Checkmarx Jenkins Plugin Backdoored in New TeamPCP Supply Chain Attack

Posted in Commentary with tags on May 11, 2026 by itnerd

TeamPCP has been found backdooring Checkmarx Jenkins plugin in a new supply chain attack.

SOCRadar security researchers have been tracking this activity and have included their analysis in a new post Checkmarx Jenkins Plugin Backdoored in New TeamPCP Supply Chain Attack:

  • They’re seeing Checkmarx hit twice in weeks, and the attacker confirmed why in their own defacement note: incomplete secret rotation after March. This isn’t bad luck, it’s an unfinished remediation.
  • The researchers broader concern is CI/CD pipelines as a category. Build environments are routinely underprotected despite holding credentials that unlock everything in production. A backdoored security scanner is the worst-case version of that blind spot.
  • SOCRadar researchers are also reading TeamPCP’s activity across PyPI, npm, GitHub Actions, and now Jenkins as a coordinated sweep, not isolated incidents. And if you’re hunting right now, the Dune-themed repository names across their infrastructure are a concrete detection signal worth chasing.

According to SOCRadar researchers:

“What makes this particularly dangerous for Jenkins users is the trust model at play. The Checkmarx Jenkins plugin is a tool people install specifically to improve the security of their pipelines. A backdoored version doesn’t just compromise one project; it rides trusted infrastructure into every build pipeline it touches, with

The report can be found here: Checkmarx Jenkins Plugin Backdoored in New TeamPCP Supply Chain Attack

Leave a comment »

Other World Computing to Showcase Mac and PC Storage, Connectivity, and Expansion Solutions at COMPUTEX TAIPEI

Posted in Commentary with tags on May 11, 2026 by itnerd

Other World Computing today announced it will showcase its unrivaled roster of storage, memory, software, apps, connectivity, PCIe expansion, memory cards, and readers at next month’s COMPUTEX TAIPEI, a leading exhibition for AI and startups, taking place June 2-5, at the Taipei Nangang Exhibition Center (Halls 1 & 2) and Taipei World Trade Center (Hall 1).

Visitors to OWC Booth R1002, 4F, Nangang Hall 2 will have an opportunity to view live demos of the following OWC solutions: 

OWC Storage Solutions

  • OWC Envoy Ultra First, fastest, and only certified 8TB Thunderbolt™ 5 portable SSD 
  • OWC ThunderBlade X12Fastest and highest capacity production shuttle and editing RAID SSD in the universe.
  • OWC Express 1M2 80G: Ultra-fast, compatible, and reliable portable USB4 NVMe SSD – build your own or choose ready-to-run solutions.
  • OWC Guardian: USB 3.2 (10Gb/s) hardware-encrypted bus-powered portable NVMe SSD. 
  • OWC Express 4M2 Ultra: The fastest compact DIY NVMe RAID. Period. 
  • OWC StudioStack: Up to 32TB of stackable Thunderbolt 5-powered storage.

OWC Shared Storage Solutions

  • OWC Jellyfish NomadNVMe SSD powerhouse designed for DITs, independent 3D and VFX studios, and on-the-go editing teams, featuring the powerfully enhanced OWC Jellyfish Manager.
  • OWC Memory (Server, Datacenter, Midrange, NAS RAM, Notebook, and PC): Upgrade the performance of nearly any laptop or desktop with OWC memory.

OWC Software & Apps

  • OWC Innergize Software: Checks card health and lifespan, updates firmware for optimal performance, fully sanitizes cards to prevent slowdowns or dropped frames, and prepares them for use with a simple pre-flight check before every shoot.
  • OWC SoftRAID 8: Ideal solution to manage your RAID arrays while delivering robust protection coupled with exceptional speed.
  • OWC MacDrive 12: One solution for complete Mac disk access on Windows.

OWC Connectivity Solutions

OWC PCIe Expansion

  • OWC Mercury Helio 5S: Powerful expansion solution that adds an external PCIe slot to your Thunderbolt 3-equipped laptop, space-constrained Mac, or Windows PC desktop.

OWC Memory Cards & Readers

Strada

Strada’s Peer-to-Peer Collaboration Platform: enables video content professionals to access, share, and review large video files stored on local drives anywhere in the world without needing to upload anything to the cloud.

To learn more about COMPUTEX TAIPEI, please visit: https://www.computextaipei.com.tw/en/index.html.

Leave a comment »

European Football Alliance Expands North American Reach Through Distribution Agreement with Fubo

Posted in Commentary with tags on May 11, 2026 by itnerd

The European Football Alliance (EFA) today announced a new content distribution agreement with Fubo Sports Network, the owned-and-operated FAST (free ad-supported streaming TV) channel from FuboTV significantly expanding the league’s visibility and accessibility across the United States and Canada.

Launching its inaugural season in May 2026, the EFA is dedicated to elevating the quality, visibility, and stability of American football across Europe. The league features six elite European American football franchises, including the Frankfurt Galaxy, Munich Ravens, Paris Musketeers, Prague Lions, Raiders Tirol, and Nordic Storm with plans to expand next year.

Under the agreement, EFA will deliver live game broadcasts and original programming to Fubo’s sports-focused FAST channel, including a minimum of 18 live games beginning in May for the 2026 season, alongside highlights, shoulder programming, and video-on-demand content.

The partnership enables EFA to reach millions of North American sports fans through Fubo Sports Network’s distribution via linear streaming platforms, on-demand viewing experiences, and over-the-air (OTA) stations in more than 100 U.S. markets.

European Football Alliance will stream on Fubo Sports Network, available for free on Amazon Prime Video, Hulu + Live TV, LG Channels, Samsung TV Plus, Sling Freestream, The Roku Channel, VIZIO WatchFree+, Tubi, Plex, TCL Channels, TCL Live TV, and Tablo TV. Fubo Sports Network is also available as part of DAZN’s subscription packages and Fubo’s subscription packages that aggregate more than 400 live sports, news, and entertainment networks.

Leave a comment »

Guest Post: Your Privacy Shield Is Paper-Thin. You’ll Need to Save Yourself

Posted in Commentary with tags on May 11, 2026 by itnerd

By Jurgita Lapienytė, Chief Editor at Cybernews

Under the excuse of keeping United States Immigration and Customs Enforcement (ICE) employees safe, the Department of Homeland Security (DHS) invades your privacy.

Maybe it hasn’t happened to you — or you’re unaware it has — but if you’ve been critical of ICE on social media, DHS has likely requested your personal data from platforms like Meta or Google, including your contact details and physical location.

Reportedly, the DHS has issued hundreds of administrative subpoenas to Google, Reddit, Discord, and Meta, all seeking identification of people who have publicly criticized ICE. Wired recently reported on a case involving a Canadian man who got under the spotlight after Google revealed that the DHS had requested his location, activity logs, and other information.

The DHS issued a custom summons request [which they asked Google not to disclose,] which is used to investigate issues related to illegal imports. Notably, the man hasn’t been to the US for over a decade, and has been criticizing the Trump administration after federal agents killed Renee Good and Alex Pretti.

Now, if Google were to be trusted, insisting that their “processes for handling law enforcement requests are designed to protect users’ privacy while meeting our legal obligations,” we might all sleep soundly. But we shouldn’t.

But the scary part is that Google and other platforms HAVE all that information that the government could use against its people: email addresses, phone numbers, home addresses, activity logs, and whereabouts, among other sensitive data. Remember when ProtonMail, the European tech company praised for its privacy focus, shared an IP address of an activist with authorities, claiming it had no legal grounds to resist the request? This disclosure led to the activist’s arrest on criminal charges by French police and tarnished the reputation of the Swiss tech company. Unfortunately, it wasn’t an isolated incident for Proton.

We may choose to trust that companies will do their best to protect our data, since their reputation and profits depend on it. But we cannot always trust governments to protect us. It seems that federal agencies have been issuing custom summons with increasing frequency, raising suspicion about why they need data such as surveillance video from an abortion provider in Illinois or information from a Lutheran organization that provides refugees with humanitarian and housing support.

Don’t rely on corporate promises. The government can make sure they fail to deliver. Instead, take back control of your data and your safety.

How?

  • Switching to privacy-focused tech options. Ditch Google, TikTok, Meta apps, forget data-harvesting and simply malicious browser extensions. May I suggest even exploring some European tech alternatives built with privacy in mind?
  • Go analogue sometimes. Consider going on some adventures without any device. If you have your phone with you, your location is traceable, and you aren’t also mute.
  • Opt out of personalization. Decline cookies, block ads, hide your location. That hyperpersonalization isn’t created for you — it’s designed so advertisers can know you better.
  • Above all, be polite online. Exercising your free speech should not mean hate speech, doxxing and endangering federal agents or any other human beings.

ABOUT THE AUTHOR 

Jurgita Lapienytė is the Editor-in-Chief at Cybernews, where she leads a team of journalists and security experts dedicated to uncovering cyber threats through research, testing, and data-driven reporting. With a career spanning over 15 years, she has reported on major global events, including the 2008 financial crisis and the 2015 Paris terror attacks, and has driven transparency through investigative journalism. A passionate advocate for cybersecurity awareness and women in tech, Jurgita has interviewed leading cybersecurity figures and amplifies underrepresented voices in the industry. Recognized as the Cybersecurity Journalist of the Year and featured in Top Cyber News Magazine’s 40 Under 40 in Cybersecurity, she is a thought leader shaping the conversation around cybersecurity. Jurgita has been quoted internationally – by Metro UK,  The Epoch Times, Extra Bladet, Computer Bild, and more. Her team reports on proprietary research highlighted in such outlets as the BBC, Forbes, TechRadar, Daily Mail, Fox News, Yahoo, and much more.

Leave a comment »

The FCC Will Allow Foreign Made Routers To Get Firmware Updates

Posted in Commentary with tags on May 10, 2026 by itnerd

You might recall that the FCC made the absolutely stupid decision of banning foreign made routers that are consumer grade. One thing that I missed while writing that story is that by March of next year, any routers that are already out there would be prohibited from getting security updates. That’s straight up a #fail because if this exposes anyone who has a router to getting pwned once updates stop. Which is what this this scheme is meant to protect Americans against.

Well I guess the FCC got a clue because it appears that they have reversed course on this according to Tom’s Hardware:

The Federal Communications Commission announced on Friday, May 8, through its Office of Engineering and Technology (OET), that it was extending temporary waivers allowing certain foreign-produced drones, drone components, and consumer routers to continue receiving software and firmware updates in the United States.

In late 2025 and early 2026, the FCC added these categories of equipment to its “Covered List,” which effectively blocked already-authorized devices from receiving post-approval software and firmware modifications. The agency subsequently issued waivers permitting critical security and functionality updates to continue through January 1, 2027, for drones and drone components, and through March 1, 2027, for consumer routers.

Under the updated waiver, manufacturers of affected devices will now be allowed to continue issuing software and firmware updates until at least January 1, 2029, provided the devices had already been authorized for use in the U.S. before being added to the FCC’s “Covered List.” The extension also broadens the waiver to include certain Class II permissive changes involving software and firmware updates intended to mitigate consumer harm.

At least they have come to their senses on this front. But this is still a dumb idea. If the FCC thinks that router companies will magically teleport their manufacturing to the US and that will somehow make routers safer, they are mistaken. But I guess this is one of these things that the FCC will find out the hard way.

Leave a comment »

Instagram No Longer Has End To End Encryption For Direct Messaging

Posted in Commentary with tags on May 9, 2026 by itnerd

In a very odd and strange move, Instagram as of yesterday has killed end to end encryption for direct messages. That basically means that anyone can see what you say to other people. For those who are not aware, since 2023 Instagram has had this feature. But they quietly updated a help page to document that they were removing this feature.

So, why are they doing this? I do know that law enforcement has been wanting companies like Instagram to pull this feature to make their investigations easier. So that’s one possibility. Or it could be the fact that Take It Down Act is about to take effect. This act is aimed at combating the publication of non-consensual intimate images, including deepfakes. The law requires online platforms to remove such content within 48 hours of a valid request from the victim and imposes criminal penalties for the publication of these images. Or the cynic in me says that it could be to make it easier for Meta which is Instagram’s parent company to use your data to train its various AI products.

Regardless, I guess if you want to use a Meta product to message someone securely, you could use WhatsApp I suppose.

Leave a comment »

EVENT RECAP: Local Vancouvers volunteers stepped up for families in need

Posted in Commentary with tags on May 9, 2026 by itnerd

Here’s an event recap and photos from this past Saturday’s volunteer event atBabyGoRound in Vancouver, where TELUS team members took part in the 21st annualTELUS Days of Giving.

The initiative brought together volunteers to sort, safety-check and package essential baby gear and clothing for local families. These efforts help ensure parents have access to critical items needed to safely care for their children, while also supporting BabyGoRound’s broader mission to reduce isolation and build community connections for families across the Lower Mainland.

BabyGoRound is a B.C.-based organization dedicated to ensuring every family has what they need to safely and confidently care for their babies. Beyond providing essential gear, the organization fosters connection and community for parents—many of whom are newcomers or experiencing isolation—through workshops and ongoing support programs. Last year alone,BabyGoRound supported more than 2,700 families, impacting nearly 7,400 parents and children across 20 communities from Pemberton to Hope. Following support, 94 per cent of families report a significant reduction in financial stress, while 96 per cent say they feel more connected to their community—highlighting the program’s role in both immediate relief and longer-term wellbeing. The organization works with a network of more than 220 referral agencies, including healthcare providers and social services, to reach families most in need.

TELUS Days of Giving, one of the world’s largest corporate volunteer movements, mobilizes more than 100,000 volunteers across 30+ countries to give back in communities worldwide. Last year, 90,000 volunteers gave back in 34 countries, marking the third consecutive year TELUS team members and retirees contributed 1.5 million volunteer hours globally.

Leave a comment »

Hisense Unveils XR10: The Apex Projector, Bringing Cinema into Every Home 

Posted in Commentary with tags on May 8, 2026 by itnerd

Hisense, a leading global brand in consumer electronics and home appliances, has unveiled the XR10, a premium laser projector designed to deliver true cinematic immersion at home. XR10 combines powerful performance with refined design, bringing a big-screen experience into everyday life — whether for movies, gaming or shared family moments.

With 6,000 ANSI lumens, XR10 ensures bright, vivid visuals even in well-lit spaces, so users can enjoy clear, lifelike images from morning news to late-night movies — no need to dim the room. Its industry-widest 0.84–2.0:1 optical zoom and 4K Lossless lens shift (±130% vertical, ±46% horizontal) make setup effortless, projecting perfectly aligned images up to 300 inches, turning any wall into a truly cinematic canvas that adapts naturally to different room layouts.

An advanced Iris Lens boosts viewing contrast up to 60,000:1, automatically adapting to each scene — revealing subtle details in shadow and adding depth and intensity to every highlight, so stories feel more immersive and emotionally engaging, whether you’re watching a blockbuster or a quiet drama.

The experience is further elevated with sound co-engineered with Devialet | Opéra de Paris, creating rich, room-filling audio that brings viewers closer to the action. Powered by Auto Magic AI Adjusting 3.0, along with QuadCam and ToF Smart Sense, XR10 intelligently optimizes picture quality and alignment in real time, enabling a truly effortless plug-and-play experience. An advanced liquid cooling system ensures stable, consistent performance, even during extended viewing sessions, maintaining brightness and image quality over time.

Building on its broader display innovation strategy, Hisense continues to expand large-screen solutions across both home cinema and living room environments. With XR10, Hisense brings cinema closer, more immersive and seamlessly integrated into everyday life, transforming how people experience content at home.

For more information, please visit hisense-canada.com

Leave a comment »

Cybersecurity expert explains Instagram’s bot purge and what users should do next

Posted in Commentary with tags , on May 8, 2026 by itnerd

This week, Instagram users woke up to something that is already being called The Great Purge of 2026, as the platform reportedly removed millions of fake user accounts, affecting many platform users’ follower numbers, including famous influencers and celebrities.

However, this isn’t an isolated event. Major social media platforms are constantly struggling to maintain the authenticity of their user bases. To put this in perspective, recent research from Surfshark shows that the most popular social media platforms collectively remove about 6.3 billion fake accounts and 11.1 billion pieces of spam content every year.

Tomas Stamulis, Chief Security Officer at Surfshark, shared his insights into the situation:

“While I’m convinced that the vast majority of fake accounts removed in Instagram’s latest purge were bots, I’m also sure that many legitimate users were caught in the crossfire. With the rapid evolution of AI, creating and managing bots that mimic human behavior has become incredibly simple. Instagram, being a highly visual platform, is particularly susceptible to this, as AI can easily fake engagement without the need for the complex, context-aware interactions you might see on platforms like LinkedIn.”

Stamulis notes that a purge of this scale wouldn’t be possible without the help of artificial intelligence and notes that while AI can really help with a bot problem, some legitimate accounts might be misidentified as bots in the process.

“No AI system is without its flaws, and a purge of this scale inevitably means that legitimate users get flagged as bots. A fundamental drawback of any AI system lies in its reliance on the data it was trained on. If the training data is biased or certain legitimate behaviors are underrepresented, the AI can misinterpret the actions of real users as inauthentic. For instance, if an individual consistently follows a large number of new accounts in a short period due to a niche interest or an event, the AI might interpret this as bot-like behavior, when in reality, it’s an authentic user action. These ‘false positives’ can lead not only to temporary inconvenience but also to lost revenue for businesses or damaged reputations for creators.”

If your legitimate Instagram account was impacted by the recent Instagram bot purge, a cybersecurity expert shared a few tips:

“First, immediately document everything by taking screenshots of your profile, follower count, and any notifications or error messages, as this evidence is crucial for your appeal. While going through Instagram’s official appeal process, avoid third-party services, as these can also be flagged as bot behavior. Be clear, concise, and human in your language, explaining your situation.”

Leave a comment »

SOCRadar positioned as a Leader and Emerging Innovator in the SPARK Matrix: Digital Threat Intelligence Management, 2026 by QKS Group

Posted in Commentary with tags on May 7, 2026 by itnerd

QKS Group announced today that it has named SOCRadar as a leader in theSPARK Matrix™: Digital Threat Intelligence Management, 2026.

QKS Group defines Digital Threat Intelligence Management as technology that offers unified insight into external threats to organizational digital-facing assets. The technology aggregates and processes threat intelligence from multiple sources and provides comprehensive information about threat actors to enable improved investigation, threat hunting, and cyber defense.

SOCRadar differentiates itself within the DTIM landscape through a comprehensive, intelligence-driven platform that unifies digital risk protection, threat intelligence, and external attack surface management under a single operational framework. Its ability to correlate threat actor activity, brand exposure, dark web intelligence, and asset-level vulnerabilities provides organizations with enriched, contextual visibility beyond traditional threat monitoring. By integrating automation, analyst-ready insights, and continuous monitoring across deep and dark web, social media, and open sources, the platform enables faster threat prioritization and response. Supported by a globally scalable delivery model and localized intelligence coverage, SOCRadar allows enterprises to proactively mitigate external threats, strengthen digital resilience, and streamline security operations without increasing tool sprawl or operational complexity.

The QKS Group SPARK Matrix™ includes a detailed analysis of the global market dynamics, major trends, vendor landscape, and competitive positioning. The study also provides a competitive analysis and ranking of the Digital Threat Intelligence Management, 2025 providers in the form of the SPARK Matrix™. The study also provides strategic information for users to evaluate different vendor capabilities, competitive differentiation, and market positions.

Additional Resources:

Leave a comment »

« Older Entries