Main Menu
Cyber Security
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
Ivanti Sentry CVE-2026-10520 Actively Exploited, Devices Backdoored
Langflow CVE-2026-5027: Path Traversal Becomes Unauthenticated RCE
WorldLeaks Claims Apple Supplier Tata Electronics and Two More Firms
What is Cloud Detection and Response (CDR) and How Does it Work
Google Patches 5th Chrome Zero-Day; V8 Flaw Chains for OS Access
LiteLLM CVE-2026-42271 Added to CISA KEV: AI API Keys at Risk
France’s Tchap Messaging App Breached, 643K Messages Exposed
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Exploit Published for Linux Kernel nf_tables CVE-2026-23111
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
CVE Vulnerability Alerts
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Gabby Lee May 8, 2026
State-sponsored actors exploited CVE-2026-0300, a critical CVSS 9.3 RCE flaw in PAN-OS, for roughly one month before disclosure. CISA deadline is May 9.
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
Application Security
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
Gabby Lee May 8, 2026
Ivanti disclosed CVE-2026-6973, an actively exploited RCE vulnerability in EPMM 12.8.0.0 and earlier. CISA set a May 10 federal remediation deadline.
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
Application Security
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
Andrew Doyle May 8, 2026
Three PyPI packages with 2,400+ combined downloads delivered ZiChatBot malware to developer machines, abusing Zulip's REST API as a covert C2 channel with code links ...
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Cybersecurity
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Gabby Lee May 8, 2026
Researchers discovered TCLBanker, a banking trojan hidden in trojanized Logitech software installers, stealing credentials from 59 banking and cryptocurrency platforms.
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
Application Security
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
Mitchell Langley May 8, 2026
Researchers identified a Linux variant of Quasar RAT targeting developer systems to steal source code access, CI/CD credentials, and signing keys for supply chain attacks.
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Cybersecurity
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Andrew Doyle May 8, 2026
Nation-state-linked PCPJack malware framework worms across cloud environments via five CVEs, using parquet file evasion to harvest credentials from cloud and financial systems.
Virginia Contractor Convicted for Destroying Federal Databases
Cybersecurity
Virginia Contractor Convicted for Destroying Federal Databases
Gabby Lee May 8, 2026
A Virginia man convicted of conspiring to destroy dozens of federal databases after being fired from his government contractor role, highlighting insider threat risks to ...
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Cybersecurity
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Gabby Lee May 8, 2026
Australia's Cyber Security Centre warned organizations about ClickFix social-engineering attacks using compromised WordPress sites to deliver Vidar Stealer via user-executed PowerShell commands.
Two Americans Jailed for Running North Korean IT Worker Laptop Farms
Cybersecurity
Two Americans Jailed for Running North Korean IT Worker Laptop Farms
Mitchell Langley May 8, 2026
Matthew Knoot and Erick Prince received 18-month federal sentences for laptop farm operations that placed North Korean IT workers inside U.S. companies under stolen American ...
GothFerrari Gets 6.5 Years for $250M Crypto Home-Invasion Theft Ring
Cybersecurity
GothFerrari Gets 6.5 Years for $250M Crypto Home-Invasion Theft Ring
Gabby Lee May 8, 2026
California man Marlon Ferro, alias GothFerrari, received a 78-month federal sentence for home invasions, iCloud surveillance of victims, and money laundering in a ring that ...
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
Application Security
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
Andrew Doyle May 8, 2026
Disc Soft confirmed a build environment compromise that distributed trojanized DAEMON Tools Lite installers deploying an infostealer, backdoor, and QUIC RAT to users across 100+ ...
PamDOORa Linux PAM Backdoor Sold for $1,600, Grants Covert SSH Access
Cybersecurity
PamDOORa Linux PAM Backdoor Sold for $1,600, Grants Covert SSH Access
Gabby Lee May 8, 2026
Researchers disclosed PamDOORa, a commercial Linux backdoor sold on the Russian Rehub forum that exploits the PAM authentication framework to install covert SSH access and ...
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Cybersecurity
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Andrew Doyle May 6, 2026
Sygnia incident responder Ryan Goldberg and DigitalMint ransomware negotiator Kevin Martin each received four-year federal prison sentences for deploying BlackCat/ALPHV against their own clients from ...
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Cybersecurity
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Andrew Doyle May 6, 2026
Nefilim ransomware affiliate Artem Stryzhak, 35, faces sentencing May 6, 2026 after pleading guilty to conspiracy to commit computer fraud. Stryzhak targeted companies with $100M+ ...
Trend Micro QLNX Implant Targets Developers for Supply Chain Attacks
Application Security
Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
Mitchell Langley May 6, 2026
Trend Micro on May 5, 2026 disclosed QLNX (Quasar Linux), a Linux implant targeting software developers with a 58-command shell, dual-layer eBPF rootkit, and 7 ...
MetInfo CVE-2026-29014 Exploited -- Unauthenticated PHP Code Injection
Application Security
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
Gabby Lee May 6, 2026
CVE-2026-29014 in MetInfo CMS 7.9–8.1 is being actively exploited since April 25, 2026 via unauthenticated PHP injection achieving full server control. Patched April 7; ~2,000 ...
FTC Bans Data Broker Kochava from Selling Americans Location Data
Cybersecurity
FTC Bans Data Broker Kochava from Selling Americans Location Data
Andrew Doyle May 6, 2026
The FTC on May 5, 2026 proposed banning data broker Kochava from selling Americans' location data without consent. The 2022 lawsuit alleged Kochava processed 94 ...
Apache CVE-2026-23918 Enables DoS and RCE in HTTP2 -- Patch to 2.4.67
Application Security
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67
Mitchell Langley May 6, 2026
CVE-2026-23918 is a CVSS 8.8 double-free in Apache HTTP Server 2.4.66 mod_http2, causing DoS on default deployments and RCE on Debian and Docker installations. Fixed ...
China-Linked UAT-8302 Targets Governments in South America and Europe
Cybersecurity
China-Linked UAT-8302 Targets Governments in South America and Europe
Gabby Lee May 6, 2026
Cisco Talos on May 5, 2026 linked UAT-8302, a China-nexus APT, to government espionage campaigns across South America and southeastern Europe using malware shared with ...
Karakurt Negotiator Gets 8.5 Years in First U.S. Conviction
Cybersecurity
Karakurt Negotiator Gets 8.5 Years in First U.S. Conviction
Mitchell Langley May 6, 2026
Deniss Zolotarjovs, Karakurt's "cold case" extortion negotiator, received an 8.5-year U.S. federal prison sentence — the first conviction of a Karakurt gang member — linked ...
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Gabby Lee June 12, 2026
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
Mitchell Langley June 12, 2026
Blog
Triple Extortion Ransomware: How It Works and How to Stop It
Andrew Doyle June 12, 2026
Cybersecurity
Europol Dismantles AudiA6 Crypto Laundering Service
Gabby Lee June 12, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers

This Week’s Security Spotlight

Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Andrew Doyle June 10, 2026
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Gabby Lee June 10, 2026
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
More In News
Trending
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
MatrixPDF: The New Phishing Toolkit That Turns Safe PDFs into Cyber Weapons
October 1, 2025
Podcasts
Asahi Brewery Cyberattack Halts Domestic Operations Across Japan
September 30, 2025
Podcasts
Akira Ransomware Exploits SonicWall Flaw with Record-Breaking Speed
September 30, 2025

Cyber Security News

Application Security
Fake Claude Code Installers on Google Sites Steal AI API Keys
June 4, 2026
Application Security
Fake Chrome Web Store DMCA Notices Target Extension Developers
June 4, 2026
Cybersecurity
Commission Proposes $11 Billion Dedicated US Cyber Force Branch
June 3, 2026
Cybersecurity
KillSec Ransomware Hits Indian Teaching Hospital and Mexican Insurer
June 3, 2026
Cybersecurity
Nova Ransomware Apologizes for CIS Rule Violation, Bans Affiliate
June 3, 2026
Cybersecurity
Trump Signs Executive Order for National Security Review of AI Models
June 3, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
May 8, 2026
Researchers discovered TCLBanker, a banking trojan hidden in trojanized Logitech software installers, stealing credentials from 59 banking and cryptocurrency platforms.
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
May 8, 2026
Researchers identified a Linux variant of Quasar RAT targeting developer systems to steal source code access, CI/CD credentials, and signing keys for supply chain attacks.
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
May 8, 2026
Nation-state-linked PCPJack malware framework worms across cloud environments via five CVEs, using parquet file evasion to harvest credentials from cloud and financial systems.
Virginia Contractor Convicted for Destroying Federal Databases
May 8, 2026
A Virginia man convicted of conspiring to destroy dozens of federal databases after being fired from his government contractor role, highlighting insider threat risks to ...
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
May 8, 2026
Australia's Cyber Security Centre warned organizations about ClickFix social-engineering attacks using compromised WordPress sites to deliver Vidar Stealer via user-executed PowerShell commands.
Two Americans Jailed for Running North Korean IT Worker Laptop Farms
May 8, 2026
Matthew Knoot and Erick Prince received 18-month federal sentences for laptop farm operations that placed North Korean IT workers inside U.S. companies under stolen American ...
GothFerrari Gets 6.5 Years for $250M Crypto Home-Invasion Theft Ring
May 8, 2026
California man Marlon Ferro, alias GothFerrari, received a 78-month federal sentence for home invasions, iCloud surveillance of victims, and money laundering in a ring that ...
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
May 8, 2026
Disc Soft confirmed a build environment compromise that distributed trojanized DAEMON Tools Lite installers deploying an infostealer, backdoor, and QUIC RAT to users across 100+ ...
PamDOORa Linux PAM Backdoor Sold for $1,600, Grants Covert SSH Access
May 8, 2026
Researchers disclosed PamDOORa, a commercial Linux backdoor sold on the Russian Rehub forum that exploits the PAM authentication framework to install covert SSH access and ...
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
May 6, 2026
Sygnia incident responder Ryan Goldberg and DigitalMint ransomware negotiator Kevin Martin each received four-year federal prison sentences for deploying BlackCat/ALPHV against their own clients from ...
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
May 6, 2026
Nefilim ransomware affiliate Artem Stryzhak, 35, faces sentencing May 6, 2026 after pleading guilty to conspiracy to commit computer fraud. Stryzhak targeted companies with $100M+ ...
Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
May 6, 2026
Trend Micro on May 5, 2026 disclosed QLNX (Quasar Linux), a Linux implant targeting software developers with a 58-command shell, dual-layer eBPF rootkit, and 7 ...
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
May 6, 2026
CVE-2026-29014 in MetInfo CMS 7.9–8.1 is being actively exploited since April 25, 2026 via unauthenticated PHP injection achieving full server control. Patched April 7; ~2,000 ...
FTC Bans Data Broker Kochava from Selling Americans Location Data
May 6, 2026
The FTC on May 5, 2026 proposed banning data broker Kochava from selling Americans' location data without consent. The 2022 lawsuit alleged Kochava processed 94 ...
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67
May 6, 2026
CVE-2026-23918 is a CVSS 8.8 double-free in Apache HTTP Server 2.4.66 mod_http2, causing DoS on default deployments and RCE on Debian and Docker installations. Fixed ...
China-Linked UAT-8302 Targets Governments in South America and Europe
May 6, 2026
Cisco Talos on May 5, 2026 linked UAT-8302, a China-nexus APT, to government espionage campaigns across South America and southeastern Europe using malware shared with ...
Karakurt Negotiator Gets 8.5 Years in First U.S. Conviction
May 6, 2026
Deniss Zolotarjovs, Karakurt's "cold case" extortion negotiator, received an 8.5-year U.S. federal prison sentence — the first conviction of a Karakurt gang member — linked ...
Microsoft: AiTM Phishing Hit 35,000 Users in 26 Countries
May 6, 2026
Microsoft disclosed an AiTM phishing campaign targeting 35,000 users in 13,000 organizations across 26 countries between April 14–16, 2026, bypassing MFA by stealing authenticated session ...
Palo Alto CVE-2026-0300 Under Active Attack — Patch Due May 13
May 6, 2026
Palo Alto Networks disclosed CVE-2026-0300 on May 6, 2026 — a CVSS 9.3 unauthenticated buffer overflow in PAN-OS Captive Portal actively exploited in the wild. ...
cPanel CVE-2026-41940 Exploited Within 24 Hours, Ransomware Deployed
May 6, 2026
CVE-2026-41940, a critical cPanel authentication bypass, is being actively exploited by multiple actors deploying ransomware and C2 tools against governments and MSPs across five countries.
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies