Main Menu
Cyber Security
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
What Is Dropper Malware and How Does It Evade Detection
TVING Data Breach Triggers South Korean Government Probe
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
DNS Tunneling: How Attacks Work, Detection, and Prevention
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
Supreme Court Upholds $200M FCC Fines on AT&T and Verizon
FTC Seeks Public Comment on X Corp Bid to Void Twitter Settlement
CISA Orders Patch for Linux Container Escape CVE-2022-0492
Cybersecurity
TrickMo Android Banker Routes C2 Traffic Through TON Blockchain
Andrew Doyle May 12, 2026
ThreatFabric identified Trickmo.C, a TrickMo Android banking trojan routing C2 through TON blockchain with SSH tunneling, SOCKS5, and NFC capabilities targeting European banking users.
Application Security
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
Gabby Lee May 11, 2026
CVE-2026-7482, dubbed 'Bleeding Llama,' exposes 300,000+ Ollama AI servers to heap memory leaks via a crafted GGUF file. Patch to version 0.17.1 is available.
Application Security
JDownloader Website Hacked to Serve Python RAT Malware
Mitchell Langley May 11, 2026
Unknown attackers compromised the official JDownloader website and replaced legitimate Windows and Linux installers with a Python-based remote access trojan.
Cybersecurity
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
Andrew Doyle May 11, 2026
NVIDIA confirmed a GeForce NOW data breach via Armenian partner GFN.am, exposing names, emails, and phone numbers of users registered before March 9, 2026.
Cybersecurity
RansomHouse Breaches Trellix; Source Code Repositories Accessed
Mitchell Langley May 11, 2026
Trellix confirmed unauthorized access to its source code repositories after RansomHouse posted photographic evidence of the breach. Law enforcement has been notified.
Application Security
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
Andrew Doyle May 11, 2026
A fraudulent OpenAI repository reached Hugging Face's trending list while distributing infostealing malware targeting credentials and access tokens.
Cybersecurity
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
Gabby Lee May 11, 2026
Attackers chain Google sponsored ads with fake Claude.ai chat sessions to deliver MacSync, a macOS infostealer harvesting Keychain contents and browser credentials.
Cybersecurity
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator
Gabby Lee May 11, 2026
German and Spanish authorities shut down the relaunched Crimenetwork dark web marketplace and arrested its 35-year-old German operator in Mallorca under a European arrest warrant.
Cybersecurity
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
Mitchell Langley May 11, 2026
Researchers identify TCLBanker, a Brazilian banking trojan targeting 59 financial platforms that self-propagates by sending malicious messages through victims' WhatsApp and Outlook accounts.
Application Security
cPanel and WHM Patch Three CVEs, Two Rated High Severity
Andrew Doyle May 11, 2026
cPanel patched two CVSS 8.8 flaws including Perl code execution in WHM, as the 40,000-server CVE-2026-41940 campaign remains active.
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Application Security
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Andrew Doyle May 8, 2026
Researchers disclosed 12 critical vulnerabilities in the widely-used vm2 Node.js sandbox library, all enabling sandbox escape and arbitrary code execution on the host system.
Fake Claude AI Site Delivers New Beagle Windows Backdoor
Cybersecurity
Fake Claude AI Site Delivers New Beagle Windows Backdoor
Gabby Lee May 8, 2026
A malicious website impersonating Claude AI distributes a new, previously undocumented Windows backdoor named Beagle to users seeking to download the AI assistant application.
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
Application Security
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
Mitchell Langley May 8, 2026
Security researchers from Adversa AI and Mitiga disclosed a one-click RCE, silent MCP OAuth token hijacking, and a Chrome extension prompt injection vulnerability in Claude ...
Dirty Frag Zero-Day Grants Root Access on Most Linux Distributions
Cybersecurity
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Andrew Doyle May 8, 2026
A critical unpatched Linux kernel privilege escalation flaw dubbed Dirty Frag lets local attackers gain root via a single command across major distributions.
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Cybersecurity
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Mitchell Langley May 8, 2026
Fashion retailer Zara confirmed a data breach affecting over 197,000 customers after hackers accessed databases containing personal information from Inditex systems.
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
CVE Vulnerability Alerts
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Gabby Lee May 8, 2026
State-sponsored actors exploited CVE-2026-0300, a critical CVSS 9.3 RCE flaw in PAN-OS, for roughly one month before disclosure. CISA deadline is May 9.
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
Application Security
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
Gabby Lee May 8, 2026
Ivanti disclosed CVE-2026-6973, an actively exploited RCE vulnerability in EPMM 12.8.0.0 and earlier. CISA set a May 10 federal remediation deadline.
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
Application Security
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
Andrew Doyle May 8, 2026
Three PyPI packages with 2,400+ combined downloads delivered ZiChatBot malware to developer machines, abusing Zulip's REST API as a covert C2 channel with code links ...
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Cybersecurity
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Gabby Lee May 8, 2026
Researchers discovered TCLBanker, a banking trojan hidden in trojanized Logitech software installers, stealing credentials from 59 banking and cryptocurrency platforms.
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
Application Security
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
Mitchell Langley May 8, 2026
Researchers identified a Linux variant of Quasar RAT targeting developer systems to steal source code access, CI/CD credentials, and signing keys for supply chain attacks.
Application Security
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
Andrew Doyle June 9, 2026
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley June 9, 2026
CVE Vulnerability Alerts
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
Andrew Doyle June 9, 2026
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley June 9, 2026

TOP CYBERSECURITY HEADLINES

TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Application Security
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Cybersecurity
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
Cybersecurity
TVING Data Breach Triggers South Korean Government Probe

This Week’s Security Spotlight

Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
Andrew Doyle June 8, 2026
CVE Vulnerability Alerts
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Gabby Lee June 5, 2026
Cybersecurity
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
Gabby Lee June 5, 2026
More In News
Trending
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Discord Confirms Data Breach Linked to Third-Party Support Vendor
October 6, 2025
Podcasts
ParkMobile Data Breach Ends in $32.8M Settlement — and a $1 Payout
October 6, 2025
Podcasts
Oneleet Secures $33M Series A to Revolutionize Integrated Cybersecurity
October 6, 2025

Cyber Security News

Cybersecurity
GTA Cheat Service Atlas Menu Hacked; 64,000 Records Exposed
June 2, 2026
Cybersecurity
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
June 2, 2026
Cybersecurity
PureLogs Infostealer Uses MSBuild.exe for Fileless Deployment
June 2, 2026
Cybersecurity
Gamaredon Hides USB Worm in NTFS Alternate Data Streams
June 2, 2026
Cybersecurity
Play Ransomware Claims US Telecom Hightower Communications
June 2, 2026
Cybersecurity
Play Ransomware Claims US Telecom Hightower Communications
June 2, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
May 11, 2026
NVIDIA confirmed a GeForce NOW data breach via Armenian partner GFN.am, exposing names, emails, and phone numbers of users registered before March 9, 2026.
RansomHouse Breaches Trellix; Source Code Repositories Accessed
May 11, 2026
Trellix confirmed unauthorized access to its source code repositories after RansomHouse posted photographic evidence of the breach. Law enforcement has been notified.
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
May 11, 2026
A fraudulent OpenAI repository reached Hugging Face's trending list while distributing infostealing malware targeting credentials and access tokens.
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
May 11, 2026
Attackers chain Google sponsored ads with fake Claude.ai chat sessions to deliver MacSync, a macOS infostealer harvesting Keychain contents and browser credentials.
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator
May 11, 2026
German and Spanish authorities shut down the relaunched Crimenetwork dark web marketplace and arrested its 35-year-old German operator in Mallorca under a European arrest warrant.
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
May 11, 2026
Researchers identify TCLBanker, a Brazilian banking trojan targeting 59 financial platforms that self-propagates by sending malicious messages through victims' WhatsApp and Outlook accounts.
cPanel and WHM Patch Three CVEs, Two Rated High Severity
May 11, 2026
cPanel patched two CVSS 8.8 flaws including Perl code execution in WHM, as the 40,000-server CVE-2026-41940 campaign remains active.
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
May 8, 2026
Researchers disclosed 12 critical vulnerabilities in the widely-used vm2 Node.js sandbox library, all enabling sandbox escape and arbitrary code execution on the host system.
Fake Claude AI Site Delivers New Beagle Windows Backdoor
May 8, 2026
A malicious website impersonating Claude AI distributes a new, previously undocumented Windows backdoor named Beagle to users seeking to download the AI assistant application.
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
May 8, 2026
Security researchers from Adversa AI and Mitiga disclosed a one-click RCE, silent MCP OAuth token hijacking, and a Chrome extension prompt injection vulnerability in Claude ...
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
May 8, 2026
A critical unpatched Linux kernel privilege escalation flaw dubbed Dirty Frag lets local attackers gain root via a single command across major distributions.
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
May 8, 2026
Fashion retailer Zara confirmed a data breach affecting over 197,000 customers after hackers accessed databases containing personal information from Inditex systems.
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
May 8, 2026
State-sponsored actors exploited CVE-2026-0300, a critical CVSS 9.3 RCE flaw in PAN-OS, for roughly one month before disclosure. CISA deadline is May 9.
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
May 8, 2026
Ivanti disclosed CVE-2026-6973, an actively exploited RCE vulnerability in EPMM 12.8.0.0 and earlier. CISA set a May 10 federal remediation deadline.
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
May 8, 2026
Three PyPI packages with 2,400+ combined downloads delivered ZiChatBot malware to developer machines, abusing Zulip's REST API as a covert C2 channel with code links ...
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
May 8, 2026
Researchers discovered TCLBanker, a banking trojan hidden in trojanized Logitech software installers, stealing credentials from 59 banking and cryptocurrency platforms.
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
May 8, 2026
Researchers identified a Linux variant of Quasar RAT targeting developer systems to steal source code access, CI/CD credentials, and signing keys for supply chain attacks.
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
May 8, 2026
Nation-state-linked PCPJack malware framework worms across cloud environments via five CVEs, using parquet file evasion to harvest credentials from cloud and financial systems.
Virginia Contractor Convicted for Destroying Federal Databases
May 8, 2026
A Virginia man convicted of conspiring to destroy dozens of federal databases after being fired from his government contractor role, highlighting insider threat risks to ...
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
May 8, 2026
Australia's Cyber Security Centre warned organizations about ClickFix social-engineering attacks using compromised WordPress sites to deliver Vidar Stealer via user-executed PowerShell commands.
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
What Is Dropper Malware and How Does It Evade Detection
TVING Data Breach Triggers South Korean Government Probe
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
DNS Tunneling: How Attacks Work, Detection, and Prevention
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack