BuzzSec

A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails with an aim to compromise Facebook accounts. The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen accounts back through an illicit storefront run by the threat actors. In all, roughly 30,000 Facebook accounts are from The Hacker News https://thehackernews.com/2026/05/30000-facebook-accounts-hacked-via.html

John N Just, Ed.D. - Chief Learning Officer What's New: Celebrating World Password Day and Beyond Happy May! This month, we are putting a major spotlight on World Password Day (May 7) . While the "traditional" password might be evolving into passkeys and biometrics, the human element of authentication remains the #1 target for social engineers. To help you celebrate, we’ve released a dedicated suite of content designed to move your users beyond "Password123!" and into a mindset of strategic defense. From deep dives into the psychology of a credential harvest to practical guides on mastering password managers, our updates are built to help you strengthen your organization's defenses. Just in time for World Password Day!  World Password Day and You Video Module Celebrate the first Thursday in May by reinforcing strong, unique password practices. This video highlights the fundamental habits needed...

Microsoft warns that a new criminal threat actor dubbed “Storm-2755” is launching payroll-pirate attacks against Canadian users. These attacks use social engineering to compromise employee accounts and divert salary payments to attacker-controlled bank accounts. from KnowBe4 Blog https://blog.knowbe4.com/alert-payroll-hijacking-attacks-are-targeting-canadian-employees

Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO. Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to from The Hacker News https://thehackernews.com/2026/05/china-linked-hackers-target-asian.html

Someone pleaded guilty to secretly working for a ransomware gang as he negotiated ransomware payments for clients. from Schneier on Security https://www.schneier.com/blog/archives/2026/05/a-ransomware-negotiator-was-working-for-a-ransomware-gang.html

The U.S. Department of Justice (DoJ) on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accused of deploying the ransomware against multiple victims located throughout the U.S. between April and December 2023. from The Hacker News https://thehackernews.com/2026/05/two-cybersecurity-professionals-get-4.html