CybelAngel

03/06/2026

Instagram's AI support tool was tricked into handing over accounts to anyone with a VPN and the right prompt. According to the BBC, ‘Hackers could reportedly change passwords for other accounts by faking their location and then asking the AI to change the emails associated with them.’

Read more:

Some reports have linked the incident to recent cases of high-profile Instagram accounts being hijacked.

02/06/2026

A single compromised developer account turned 32 trusted Red Hat npm packages into a credential-stealing worm.

We're covering yesterday's Miasma campaign incident in full over on our blog: https://bit.ly/4e6anxw

02/06/2026

Sam and Ryan have are in sunny Miami and are ready to connect at the East CISO & Cybersecurity Leaders Forum today!

If you're at the event, come say hello, we'd love to meet you.

01/06/2026

ChatGPT's web summarization feature is now a phishing delivery surface. That plus four other critical vulnerabilities from last week, all in our weekly cyber roundup: https://bit.ly/4a5nRIp

29/05/2026

If you‘ve ever stumbled across a Google dork in a write-up and wondered where the author found it, the answer is almost always the same: the Google Hacking Database.

This Friday, take some time to check in about how your security team should actually use it:

Explore the Google Hacking Database (GHDB) — what it is, how Johnny Long built it, and how security teams use its 8,000+ dorks defensively.

28/05/2026

We've enhanced the power of CybelAngel's Brand Protection: Social Media Impersonation is now part of the same coverage as lookalike domains.

Daily scanning of Facebook, X, LinkedIn, Instagram, TikTok, YouTube and Reddit is included. Brand and executive impersonation, qualified before it reaches your team, is smoothly delivered in the same incident format you already use for domains.
Read more → https://eu1.hubs.ly/H0vJ-pQ0

28/05/2026

At CybelAngel, we prioritize our partners and support your growth and success.

Discover how our partnership program delivers exceptional value for you and your customers. Learn more: https://eu1.hubs.ly/H0vHPYw0

26/05/2026

A critical SQL injection flaw (CVSS 9.4) in Ghost CMS is being actively exploited to inject malicious JavaScript and serve ClickFix malware through trusted domains.

If you run Ghost CMS, update to 6.19.1 immediately, and rotate every credential: https://eu1.hubs.ly/H0vDJsj0

26/05/2026

CybelAngel is joining the East CISO & Cybersecurity Leaders Forum alongside top security executives in sunny Miami, from May 31-June 2.

On the agenda: external threats, digital risk protection, and what's next for the modern CISO.

We so hope to see you there! ☀️

25/05/2026

Here are all of the main cyber stories that you've missed from last week featuring CISA's eight new exploited flaws added to KEV, and more:

Here are all of the main cyber stories that you've missed from last week featuring CISA's eight new exploited flaws added to KEV, and more.