Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vuln…
We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is
While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace of AI adoption…
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage…
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under…
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster…
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam…
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux…
Trellix Confirms Source Code Breach With Unauthorized Repository Access
Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a "portion" of its source code. It…
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails…
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Cybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid, high-impact attacks" operating almost within the…
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across…
Top Five Sales Challenges Costing MSPs Cybersecurity Revenue
The managed security services market is projected to grow from $38.31 billion in 2025 to $69.16 billion by 2030[1], with cybersecurity being…
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
The U.S. Department of Justice (DoJ) on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for…
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that…
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two…
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some…
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities…
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation…
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user…
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the…
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with…
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by…
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate…
What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting…
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain…
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and…
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's…
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that…
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players…
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw…
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a…
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform…
After Mythos: New Playbooks For a Zero-Window Era
When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know…
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34,…
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity…
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has…
FIRESTARTER: Cisco ASA Backdoor
The Advisory That Changes EverythingOn April 23, 2026, CISA and the United Kingdom National Cyber Security Centre jointly assessed that…
Unfiltered: The 9.8 CVSS Deserialization Loophole Hijacking Apache MINA
Apache MINA is widely recognized as a foundational network application framework, designed to help users easily develop high-performance and…
Robinhood account creation flaw abused to send phishing emails
Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate…
GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update. Six…
Canada arrests three for operating “SMS blaster” device in Toronto
Canadian authorities have arrested three men for operating an "SMS blaster" device that pretends to be a cellular tower to send phishing texts…
82 Chrome Extensions Found Selling User Data, 6.5 Million Users Affected
Most people install browser extensions without giving them much thought. Recent incidents, along with a new investigation by LayerX Security…
Alleged Silk Typhoon hacker extradited to US for cyberespionage
A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to…