Main Menu
Cyber Security
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
Checkmarx Jenkins Plugin Backdoored in TeamPCP Supply Chain
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
Five Malicious NuGet Packages Target Chinese .NET Developers
QLNX Fileless Linux RAT Combines eBPF Rootkit, PAM Backdoor
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield
Google GTIG Documents First AI-Generated Zero-Day Exploit
Apache CVE-2026-23918: HTTP/2 Double-Free Enables RCE on Debian
SailPoint GitHub Repositories Breached via Third-Party App Flaw
TrickMo Android Banker Routes C2 Traffic Through TON Blockchain
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
JDownloader Website Hacked to Serve Python RAT Malware
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
RansomHouse Breaches Trellix; Source Code Repositories Accessed
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
cPanel and WHM Patch Three CVEs, Two Rated High Severity
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Fake Claude AI Site Delivers New Beagle Windows Backdoor
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Cybersecurity
WEF: 94% of Organizations Name AI as Top Cybersecurity Change Driver
Mitchell Langley May 12, 2026
A WEF report finds 94% of enterprise security leaders call AI the top change driver, but warns data quality gaps risk producing false alerts and ...
CVE Vulnerability Alerts
Dirty Frag CVE-2026-43284 Exploited in Wild, Linux Patches Out
Mitchell Langley May 12, 2026
Microsoft Defender confirmed limited in-the-wild exploitation of Dirty Frag CVE-2026-43284 in Linux, a deterministic LPE chain targeting xfrm-ESP and RxRPC page caches. Patches available for ...
Cybersecurity
FCC Extends Foreign Router Update Window to 2029 Amid Volt Typhoon
Gabby Lee May 12, 2026
The FCC extended security update support for banned Chinese-made routers to 2029, citing Volt Typhoon threat concerns and risk of unpatched network devices.
Cybersecurity
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
Gabby Lee May 12, 2026
Skoda Auto disclosed a breach of its online shop portal that exposed customer names, addresses, email addresses, and password hashes to unauthorized access.
Cybersecurity
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
Mitchell Langley May 12, 2026
SOCRadar uncovered Operation HookedWing, a 4-year credential-harvesting campaign that compromised 2,000+ accounts across 500+ organizations in aviation, energy, government, and critical infrastructure using GitHub-hosted phishing ...
Application Security
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
Gabby Lee May 12, 2026
cPanel released a second emergency patch in ten days — CVE-2026-29202 and CVE-2026-29203 enable code execution — as Sorry ransomware hits 44,000 servers.
Application Security
Checkmarx Jenkins Plugin Backdoored in TeamPCP Supply Chain
Gabby Lee May 12, 2026
TeamPCP backdoored the Checkmarx Jenkins AST scanner plugin in a third supply chain wave, following March Trivy and April KICS attacks. Version 2026.5.09 was compromised; ...
Cybersecurity
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
Mitchell Langley May 12, 2026
A Taiwan university student used cheap radio equipment to replay TETRA signals, disabling the island's high-speed rail network for nearly an hour in 2026.
Application Security
Five Malicious NuGet Packages Target Chinese .NET Developers
Mitchell Langley May 12, 2026
Socket discovered five NuGet packages typosquatting Chinese .NET UI libraries — IR.DantUI, IR.OscarUI, and three more — amassing 65,000 downloads while stealing credentials from 12 ...
Cybersecurity
QLNX Fileless Linux RAT Combines eBPF Rootkit, PAM Backdoor
Gabby Lee May 12, 2026
QLNX is a fileless Linux RAT using eBPF rootkit and PAM backdoor to steal npm, PyPI, AWS, and GitHub tokens from developer hosts with near-zero ...
Cybersecurity
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield
Andrew Doyle May 12, 2026
Cushman & Wakefield confirmed a vishing-enabled breach after ShinyHunters and Qilin ransomware listed the firm separately. ShinyHunters published a 50GB Salesforce dataset after the May ...
Application Security
Google GTIG Documents First AI-Generated Zero-Day Exploit
Gabby Lee May 12, 2026
Google's Threat Intelligence Group confirmed the first AI-generated zero-day exploit, targeting 2FA logic in an open-source web admin tool via LLM-written code.
Application Security
Apache CVE-2026-23918: HTTP/2 Double-Free Enables RCE on Debian
Mitchell Langley May 12, 2026
Apache patched CVE-2026-23918 (CVSS 8.8), a double-free in mod_http2 that enables RCE on Debian-default Linux servers. Fix ships in Apache HTTP Server 2.4.67.
Application Security
SailPoint GitHub Repositories Breached via Third-Party App Flaw
Mitchell Langley May 12, 2026
SailPoint disclosed unauthorized access to its GitHub repositories through a third-party app vulnerability on April 20, 2026, exposing source code data.
Cybersecurity
TrickMo Android Banker Routes C2 Traffic Through TON Blockchain
Andrew Doyle May 12, 2026
ThreatFabric identified Trickmo.C, a TrickMo Android banking trojan routing C2 through TON blockchain with SSH tunneling, SOCKS5, and NFC capabilities targeting European banking users.
Application Security
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
Gabby Lee May 11, 2026
CVE-2026-7482, dubbed 'Bleeding Llama,' exposes 300,000+ Ollama AI servers to heap memory leaks via a crafted GGUF file. Patch to version 0.17.1 is available.
Application Security
JDownloader Website Hacked to Serve Python RAT Malware
Mitchell Langley May 11, 2026
Unknown attackers compromised the official JDownloader website and replaced legitimate Windows and Linux installers with a Python-based remote access trojan.
Cybersecurity
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
Andrew Doyle May 11, 2026
NVIDIA confirmed a GeForce NOW data breach via Armenian partner GFN.am, exposing names, emails, and phone numbers of users registered before March 9, 2026.
Cybersecurity
RansomHouse Breaches Trellix; Source Code Repositories Accessed
Mitchell Langley May 11, 2026
Trellix confirmed unauthorized access to its source code repositories after RansomHouse posted photographic evidence of the breach. Law enforcement has been notified.
Application Security
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
Andrew Doyle May 11, 2026
A fraudulent OpenAI repository reached Hugging Face's trending list while distributing infostealing malware targeting credentials and access tokens.
Cybersecurity
WEF: 94% of Organizations Name AI as Top Cybersecurity Change Driver
Mitchell Langley May 12, 2026
Cybersecurity
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
Gabby Lee May 12, 2026
Application Security
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
Gabby Lee May 12, 2026
Cybersecurity
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield
Andrew Doyle May 12, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
Cybersecurity
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
Application Security
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
Application Security
Checkmarx Jenkins Plugin Backdoored in TeamPCP Supply Chain

This Week’s Security Spotlight

Cybersecurity
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
Andrew Doyle May 11, 2026
Application Security
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
Andrew Doyle May 11, 2026
Cybersecurity
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
Gabby Lee May 11, 2026
Kaspersky DAEMON Tools Backdoored in Supply Chain Attack
Cybersecurity
Kaspersky: DAEMON Tools Backdoored in Supply Chain Attack
Mitchell Langley May 6, 2026
More In News
Trending
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
Fake Claude AI Site Delivers New Beagle Windows Backdoor
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Microsoft: AiTM Phishing Hit 35,000 Users in 26 Countries

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Cybersecurity
WEF: 94% of Organizations Name AI as Top Cybersecurity Change Driver
May 12, 2026
CVE Vulnerability Alerts
Dirty Frag CVE-2026-43284 Exploited in Wild, Linux Patches Out
May 12, 2026
Cybersecurity
FCC Extends Foreign Router Update Window to 2029 Amid Volt Typhoon
May 12, 2026
Cybersecurity
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
May 12, 2026
Cybersecurity
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
May 12, 2026
Application Security
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
May 12, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
May 12, 2026
Skoda Auto disclosed a breach of its online shop portal that exposed customer names, addresses, email addresses, and password hashes to unauthorized access.
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
May 12, 2026
SOCRadar uncovered Operation HookedWing, a 4-year credential-harvesting campaign that compromised 2,000+ accounts across 500+ organizations in aviation, energy, government, and critical infrastructure using GitHub-hosted phishing ...
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
May 12, 2026
cPanel released a second emergency patch in ten days — CVE-2026-29202 and CVE-2026-29203 enable code execution — as Sorry ransomware hits 44,000 servers.
Checkmarx Jenkins Plugin Backdoored in TeamPCP Supply Chain
May 12, 2026
TeamPCP backdoored the Checkmarx Jenkins AST scanner plugin in a third supply chain wave, following March Trivy and April KICS attacks. Version 2026.5.09 was compromised; ...
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
May 12, 2026
A Taiwan university student used cheap radio equipment to replay TETRA signals, disabling the island's high-speed rail network for nearly an hour in 2026.
Five Malicious NuGet Packages Target Chinese .NET Developers
May 12, 2026
Socket discovered five NuGet packages typosquatting Chinese .NET UI libraries — IR.DantUI, IR.OscarUI, and three more — amassing 65,000 downloads while stealing credentials from 12 ...
QLNX Fileless Linux RAT Combines eBPF Rootkit, PAM Backdoor
May 12, 2026
QLNX is a fileless Linux RAT using eBPF rootkit and PAM backdoor to steal npm, PyPI, AWS, and GitHub tokens from developer hosts with near-zero ...
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield
May 12, 2026
Cushman & Wakefield confirmed a vishing-enabled breach after ShinyHunters and Qilin ransomware listed the firm separately. ShinyHunters published a 50GB Salesforce dataset after the May ...
Google GTIG Documents First AI-Generated Zero-Day Exploit
May 12, 2026
Google's Threat Intelligence Group confirmed the first AI-generated zero-day exploit, targeting 2FA logic in an open-source web admin tool via LLM-written code.
Apache CVE-2026-23918: HTTP/2 Double-Free Enables RCE on Debian
May 12, 2026
Apache patched CVE-2026-23918 (CVSS 8.8), a double-free in mod_http2 that enables RCE on Debian-default Linux servers. Fix ships in Apache HTTP Server 2.4.67.
SailPoint GitHub Repositories Breached via Third-Party App Flaw
May 12, 2026
SailPoint disclosed unauthorized access to its GitHub repositories through a third-party app vulnerability on April 20, 2026, exposing source code data.
TrickMo Android Banker Routes C2 Traffic Through TON Blockchain
May 12, 2026
ThreatFabric identified Trickmo.C, a TrickMo Android banking trojan routing C2 through TON blockchain with SSH tunneling, SOCKS5, and NFC capabilities targeting European banking users.
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
May 11, 2026
CVE-2026-7482, dubbed 'Bleeding Llama,' exposes 300,000+ Ollama AI servers to heap memory leaks via a crafted GGUF file. Patch to version 0.17.1 is available.
JDownloader Website Hacked to Serve Python RAT Malware
May 11, 2026
Unknown attackers compromised the official JDownloader website and replaced legitimate Windows and Linux installers with a Python-based remote access trojan.
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
May 11, 2026
NVIDIA confirmed a GeForce NOW data breach via Armenian partner GFN.am, exposing names, emails, and phone numbers of users registered before March 9, 2026.
RansomHouse Breaches Trellix; Source Code Repositories Accessed
May 11, 2026
Trellix confirmed unauthorized access to its source code repositories after RansomHouse posted photographic evidence of the breach. Law enforcement has been notified.
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
May 11, 2026
A fraudulent OpenAI repository reached Hugging Face's trending list while distributing infostealing malware targeting credentials and access tokens.
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
May 11, 2026
Attackers chain Google sponsored ads with fake Claude.ai chat sessions to deliver MacSync, a macOS infostealer harvesting Keychain contents and browser credentials.
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator
May 11, 2026
German and Spanish authorities shut down the relaunched Crimenetwork dark web marketplace and arrested its 35-year-old German operator in Mallorca under a European arrest warrant.
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
May 11, 2026
Researchers identify TCLBanker, a Brazilian banking trojan targeting 59 financial platforms that self-propagates by sending malicious messages through victims' WhatsApp and Outlook accounts.
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
Checkmarx Jenkins Plugin Backdoored in TeamPCP Supply Chain
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
Five Malicious NuGet Packages Target Chinese .NET Developers
QLNX Fileless Linux RAT Combines eBPF Rootkit, PAM Backdoor
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield
Google GTIG Documents First AI-Generated Zero-Day Exploit
Apache CVE-2026-23918: HTTP/2 Double-Free Enables RCE on Debian
SailPoint GitHub Repositories Breached via Third-Party App Flaw
TrickMo Android Banker Routes C2 Traffic Through TON Blockchain
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
JDownloader Website Hacked to Serve Python RAT Malware
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
RansomHouse Breaches Trellix; Source Code Repositories Accessed
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks