Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
May 6, 2026
Trend Micro on May 5, 2026 disclosed QLNX (Quasar Linux), a Linux implant targeting software developers with a 58-command shell,
Application Security
Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
Trend Micro on May 5, 2026 disclosed QLNX (Quasar Linux), a Linux implant targeting software developers with a 58-command shell, dual-layer eBPF rootkit, and 7 ...
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
CVE-2026-29014 in MetInfo CMS 7.9–8.1 is being actively exploited since April 25, 2026 via unauthenticated PHP injection achieving full server control. Patched April 7; ~2,000 ...
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67
CVE-2026-23918 is a CVSS 8.8 double-free in Apache HTTP Server 2.4.66 mod_http2, causing DoS on default deployments and RCE on Debian and Docker installations. Fixed ...
cPanel CVE-2026-41940 Exploited Within 24 Hours, Ransomware Deployed
CVE-2026-41940, a critical cPanel authentication bypass, is being actively exploited by multiple actors deploying ransomware and C2 tools against governments and MSPs across five countries.
11 Million Downloads, One Poisoned Version: PyTorch’s Close Call
Attackers compromised PyTorch Lightning 2.6.3 on PyPI with ShaiWorm credential stealer, targeting cloud API keys, browser credentials, and AWS/Azure/GCP tokens.
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
Attackers compromised DigiCert support staff via a chat-delivered screenshot, used their access to obtain code-signing certificates, and signed Zhong Stealer malware.
Five Intelligence Agencies Agree: Slow Down Your AI Agents
The Five Eyes alliance issued its first joint advisory on agentic AI security, warning that autonomous AI systems introduce novel attack surfaces enterprises are not ...
WhatsApp Patches Flaws That Let Hackers Hide Malware in Plain Sight
Meta patched WhatsApp file type spoofing and URL scheme vulnerabilities that could disguise malicious executables as benign files and redirect users to attacker-controlled resources.
Debug Mode Left Open: Enterprise Platform Hit With Unauthenticated RCE
CVE-2026-22679, a critical unauthenticated RCE in Weaver E-cology, has been actively exploited since March — weeks before public disclosure reached defenders.
One Zero-Day, 40,000 Servers: The cPanel Mass-Compromise
A critical cPanel authentication bypass zero-day exploited for two months before disclosure compromised 40,000+ servers and targeted governments in Southeast Asia.
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
May 6, 2026
CVE-2026-29014 in MetInfo CMS 7.9–8.1 is being actively exploited since April 25, 2026 via unauthenticated PHP injection achieving full server
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67
May 6, 2026
CVE-2026-23918 is a CVSS 8.8 double-free in Apache HTTP Server 2.4.66 mod_http2, causing DoS on default deployments and RCE on
cPanel CVE-2026-41940 Exploited Within 24 Hours, Ransomware Deployed
May 6, 2026
CVE-2026-41940, a critical cPanel authentication bypass, is being actively exploited by multiple actors deploying ransomware and C2 tools against governments
11 Million Downloads, One Poisoned Version: PyTorch’s Close Call
May 5, 2026
Attackers compromised PyTorch Lightning 2.6.3 on PyPI with ShaiWorm credential stealer, targeting cloud API keys, browser credentials, and AWS/Azure/GCP tokens.
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
May 5, 2026
Attackers compromised DigiCert support staff via a chat-delivered screenshot, used their access to obtain code-signing certificates, and signed Zhong Stealer
Five Intelligence Agencies Agree: Slow Down Your AI Agents
May 5, 2026
The Five Eyes alliance issued its first joint advisory on agentic AI security, warning that autonomous AI systems introduce novel
WhatsApp Patches Flaws That Let Hackers Hide Malware in Plain Sight
May 5, 2026
Meta patched WhatsApp file type spoofing and URL scheme vulnerabilities that could disguise malicious executables as benign files and redirect
Debug Mode Left Open: Enterprise Platform Hit With Unauthenticated RCE
May 5, 2026
CVE-2026-22679, a critical unauthenticated RCE in Weaver E-cology, has been actively exploited since March — weeks before public disclosure reached
One Zero-Day, 40,000 Servers: The cPanel Mass-Compromise
May 5, 2026
A critical cPanel authentication bypass zero-day exploited for two months before disclosure compromised 40,000+ servers and targeted governments in Southeast
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.