Welcome to BSafes Library
BSafes library includes mobile-friendly cybersecurity publications.
News
May 20, 2026 – Policy and Law
Two U.S. Executives Plead Guilty in India-Based Tech-Support Fraud Schemes Full Text
Abstract
Two former executives of a U.S.-based call routing and analytics company have pleaded guilty to federal charges for knowingly enabling India-based call centers to defraud thousands of American victims through elaborate tech-support scam operations spanning nearly six years.Cyber Security News
May 19, 2026 – Insider Threat
America’s top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) left open a GitHub repository named “Private-CISA” containing plain-text passwords, private keys, tokens, and secrets – with obvious file names like “external-secret-repo-creds.yaml” and “AWS-Workspace-Firefox-Passwords.csv” – for six months.The Register
May 16, 2026 – Cryptocurrency
More than $10 million stolen from crypto platform THORChain Full Text
Abstract
Cryptocurrency platform THORChain said more than $10 million was stolen during a security incident on Friday morning.The Record
May 12, 2026 – Breach
Instructure reaches ‘agreement’ with ShinyHunters to stop data leak Full Text
Abstract
Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an "agreement" with the ShinyHunters extortion group to prevent the data stolen in a recent breach from being leaked online.Bleeping Computer
May 9, 2026 – Phishing
Fake OpenAI repository on Hugging Face pushes infostealer malware Full Text
Abstract
A malicious Hugging Face repository that reached the platform’s trending list impersonated OpenAI’s “Privacy Filter” project to deliver information-stealing malware to Windows users.CSO
May 7, 2026 – Vulnerabilities
Palo Alto warns of critical software bug used in firewall attacks Full Text
Abstract
Hackers are exploiting a new vulnerability in software from Palo Alto Networks, the company said in an advisory on Wednesday.CSO
April 28, 2026 – Government
CISA Adds Two Known Exploited Vulnerabilities to Catalog Full Text
Abstract
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-1708 ConnectWise ScreenConnect Path Traversal Vulnerability CVE-2026-32202 Microsoft Windows Protection Mechanism Failure VulnerabilityCSO
April 22, 2026 – Vulnerabilities
Anthropic investigates report of rogue access to hack-enabling Mythos AI Full Text
Abstract
The AI developer Anthropic has confirmed it is investigating a report that unauthorised users have gained access to its Mythos model, which it has warned poses risks to cybersecurity.CSO
April 21, 2026 – General
Top techniques attackers use to infiltrate your systems today Full Text
Abstract
Popular tool abuse, ClickFix, and identity-based attacks are among the most prevalent techniques bad actors are deploying these days to break into enterprise networks.CSO