Cyber Security News

Hacking Editorial Brief – May 3, 2026

Federal agencies are racing to patch a zero-day Windows vulnerability (CVE-2026-32202) after CISA added it to its Known Exploited Vulnerabilities catalog. The flaw, a zero-click NTLM hash leak in Windows Shell, is actively being exploited in the wild and stems from an incomplete fix of CVE-2026-21510. The vulnerability allows attackers to capture authentication credentials without user interaction, making it particularly dangerous for enterprise environments. Meanwhile, a threat actor known as UNC6692 has been observed deploying a custom malware suite dubbed "Snow" via Microsoft Teams, using social engineering to gain initial access before executing credential theft and domain takeover operations.

A $215 million global business email compromise scheme has resulted in convictions for 25 individuals in a U.S. federal court. Key figures Oluwafemi Michael Awoyemi, Aruan Drake, and Peter Reed were found guilty of wire fraud following a trial in Toledo, Ohio. In other credential-focused attacks, a Vietnamese-linked phishing campaign codenamed "AccountDumpling" leveraged Google AppSheet to distribute phishing emails, compromising approximately 30,000 Facebook accounts. The threat actor "mnt6" has also claimed responsibility for breaching quantum computing firm Photonic, citing the company's $32.6 million revenue in what appears to be a pressure tactic against the victim.

Sources: Bleeping Computer · prsol · The Hacker News · GBC Ghana Online · Hendry Adrian