BuzzSec

Insider trading is rife on Polymarket: Analysis by the Anti-Corruption Data Collective, a non-profit research and advocacy group, found that long-shot bets—­defined as wagers of $2,500 or more at odds of 35 percent or less—­on the platform had an average win rate of around 52 percent in markets on military and defense actions. That compares with a win rate of 25 percent across all politics-focused markets and just 14 percent for all markets on the platform as a whole. It is absolutely insane that this is legal. We already know how insider betting warps sports. Insider betting warping politics—and military actions—is orders of magnitude worse. from Schneier on Security https://www.schneier.com/blog/archives/2026/05/insider-betting-on-polymarket.html

Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users into joining a subscription that provided fake data and incurred financial loss. The 28 apps have collectively racked up more than 7.3 million downloads, with one of them alone accounting for over from The Hacker News https://thehackernews.com/2026/05/fake-call-history-apps-stole-payments.html

We’ve long defined cybersecurity as the technical discipline of protecting networks, data and systems. But when viewed through a geopolitical lens, then this definition is no longer sufficient. What we are dealing with today goes beyond protecting organisational data, to protecting economies, sovereignty, and increasingly, human perception. from KnowBe4 Blog https://blog.knowbe4.com/from-cyberwar-to-cognitive-warfare-the-geopolitical-impact-on-cybersecurity-in-africa

A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers' systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network tunneling. "QLNX targets developers and DevOps credentials across the software supply chain," from The Hacker News https://thehackernews.com/2026/05/quasar-linux-rat-steals-developer.html

Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that's being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called "darkworm." The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination. from The Hacker News https://thehackernews.com/2026/05/new-linux-pamdoora-backdoor-uses-pam.html

In the second timeline of April 2026 I collected 108 events, corresponding to an average of 7.2 events per day, a number that confirms a growing trend, driven by the increasing number of supply chain attacks, compared to the previous timeline, where I collected 94 events (6.27 events/day). from HACKMAGEDDON https://www.hackmageddon.com/2026/05/08/16-30-april-2026-cyber-attacks-timeline/