NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE https://firewall.firm.in/wp-content/uploads/2026/05/nginx.jpg Ravie LakshmananMay 17, 2026Server Security / Vulnerability A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck. The vulnerability, tracked as CVE-2026-42945 (CVSS score: 9.2), is a heap buffer overflow ...

Researchers use Anthropic Mythos find flaws in Apple security; ‘hack’ MacOS https://etimg.etb2bimg.com/thumb/msid-131114400,imgsize-1285067,width-1200,height=627,overlay-etciso,resizemode-75/vulnerabilities-exploits/researchers-use-anthropic-mythos-find-flaws-in-apple-security-hack-macos.jpg Anthropic’s Mythos AI, a tool that has already rattled the tech and financial sectors by exposing widespread software vulnerabilities, has now successfully ‘hacked’ macOS, which is regarded as one of the most secure operating systems in the world. According to a report by The Wall Street Journal, researchers ...

How Google may have confirmed Anthropic’s Mythos fears that sent shock waves across banks and financial institutions, ETCISO Google’s Threat Intelligence Group (GTIG) recently revealed that it successfully blocked a massive cyberattack where criminals used artificial intelligence (AI) to discover and weaponise a previously unknown software flaw. Google’s message is clear: The era of the ‘AI-powered hacker’ has officially arrived. ...

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms https://firewall.firm.in/wp-content/uploads/2026/05/banking.jpg Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that’s capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a major update of the Maverick, ...

Why identity is now a legal control plane, not just a cybersecurity function, says cyber law expert Karnnika Seth https://etimg.etb2bimg.com/thumb/msid-130956637,imgsize-59340,width-1200,height=627,overlay-etciso,resizemode-75/identity-access-management/the-evolving-role-of-identity-in-cyber-law-insights-from-expert-karnnika-seth.jpg As AI, digital platforms, fintech systems and autonomous agents reshape how identities are created, used and misused, identity access management has become a core legal and regulatory issue for enterprises, Dr. Karnnika A Seth, Cyber Law Expert, DRDO, Ministry of ...

Reggie Townsend, VP, Data Ethics, SAS, ETCISO Reggie Townsend has spent years making the uncomfortable case that ethical AI is not a brake on progress but the very precondition for it. As agentic systems move from concept to commercial deployment — taking decisions, triggering workflows, and acting on behalf of businesses without moment-to-moment human oversight — the stakes of getting ...

Meta pauses all work with AI recruiting startup Mercor after $10 billion company confirms hacking https://etimg.etb2bimg.com/thumb/msid-130050239,imgsize-7718,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/meta-pauses-all-work-with-ai-recruiting-startup-mercor-after-10-billion-company-confirms-hacking.jpg Meta has indefinitely suspended all work with Mercor. This comes after the artificial intelligence (AI) data contracting startup valued at $10 billion confirmed a security breach that may have exposed proprietary training data belonging to some of the world’s most prominent AI laboratories. According ...

Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise https://firewall.firm.in/wp-content/uploads/2026/05/kube.jpg Ravie LakshmananMay 08, 2026Linux / DevOps A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers’ systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network tunneling. “QLNX ...

Why identity is becoming the frontline of cyber warfare in a deepfake-driven world https://etimg.etb2bimg.com/thumb/msid-130958643,imgsize-147526,width-1200,height=627,overlay-etciso,resizemode-75/identity-access-management/why-identity-is-becoming-the-frontline-of-cyber-warfare-in-a-deepfake-driven-world.jpg As cyber warfare shifts from disrupting systems to infiltrating organisations through employees, vendors, customers and autonomous identities, enterprises must treat identity as a frontline defence layer rather than a back-end access function, industry leaders said on Friday. The panel said deepfake biometrics, synthetic identities, third-party compromise, ...

Cybersecurity leadership gap widens as cybercrime costs rise, ETCISO A widening gap in cybersecurity leadership, rising cybercrime costs and persistent talent shortages are leaving organisations increasingly exposed, according to the Sophos CISO Report 2026, developed in partnership with Cybersecurity Ventures. The report highlights a structural imbalance in global cyber resilience. While cyber risk continues to grow, the availability of experienced ...