS
rooting your systems since '19;)
ShinyHunters has breached Instructure (again). Instead of contacting us to resolve it they ignored us and did some "security patches".
▲ WARNING