{"id":14571,"date":"2026-05-08T16:30:24","date_gmt":"2026-05-08T16:30:24","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=14571"},"modified":"2026-05-08T16:30:24","modified_gmt":"2026-05-08T16:30:24","slug":"in-different-information-prepare-hacker-arrested-pamdoora-linux-backdoor-new-cisa-director-frontrunner","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=14571","title":{"rendered":"In Different Information: Prepare Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p>SecurityWeek\u2019s weekly cybersecurity information roundup provides a concise overview of necessary developments that won&#8217;t obtain full standalone protection however stay related to the broader risk panorama.<\/p>\n<p>This curated abstract highlights key tales throughout vulnerability disclosures, rising assault strategies, coverage updates, trade stories, and different noteworthy occasions to assist readers keep a well-rounded consciousness of the evolving cybersecurity atmosphere.<\/p>\n<p><strong>Listed below are this week\u2019s highlights:<\/strong><\/p>\n<p><strong>US authorities targets 72-hour patch cycles<\/strong><\/p>\n<p>US cybersecurity officers are proposing a major discount in federal remediation timelines, transferring from a 14-day window to only three days for vital vulnerabilities, <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.reuters.com\/legal\/litigation\/us-officials-weigh-cutting-deadlines-fix-digital-flaws-amid-worries-over-ai-2026-05-01\/\">Reuters<\/a> realized. This shift is pushed by the rise of subtle AI fashions like Anthropic\u2019s <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/anthropic-unveils-claude-mythos-a-cybersecurity-breakthrough-that-could-also-supercharge-attacks\/\">Mythos<\/a> and OpenAI\u2019s <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/openai-widens-access-to-cybersecurity-model-after-anthropics-mythos-reveal\/\">GPT-5.4-Cyber<\/a>, which permit attackers to weaponize software program flaws at unprecedented speeds. It\u2019s price noting that CISA <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/ivanti-patches-epmm-zero-day-exploited-in-targeted-attacks\/\">even now<\/a> instructs federal companies to patch some vulnerabilities inside three days if the chance of exploitation is important.\u00a0<\/p>\n<p><strong>Malware leverages Home windows Cellphone Hyperlink to steal OTPs<\/strong><\/p>\n<div class=\"zox-post-ad-wrap\"><span class=\"zox-ad-label\">Commercial. Scroll to proceed studying.<\/span><\/div>\n<p>Cisco Talos has recognized a modular <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/blog.talosintelligence.com\/cloudz-pheno-infostealer\/\">malware marketing campaign<\/a> that includes the CloudZ distant entry instrument and a brand new plugin named Pheno. This risk intercepts one-time passwords and SMS messages by concentrating on the Microsoft Cellphone Hyperlink utility to extract information from synchronized SQLite databases on the host PC. The an infection chain makes use of a Rust-compiled loader and reflective .NET execution to bypass detection mechanisms.<\/p>\n<p><strong>One other Venezuelan ATM jackpotter to be deported<\/strong><\/p>\n<p>Venezuelan nationwide David Jose Gomez Cegarra was <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.justice.gov\/usao-wdny\/pr\/venezuelan-national-sentenced-stealing-nearly-300000-atms-ny-massachusetts-and\">sentenced<\/a> to time served for his position in an <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/us-charges-31-more-defendants-in-massive-atm-hacking-probe\/\">ATM jackpotting operation<\/a> that stole almost $300,000 from a number of banks. The group bypassed safety by bodily accessing ATM exhausting drives to put in malware, permitting them to set off money dispensations. Following his conviction for financial institution larceny, Cegarra was ordered to pay $294,000 in restitution and was transferred to ICE for deportation.<\/p>\n<p><strong>Prepare hacker arrested in Taiwan<\/strong><\/p>\n<p>A 23-year-old pupil has been <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/newtalk.tw\/news\/view\/2026-04-30\/1032583\">detained<\/a> in Taiwan for allegedly infiltrating the high-speed rail community and transmitting pretend Basic Alarm indicators to the management heart. By cloning Tetra radio indicators to set off guide emergency braking, the suspect compelled a number of trains to cease. Authorities seized a number of radio and digital gadgets throughout the investigation, and the suspect now faces a number of costs, together with interference with public transportation security.<\/p>\n<p><strong>IBM safety government positioned as frontrunner for CISA director<\/strong><\/p>\n<p>Tom Parker, a safety providers lead at IBM, has surfaced as a major candidate to guide the Cybersecurity and Infrastructure Safety Company (CISA) following the <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/in-other-news-unauthorized-mythos-access-plankey-cisa-nomination-ends-new-display-security-device\/\">withdrawal<\/a> of Sean Plankey. The Trump administration reportedly favors Parker\u2019s intensive personal sector background, which incorporates founding Hubble. If appointed, he&#8217;ll take over the company at present overseen by appearing director <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/nick-andersen-appointed-acting-director-of-cisa\/\">Nick Andersen<\/a>.<\/p>\n<p><strong>Drone discussion board contributors focused in Eurasian spy operation\u00a0\u00a0<\/strong><\/p>\n<p>Researchers have recognized a focused spy operation referred to as <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.seqrite.com\/blog\/operation-silent-rotor-rust-malware-unmanned-aviation-sector\/\">Operation Silent Rotor<\/a> aimed on the Eurasian drone trade. Attackers used spear-phishing emails disguised as orders from the Russian Aeronautical Data Heart to trick victims into working malware that steals information. The marketing campaign was particularly timed to hit attendees of the Unmanned Aviation 2026 discussion board in Moscow, permitting the hackers to compromise high-value targets within the sector.<\/p>\n<p><strong>Extra US residents imprisoned for working North Korean laptop computer farms<\/strong><\/p>\n<p>Matthew Isaac Knoot and Erick Ntekereze Prince have been every <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.justice.gov\/opa\/pr\/two-us-nationals-sentenced-facilitating-fraudulent-remote-information-technology-worker-0\">sentenced<\/a> to 18 months in jail for enabling <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/topics\/fake-it-workers\/\">North Korean IT employees<\/a> to infiltrate almost 70 US firms and generate $1.2 million for the sanctioned regime. The defendants hosted company laptops at their houses and put in unauthorized distant entry software program to create the phantasm that the abroad employees have been working from inside the USA.\u00a0<\/p>\n<p><strong>Gaming platform exploited in North Korean spy marketing campaign<\/strong><\/p>\n<p>The North Korea-linked risk actor ScarCruft carried out <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/rigged-game-scarcruft-compromises-gaming-platform-supply-chain-attack\/\">focused surveillance<\/a> in opposition to customers within the Yanbian area of China by compromising a online game platform utilized by ethnic Koreans residing there. By trojanizing Home windows replace information and Android sport packages, the group deployed the BirdCall backdoor to exfiltrate private paperwork and report audio from sufferer gadgets.\u00a0<\/p>\n<p><strong>New Linux backdoor PamDOORa\u00a0<\/strong><\/p>\n<p>A risk actor generally known as \u2018darkworm\u2019 is advertising the supply code for <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/flare.io\/learn\/resources\/blog\/pamdoora-new-linux-pam-based-backdoor-sale-dark-web\">PamDOORa<\/a>, a classy post-exploitation instrument designed to compromise the Linux Pluggable Authentication Module (PAM) stack. This backdoor allows persistent SSH entry whereas concurrently harvesting plaintext credentials from authentic customers, probably even from incident responders. The malware is at present being supplied on a Russian cybercrime discussion board for $900.<\/p>\n<p><strong>Laborious energy cycles required to eradicate Firestarter implant from Cisco firewalls\u00a0\u00a0<\/strong><\/p>\n<p>The ArcaneDoor cyber espionage group is utilizing a persistent Linux-based malware referred to as <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/us-federal-agencys-cisco-firewall-infected-with-firestarter-backdoor\/\">Firestarter<\/a> to compromise Cisco firewalls. In response to <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/eclypsium.com\/blog\/firestarter-cisco-firewall-backdoor-survives-patches\/\">Eclypsium<\/a>, this implant hooks the core LINA course of to evade detection and stays lively even after firmware patches by re-installing its persistence mechanism throughout the system\u2019s reboot sequence. Performing a tough energy cycle by bodily disconnecting the {hardware} from all energy sources for at the least one minute is required to completely purge the an infection.<\/p>\n<p><strong>Associated<\/strong>: <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/in-other-news-scattered-spider-hacker-arrested-soc-effectiveness-metrics-nsa-tool-vulnerability\/\">In Different Information: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Instrument Vulnerability<\/a><\/p>\n<p><strong>Associated<\/strong>: <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.securityweek.com\/in-other-news-unauthorized-mythos-access-plankey-cisa-nomination-ends-new-display-security-device\/\">In Different Information: Unauthorized Mythos Entry, Plankey CISA Nomination Ends, New Show Safety Gadget<\/a>\n\t\t\t<\/p>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>SecurityWeek\u2019s weekly cybersecurity information roundup provides a concise overview of necessary developments that won&#8217;t obtain full standalone protection however stay related to the broader risk panorama. This curated abstract highlights key tales throughout vulnerability disclosures, rising assault strategies, coverage updates, trade stories, and different noteworthy occasions to assist readers keep a well-rounded consciousness of the [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":14573,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[3361,558,1359,3551,9000,639,2026,121,8999,2547],"class_list":["post-14571","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-arrested","tag-backdoor","tag-cisa","tag-director","tag-frontrunner","tag-hacker","tag-linux","tag-news","tag-pamdoora","tag-train"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/14571","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14571"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/14571\/revisions"}],"predecessor-version":[{"id":14572,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/14571\/revisions\/14572"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/14573"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14571"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14571"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14571"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-05-08 18:38:07 UTC -->