Cyber Security
CVE Vulnerability Alerts
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
FortiGuard found P2PInfect enrolled enterprise GKE Kubernetes clusters for six months undetected via exposed Redis instances and a 2022 CVSS 10.0 flaw.
Cybersecurity
Group-IB Exposes Five Brokers Fabricating Breach Alerts From Old Leaks
Group-IB identified five dark web brokers posting 500–1,000 fake corporate breach ads monthly using recycled Facebook 2021, Eatigo, and Truecaller leak data.
Cybersecurity
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
Hackers spent 77 days inside NYC Health + Hospitals via a vendor breach, stealing fingerprints, medical records, and SSNs from 1.8 million patients.
Cybersecurity
Poland Drops Signal After Russian APTs Compromise Officials’ Accounts
Poland abandoned Signal after Russian APTs compromised officials' accounts via fake support calls and malicious QR codes that bypassed its encryption.
Cybersecurity
EvilTokens Service Breaches 340 Microsoft 365 Orgs via OAuth Tokens
EvilTokens, a phishing service launched in February 2026, bypassed MFA in 340 Microsoft 365 organizations by stealing OAuth tokens instead of passwords.
Cybersecurity
Webworm APT Uses Discord and OneDrive as C2 in Government Espionage
Webworm, a China-aligned APT, deployed EchoCreep and GraphWorm backdoors that abuse Discord and Microsoft OneDrive as C2 channels against government targets.
Cybersecurity
PinTheft PoC Goes Public, Narrowing Arch Linux Exploit Window
V12 security team released a working PinTheft exploit for an Arch Linux kernel double-free, enabling local root escalation on unpatched systems with RDS loaded.
Application Security
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
A null-byte sandbox bypass in Claude Code allowed credential exfiltration via prompt injection, present from October 2025 until Anthropic's silent March patch.
Cybersecurity
Huawei Zero-Day Caused Luxembourg’s 3-Hour National Telecom Blackout
A zero-day in Huawei routers crashed Luxembourg's national telecom in July 2025 for three hours, cutting emergency services, with no CVE and no confirmed patch.
Application Security
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
CVE-2026-3102 in ExifTool's SetMacOSTags lets a crafted image execute shell commands on macOS; the flaw is patched in ExifTool 13.50 after Kaspersky disclosure.
Application Security
Single-Letter Go Typosquat Backdoors Financial and Crypto Developers
A Go module typosquatting shopspring/decimal deployed a DNS-based backdoor polling for OS commands every five minutes, targeting financial app developers.
Application Security
CVE-2026-46376: FreePBX Hard-Coded Credentials Open VoIP Portals
CVE-2026-46376 in FreePBX hardcodes setup credentials in the User Control Panel, letting unauthenticated attackers access phone systems and commit toll fraud.
Cybersecurity
Pardus Linux CVSS 9.3 Flaw Exposes Turkish Government Systems to Root
A three-vulnerability chain in Pardus Linux's pardus-update package lets any local user gain root on Turkish government systems; no patch is available yet.
CVE Vulnerability Alerts
CVE-2026-46333: Linux Kernel Flaw Grants Root via ssh-keysign
Qualys disclosed CVE-2026-46333, a nine-year-old Linux privilege escalation flaw that gives local users a reliable path to root on Debian, Fedora, and Ubuntu.
CVE Vulnerability Alerts
CISA Adds Two Exploited Microsoft Defender Zero-Days to KEV
Microsoft Defender is actively being exploited via two zero-days, CVE-2026-41091 and CVE-2026-45498, which CISA added to its KEV catalog on May 20, 2026.
Cybersecurity
Ukraine IDs 18-Year-Old Who Stole 28,000 Accounts, $721K
Ukrainian cyberpolice and U.S. law enforcement identified an 18-year-old from Odesa behind 28,000 stolen accounts and $721,000 in fraudulent purchases.
CVE Vulnerability Alerts
SonicWall Gen6 MFA Bypass CVE-2024-12802 Left Open by Incomplete Patch
SonicWall's patch for CVE-2024-12802 needed a manual LDAP reconfiguration most admins skipped, leaving Gen6 VPN open to MFA bypass and ransomware access.
Cybersecurity
TeamPCP Claims Breach of 4,000 GitHub Private Repositories
The hacker group TeamPCP claims unauthorized access to ~4,000 GitHub private repositories and is demanding a $50,000 ransom for the stolen source code.
CVE Vulnerability Alerts
CVE-2026-45585: Windows Zero-Day Bypasses BitLocker
Microsoft disclosed CVE-2026-45585, a Windows zero-day that allows attackers with physical access to bypass BitLocker encryption without the decryption key.
Application Security
CVE-2026-45829: Max-Severity Flaw Lets Attackers Hijack ChromaDB
CVE-2026-45829 is a maximum-severity pre-auth flaw in ChromaDB allowing server hijacking; about 73% of internet-exposed instances run a vulnerable version.
Cybersecurity
WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
Cybersecurity
Microsoft Disrupts Fox Tempest Malware-Signing Service
TOP CYBERSECURITY HEADLINES
Cybersecurity
Deleted Google API Keys Stay Active for Up to 23 Minutes
Application Security
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Cybersecurity
Texas AG Sues Meta Over WhatsApp Encryption Claims
This Week’s Security Spotlight
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Application Security
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
Application Security
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Poland Drops Signal After Russian APTs Compromise Officials’ Accounts
Poland abandoned Signal after Russian APTs compromised officials' accounts via fake support calls and malicious QR codes that bypassed its encryption.
EvilTokens Service Breaches 340 Microsoft 365 Orgs via OAuth Tokens
EvilTokens, a phishing service launched in February 2026, bypassed MFA in 340 Microsoft 365 organizations by stealing OAuth tokens instead of passwords.
Webworm APT Uses Discord and OneDrive as C2 in Government Espionage
Webworm, a China-aligned APT, deployed EchoCreep and GraphWorm backdoors that abuse Discord and Microsoft OneDrive as C2 channels against government targets.
PinTheft PoC Goes Public, Narrowing Arch Linux Exploit Window
V12 security team released a working PinTheft exploit for an Arch Linux kernel double-free, enabling local root escalation on unpatched systems with RDS loaded.
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
A null-byte sandbox bypass in Claude Code allowed credential exfiltration via prompt injection, present from October 2025 until Anthropic's silent March patch.
Huawei Zero-Day Caused Luxembourg’s 3-Hour National Telecom Blackout
A zero-day in Huawei routers crashed Luxembourg's national telecom in July 2025 for three hours, cutting emergency services, with no CVE and no confirmed patch.
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
CVE-2026-3102 in ExifTool's SetMacOSTags lets a crafted image execute shell commands on macOS; the flaw is patched in ExifTool 13.50 after Kaspersky disclosure.
Single-Letter Go Typosquat Backdoors Financial and Crypto Developers
A Go module typosquatting shopspring/decimal deployed a DNS-based backdoor polling for OS commands every five minutes, targeting financial app developers.
CVE-2026-46376: FreePBX Hard-Coded Credentials Open VoIP Portals
CVE-2026-46376 in FreePBX hardcodes setup credentials in the User Control Panel, letting unauthenticated attackers access phone systems and commit toll fraud.
Pardus Linux CVSS 9.3 Flaw Exposes Turkish Government Systems to Root
A three-vulnerability chain in Pardus Linux's pardus-update package lets any local user gain root on Turkish government systems; no patch is available yet.
CVE-2026-46333: Linux Kernel Flaw Grants Root via ssh-keysign
Qualys disclosed CVE-2026-46333, a nine-year-old Linux privilege escalation flaw that gives local users a reliable path to root on Debian, Fedora, and Ubuntu.
CISA Adds Two Exploited Microsoft Defender Zero-Days to KEV
Microsoft Defender is actively being exploited via two zero-days, CVE-2026-41091 and CVE-2026-45498, which CISA added to its KEV catalog on May 20, 2026.
Ukraine IDs 18-Year-Old Who Stole 28,000 Accounts, $721K
Ukrainian cyberpolice and U.S. law enforcement identified an 18-year-old from Odesa behind 28,000 stolen accounts and $721,000 in fraudulent purchases.
SonicWall Gen6 MFA Bypass CVE-2024-12802 Left Open by Incomplete Patch
SonicWall's patch for CVE-2024-12802 needed a manual LDAP reconfiguration most admins skipped, leaving Gen6 VPN open to MFA bypass and ransomware access.
TeamPCP Claims Breach of 4,000 GitHub Private Repositories
The hacker group TeamPCP claims unauthorized access to ~4,000 GitHub private repositories and is demanding a $50,000 ransom for the stolen source code.
CVE-2026-45585: Windows Zero-Day Bypasses BitLocker
Microsoft disclosed CVE-2026-45585, a Windows zero-day that allows attackers with physical access to bypass BitLocker encryption without the decryption key.
CVE-2026-45829: Max-Severity Flaw Lets Attackers Hijack ChromaDB
CVE-2026-45829 is a maximum-severity pre-auth flaw in ChromaDB allowing server hijacking; about 73% of internet-exposed instances run a vulnerable version.
Microsoft Disrupts Fox Tempest Malware-Signing Service
Microsoft seized Fox Tempest's signspace.cloud domain and revoked over 1,000 fraudulent code-signing certificates used by ransomware groups and infostealers.
B1ack’s Stash Releases 4.6M Stolen Credit Cards Free
B1ack's Stash dark-web marketplace released 4.6 million stolen card records for free, with 4.3 million actionable, after resellers violated its terms.
Trapdoor Android Ad Fraud Scheme Generated 659M Fake Bids
HUMAN's Satori team disclosed Trapdoor, 455 malicious Android apps generating 659 million fake ad bids daily, with more than 24 million total downloads.