Google has rolled out a QR-code based reCAPTCHA challenge as part of its Cloud Fraud Defense platform first announced on April 22, 2026, that requires users to scan a code with a “compatible” mobile device to prove they are human. The verification flow accepts iOS devices and Android handsets running Google Play Services (reportedly version 25.41.30 or higher), but blocks or repeatedly challenges devices running privacy-focused, de‑Googled operating systems such as GrapheneOS, CalyxOS and other custom ROMs. The change, which Google has been migrating to sites since late 2025, leverages hardware-backed attestation to verify device integrity and is designed to counter increasingly capable AI-driven bots. Critics — including GrapheneOS developers, privacy advocates and parts of the security community — argue the move effectively ties basic web access to Google’s proprietary ecosystem, can exclude secure alternative OSes, and may have been rolled out automatically for many websites. Workarounds for affected users include using a separate certified device or selecting fallback audio challenges, while some experts urge web administrators to consider alternative verification services to avoid locking out privacy‑focused users.

A cybercriminal group known as ShinyHunters breached Instructure’s Canvas learning-management system in late April and again in early May, exploiting its Free‑For‑Teacher feature to access and publish student and staff records. The group claimed it had stolen terabytes of data from roughly 8,000–9,000 institutions and set a ransom deadline for public release; reported figures vary and remain unverified. Instructure disclosed unauthorized activity detected April 29, took Canvas offline to contain the incident and temporarily suspended Free‑For‑Teacher accounts. The platform was restored for most users within days, though some services remained in maintenance mode while external forensics and U.S. federal investigators — including the FBI and CISA — were notified. Affected data reportedly includes names, email addresses, student ID numbers and private messages between users; the company said it found no evidence of exposed passwords, dates of birth, government identifiers or financial information. The disruption hit thousands of schools during U.S. finals week, forcing exam delays and alternative submission arrangements as institutions and vendors assess exposure and response.

Palo Alto Networks disclosed a critical buffer overflow zero-day in its PAN-OS User-ID Authentication Portal (Captive Portal), tracked as CVE-2026-0300, that allows unauthenticated remote code execution with root privileges on PA-Series and VM-Series firewalls. The company warned of "limited exploitation" and attributed activity to a likely state-sponsored cluster tracked as CL-STA-1132. Evidence shows unsuccessful attempts from April 9 and successful exploitation and follow-on activity in April, including AD enumeration, use of tunneling tools (EarthWorm, ReverseSocks5), credential collection and log deletion. Affected PAN-OS branches include versions in the 10.x, 11.x and 12.1 lines when the portal is exposed to untrusted networks. Palo Alto plans staged software fixes beginning May 13, 2026, with further patches on May 28. The U.S. CISA added CVE-2026-0300 to its Known Exploited Vulnerabilities catalog, directing federal agencies to apply mitigations. Until patches are issued, Palo Alto and researchers advise restricting or disabling the User-ID Authentication Portal, disabling response pages on L3 interfaces, and enabling available threat signatures for detection.

Security firm ESET uncovered a sprawling campaign of 28 fraudulent Android apps — dubbed “CallPhantom” — that falsely claimed to provide call, SMS and WhatsApp histories for any phone number and collectively racked up more than 7.3 million downloads. The apps generated hardcoded, fake records and prompted users to subscribe to plans costing roughly $6–$80. The campaign appears to have been active since late 2025; ESET flagged the apps to Google in December 2025 and the apps were removed from the Play Store after public disclosure in May 2026. Most victims were in India: many apps defaulted to the +91 country code and supported UPI payment methods popular there. Some subscriptions used Google Play billing (eligible for Play refunds); others routed payments through third-party UPI providers or in-app card forms, complicating reimbursement. The apps employed deceptive tactics — including fake notifications and misleading developer names such as “Indian gov.in” — to build trust and pressure users into paying. The removals followed ESET’s report; affected users are advised to check Play billing for cancellations and contact payment providers for third-party charges.

In early May 2026 Anthropic disclosed Claude Mythos Preview, an internal AI model that in controlled testing identified thousands of previously unknown zero-day vulnerabilities across major operating systems and web browsers. Anthropic restricted access under “Project Glasswing” to roughly 40 firms — including large tech and financial firms — to give defenders a head start. Mozilla, a Mythos partner, said it shipped 423 Firefox security fixes in April, 271 of them tied to Mythos findings. US regulators responded: Federal Reserve Chair Jerome Powell and Treasury officials convened major bank CEOs to assess risk. Anthropic warned of a six-to-twelve month window before adversaries could replicate the capability. Cybersecurity researchers, however, say many of Mythos’s headline feats can be reproduced today by orchestration of existing models and cheaper toolchains; OpenAI has offered vetted access to cyber-focused models. Reports also document practical risks — from unauthorized access attempts against Mythos to a sharp surge in AI-enabled attacks — underscoring both the defensive value of these tools and the danger that equivalent offensive capabilities will proliferate globally.

A widespread cyberattack on Instructure’s Canvas learning platform disrupted classes, exams and communications at roughly 9,000 schools worldwide in late April and early May 2026, industry and university statements show. Instructure detected unauthorized activity on April 29 and took Canvas offline after hackers altered pages seen by logged-in users. The hacking group ShinyHunters claimed responsibility, posting that it had exfiltrated data relating to about 275 million people and set a May 12 deadline to negotiate or publish stolen files. Instructure said the breach appears to have exposed identifying information — names, email addresses, student ID numbers and user messages — but not passwords, birthdates, government identifiers or financial data. The company restored Canvas access for most users by May 8 after disabling Free-for-Teacher accounts that were reportedly exploited. Many universities and K-12 districts nonetheless kept systems offline or limited access while investigating; several schools cancelled or postponed finals. Reports indicate some institutions contacted the hackers or intermediaries to seek to prevent a public leak. Security firms and school IT teams warned of ongoing risks, including phishing and possible follow-on intrusions.

Security researchers at LayerX disclosed a serious vulnerability in Anthropic’s “Claude in Chrome” extension that allowed any other browser extension — including those with no special permissions — to send hidden instructions to the Claude AI agent. Discovered April 27 and privately reported to Anthropic on April 28, the bug (dubbed “ClaudeBleed”) stems from a trust-boundary error in the extension’s message handling that lets scripts running in the browser communicate with Claude’s LLM without verifying the sender. Tests showed attackers could exfiltrate Google Drive files, read and send emails, steal private GitHub source code and trigger other privileged actions while evading user notification. Anthropic released an update (v1.0.70) on May 6 that added checks for “standard” mode, but researchers say a “privileged” mode still allowed command injection and that LayerX’s principal researcher bypassed the patch within hours. LayerX recommended fixes such as signed extension-to-page tokens, restricting externally_connectable to specific extension IDs, and one-time approval tokens; Anthropic has said it will ship further fixes but did not immediately comment on the research.

Mozilla moved to an agentic AI pipeline in April 2026 that dramatically increased the pace and depth of vulnerability discovery in its Firefox browser. Using Anthropic’s Claude Mythos Preview alongside other large language models, the project identified 271 defects that were fixed in Firefox 150 and related point releases; Mozilla reported a total of 423 security fixes shipped in April, roughly 20 times its monthly 2025 average. The AI-driven system pairs a custom harness with automated test-case generation, dynamic validation and integration into existing fuzzing and CI infrastructure, enabling reproducible proofs-of-concept and sharply reducing false positives. Findings included long‑dormant memory-corruption and sandbox-escape primitives — some dating back 15–20 years — plus complex IPC and parsing flaws. Mozilla says AI produced patch suggestions but human engineers wrote and reviewed every production fix; containment measures isolated model-driven code edits within ephemeral VMs. Over 100 contributors triaged and shipped the patches. Mozilla plans to extend the pipeline to scan incoming patches; Anthropic and Mozilla followed responsible disclosure, but engineers warn similar methods could be used by attackers if uncontrolled.

Ivanti has disclosed and patched five high-severity vulnerabilities in its on-premises Endpoint Manager Mobile (EPMM) product, including a zero-day, CVE-2026-6973, that was being exploited in limited attacks at the time of disclosure (May 7–8, 2026). The flaw, caused by improper input validation, allows remote code execution by an authenticated user with administrative privileges. Ivanti released fixes in versions 12.6.1.1, 12.7.0.1 and 12.8.0.1 and advised customers to upgrade, rotate admin credentials and review Sentry and EPMM configurations. U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-6973 to its Known Exploited Vulnerabilities catalog and ordered federal civilian agencies to remediate by May 10, 2026. Ivanti said exploitation was “very limited” and that risk is lower for customers who followed prior January guidance after earlier EPMM zero-days (CVE-2026-1281 and CVE-2026-1340). The disclosure also covers four other high-severity defects, some enabling privilege escalation or unauthenticated certificate manipulation. Ivanti stressed these issues affect only on-premises EPMM, not its cloud Neurons for MDM or other Ivanti products, and urged immediate patching and network hardening to prevent supply-chain and enterprise mobile management compromises.

Security researchers on May 8 disclosed a sophisticated worm-like malware framework named PCPJack that actively targets exposed cloud services and developer platforms to harvest credentials. SentinelOne’s analysis shows PCPJack scans Docker, Kubernetes, Redis, MongoDB and RayML instances, drawing targets from Common Crawl parquet files and exploiting five publicly known flaws (including CVE-2025-55182, CVE-2025-29927 and CVE-2026-1357) to gain access. Infections start with a bootstrap.sh script that installs Python, downloads six modular payloads (orchestrator, lateral-movement, parser, crypto and cloud-scanning modules), establishes persistence and deliberately removes artifacts left by rival group TeamPCP. The toolset collects SSH keys, cloud provider tokens, OpenAI and Anthropic API keys, password vault data and other secrets, encrypts exfiltrated data with X25519/ChaCha20-Poly1305 and channels it via Telegram. Analysts also uncovered Sliver backdoor binaries for x86_64, x86 and ARM. Unlike many recent cloud campaigns, PCPJack omits crypto-mining, indicating monetization via credential resale, fraud, spam or extortion. Defenders are advised to enforce MFA, IMDSv2, secrets management, authenticated Docker/Kubernetes endpoints and least-privilege controls.

Security researcher Hyunwoo Kim (v4bel) publicly disclosed a new Linux kernel local privilege escalation class, dubbed “Dirty Frag,” after an embargo was broken on May 7–8, 2026. Dirty Frag chains two page-cache write flaws — xfrm‑ESP Page‑Cache Write and RxRPC Page‑Cache Write — to allow an unprivileged local user to obtain root on major distributions (Ubuntu, RHEL/CentOS/AlmaLinux, Fedora, openSUSE and others). The weakness sits in decryption fast paths (esp4, esp6, rxrpc kernel modules) and is deterministic with a high success rate; proof‑of‑concept code and a technical writeup were posted to GitHub. No upstream patch or CVE had landed at disclosure, though AlmaLinux published early test fixes and maintainers are working on backports. Immediate mitigations include blacklisting/removing the esp4, esp6 and rxrpc modules via modprobe configuration (example command published in advisories). The flaw is related to earlier “Dirty Pipe” and “Copy Fail” bugs and can bypass some prior mitigations, raising urgent concerns for administrators of multiuser and cloud systems.

A 23-year-old Taiwanese student using software-defined radio (SDR) equipment triggered a General Alarm (GA) that brought multiple Taiwan High Speed Rail (THSR) trains to a standstill on April 5, 2026. The false GA — broadcast from the student’s Taichung residence — activated emergency procedures and halted three to four trains for about 48 minutes while controllers verified the alarm. Investigators traced the transmission to the suspect, identified by surname Lin, after reviewing TETRA network logs and CCTV; police searched his home on April 28 and seized handheld radios, an SDR device, a laptop and smartphones. Authorities say the attacker cloned THSR radio signals and may have exploited a system that had not rotated cryptographic keys for nearly 19 years. Reports say a 21-year-old accomplice supplied parameters. Lin was arrested and later released on NT$100,000 bail pending prosecution; he could face penalties for endangering public transport and illegal radio interference. Taiwan’s Ministry of Transportation has ordered a review of rail communications security and key-management practices following the incident.

A 20-year-old US resident, Marlon Ferro (aka “GothFerrari”), was sentenced on May 6, 2026 to 78 months in prison for his role in a syndicate that prosecutors say stole more than US$250 million in cryptocurrency between late 2023 and early 2025. Ferro pleaded guilty in October 2025 to conspiracy to participate in a racketeering-influenced and corrupt organisation and was ordered to pay US$2.5 million in restitution and serve three years of supervised release. Court filings and prosecutors say Ferro acted as the gang’s “muscle,” breaking into homes to seize hardware wallets when social engineering and hacks failed, and also served as a key money launderer. Members of the group, allegedly led by Singaporean Malone Lam (arrested September 2024), operated across US states including California, New York, Florida and Connecticut and abroad; 17 people have been arrested or charged. Authorities seized luxury cars, watches and clothing, and prosecutors say stolen crypto funded nightclub spending, private jets, designer handbags (including Hermès Birkins), and legal fees. Ferro was arrested in May 2025 carrying firearms and fake ID documents.

Palo Alto Networks on May 6–8, 2026 warned of a critical zero-day (CVE-2026-0300) in PAN‑OS that is being actively exploited in the wild. The buffer‑overflow flaw resides in the User‑ID Authentication (Captive) Portal and can allow unauthenticated attackers to achieve remote code execution with root privileges on PA‑Series and VM‑Series firewalls. Palo Alto said exploitation has been limited but observed for several weeks, with Unit 42 tracking activity as cluster CL‑STA‑1132 and evidence of post‑exploit actions including log deletion, Active Directory enumeration and deployment of tunneling tools (EarthWorm, ReverseSocks5). CVSS was reported at 9.3 for internet‑exposed deployments. Prisma Access, Cloud NGFW and Panorama appliances are not affected. CISA added the bug to its Known Exploited Vulnerabilities catalog and vendors reported varying exposure counts (Shadowserver ~5,800 exposed VM instances; Wiz/Rapid7 reported other exposure metrics). Palo Alto advised immediate mitigations — restrict or disable the Authentication Portal, disable Response Pages on internet‑facing interfaces and apply threat prevention signatures — and said software fixes will begin rolling out from May 13, 2026, with further builds later in May.

Apple and Meta have publicly opposed Canada’s proposed Bill C-22, saying the legislation as drafted could force technology firms to weaken or circumvent end-to-end encryption and insert backdoors into devices and services. The bill, tabled by the governing Liberal Party and currently debated in the House of Commons after the party won a parliamentary majority, is intended by Canadian law enforcement to speed investigations of security threats. Apple said the law could undermine its ability to offer strong privacy and security features and that it would never deliberately introduce systemic vulnerabilities. Meta warned in prepared testimony that the bill’s “sweeping powers, minimal oversight, and lack of clear safeguards” might compel providers to build capabilities that break or circumvent zero-knowledge architectures or install government spyware. The debate follows a similar UK data access request that prompted Apple to withdraw an advanced iCloud encryption feature last year; Canadian officials say the law would not require changes that create systemic vulnerabilities. The dispute highlights tensions between public-safety demands and technology companies’ efforts to protect user data.

Security researchers have found that Microsoft Edge’s built‑in password manager decrypts and loads every saved credential into the browser process memory in cleartext at startup and leaves them resident for the duration of the session. Norwegian researcher Tom Jøran Sønstebyseter Rønning published a video and a proof‑of‑concept tool demonstrating that any credentials saved in Edge can be extracted from RAM, even if the sites are not visited during that session. Multiple security outlets corroborated the finding and noted the behaviour appears unique among Chromium‑based browsers. Microsoft has acknowledged the behaviour but said it is “by design,” arguing exploitation would require an already compromised device or administrative access. Security experts counter that modern infostealer malware and attacks on shared or terminal server environments make runtime plaintext credentials a practical risk. Researchers recommend users and organisations move passwords out of Edge’s manager, enable multi‑factor authentication or passkeys, and use dedicated password managers instead.

Google said on May 6, 2026, it is expanding Binary Transparency across the Android ecosystem to counter growing software supply-chain attacks. Starting with production Google applications and Mainline modules released after May 1, 2026, each build will receive a cryptographic entry logged on a public, append-only ledger. The log will let researchers, device makers and users verify that an on-device binary was an intended production release rather than a leaked or malicious one, addressing limits of digital signatures when signing keys are compromised or inner-development builds leak. The initiative covers Play Services, standalone Google apps and elevated-privilege Mainline components; binaries last updated before May 1 are excluded. Google is releasing verification tooling (hosted in an Android Binary Transparency repository) and says Pixel System Image Transparency will work alongside the new ledger. The company also described internal “defense-in-depth” controls to mitigate insider risk and said work is underway to scale the model to third-party developers, aiming to make transparency a broader standard for software integrity.

Microsoft’s Defender Research team disclosed a large-scale phishing campaign observed between April 14 and 16, 2026, that targeted more than 35,000 users at over 13,000 organisations across 26 countries. Around 92% of recipients were in the United States, with healthcare and life sciences (19%), financial services (18%), professional services (11%) and technology (11%) most affected. Attackers used polished, code-of-conduct themed emails that included personalized PDF attachments. Recipients who opened the PDFs were routed through multi-stage flows — including Cloudflare CAPTCHA pages and intermediate staging pages — before reaching fake Microsoft sign-in pages. The campaign employed adversary-in-the-middle (AiTM) techniques to intercept authentication tokens in real time, enabling account access despite some forms of multi-factor authentication. Microsoft said messages were sent via legitimate delivery services and used authenticity cues (including a false Paubox banner) to increase credibility. Recommended mitigations include enabling Safe Links/Safe Attachments, Zero-hour Auto Purge, phishing-resistant authentication (FIDO/passwordless), conditional access, Defender XDR attack disruption, and user awareness training.

LinkedIn’s Job Search Safety Pulse, published May 6, 2026, warns that employment scams are increasingly common and harder to spot. Based on a survey of about 8,500 professionals across the United States, United Kingdom, India, Germany and Brazil, the report finds 72% of job seekers now pause to question a posting’s legitimacy and 57% are more likely than a year ago to suspect scams. Younger applicants are especially exposed: roughly a third of Gen Z respondents said they had ignored warning signs because opportunities feel scarce. Tactics include recruiter impersonation, requests for sensitive data or upfront payments, and rapid attempts to move conversations off-platform; LinkedIn says most reported scams involve off-platform contact. Regulators’ data cited by LinkedIn show large losses — the FTC recorded more than 132,000 job-scam reports in 2025, costing victims hundreds of millions of dollars. LinkedIn is expanding automated removal, recruiter and job verification, timed safety prompts and spam filtering, while warning that generative AI is making scams cheaper and more convincing.

India’s Securities and Exchange Board (SEBI) on May 5, 2026 issued an advisory and set up a specialised task force to address emerging cybersecurity risks posed by AI-driven vulnerability-detection tools such as Anthropic’s ‘Mythos’. Named Cyber Suraksha AI, the group includes representatives from market infrastructure institutions, registrars and other stakeholders and will assess threats from AI models, develop mitigation strategies, facilitate sharing of threat intelligence, and report incidents and system vulnerabilities. SEBI told regulated entities to prioritise reporting of cyberattacks, accelerate system patching, conduct regular vulnerability assessments (including controlled use of AI tools), strengthen API and application security, adopt zero-trust principles, harden systems, enhance monitoring via security operations centres, and onboard the Market-SOC for real-time monitoring. The task force will also review the cybersecurity posture of third-party service providers and vendors that support securities market participants.