Cybersecurity Feed
Updated: 07/05/2026, 12:08:33 β€’ Items: 150
Keywords
CVE- ClickFix Malware Leak Attack 0-day zero-day RCE remote code execution privilege escalation LPE kernel exploit PoC exploit weaponized exploit KEV CISA KEV critical vulnerability supply chain attack dependency hijacking DLL sideloading code injection memory corruption SQL injection SSRF XSS sandbox escape hypervisor escape ransomware data exfiltration lateral movement APT nation state Cobalt Strike Sliver Metasploit malware campaign phishing kit loader infostealer rootkit persistence command and control C2 backdoor Fortinet FortiOS FortiGate GlobalProtect Palo Alto Cortex XDR XSIAM Prisma PAN-OS CrowdStrike SentinelOne Mandiant Elastic Security Azure AD KQL Active Directory Kerberos Golden Ticket pass-the-hash Okta identity breach session hijack exploit
Cyble β€” 07/05/2026, 10:44:48

Operation HumanitarianBait: An Infostealer Campaign in Disguise Click here

Cyber Security News β€” 07/05/2026, 10:30:25

Massive 2.45B-Request DDoS Attack Used 1.2 Million IPs to Evade Rate Limits Click here

The Hacker News β€” 07/05/2026, 09:45:00

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution Click here

Cyber Security News β€” 07/05/2026, 09:31:17

Google Chrome 148 Released with Fix for 127 Security Vulnerabilities – Update Now! CVE-2026-7896 Click here

SANS Internet Storm Center, InfoCON: green β€” 07/05/2026, 06:38:00

An Adaptive Cyber Analytics UI for Web Honeypot Logs [Guest Diary], (Wed, May 6th) Medium Click here

Cyber Security News β€” 07/05/2026, 06:28:43

New Phishing Attack Weaponizing Event Invitations to Steal Login Credentials Click here

Cyber Security News β€” 07/05/2026, 06:05:42

New Salat Malware Uses QUIC and WebSocket Channels for Stealthy Remote Control Click here

Cyber Security News β€” 07/05/2026, 05:41:17

New FEMITBOT Network Uses Telegram Mini Apps to Push Crypto Fraud and Android Malware High Click here

Unit 42 β€” 07/05/2026, 05:30:53

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution CVE-2026-0300 Critical Click here

Cyber Security News β€” 07/05/2026, 05:24:48

Darkhub Hacking-for-Hire Portal Advertises Crypto Fraud, Message Interception, and Monitoring Click here

darkreading β€” 07/05/2026, 02:49:11

Yet Another Way to Bypass Google Chrome's Encryption Protection Click here

darkreading β€” 07/05/2026, 02:32:57

Instructure Breach Exposes Schools' Vendor Dependence Click here

The Hacker News β€” 07/05/2026, 01:51:00

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks Click here

BleepingComputer β€” 07/05/2026, 00:08:38

Critical vm2 sandbox bug lets attackers execute code on hosts Click here

Cyber Security News β€” 06/05/2026, 23:52:48

CloudZ RAT Abuses Microsoft Phone Link to Steal SMS OTPs and Mobile Notifications Click here

Cyber Security News β€” 06/05/2026, 23:25:36

QLNX Targets Developers With Credential Theft Designed for Supply Chain Compromise Click here

Cyber Security News β€” 06/05/2026, 22:49:25

Member of Prolific Russian Ransomware Group Sentenced to 102 Months in Prison High Click here

BleepingComputer β€” 06/05/2026, 22:13:30

DAEMON Tools devs confirm breach, release malware-free version Click here

Cyble β€” 06/05/2026, 20:47:13

Third-Party Breaches Without Breaches: How Attackers Use Trusted Access to Bypass US Enterprise Defenses Click here

SOC Prime β€” 06/05/2026, 19:43:26

CVE-2026-23918: Critical Apache HTTP/2 Flaw Can Trigger DoS and Possible RCE CVE-2026-23918 High Click here

BleepingComputer β€” 06/05/2026, 19:34:14

Why ransomware attacks succeed even when backups exist High Click here

BleepingComputer β€” 06/05/2026, 18:32:52

MuddyWater hackers use Chaos ransomware as a decoy in attacks High Click here

SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms. β€” 06/05/2026, 18:30:29

LABScon25 Replay | Please Connect to the Foreign Entity to Enhance Your User Experience Click here

The Hacker News β€” 06/05/2026, 18:30:00

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack High Click here

SecurityWeek β€” 06/05/2026, 18:30:00

Iranian APT Intrusion Masquerades as Chaos Ransomware Attack High Click here

SOC Prime β€” 06/05/2026, 17:42:38

CVE-2026-0300: Palo Alto PAN-OS Zero-Day Enables Root RCE on Exposed Firewalls CVE-2026-0300 Critical Click here

All CISA Advisories β€” 06/05/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-0300 Critical Click here

darkreading β€” 06/05/2026, 16:00:27

Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA Click here

BleepingComputer β€” 06/05/2026, 14:48:16

Palo Alto Networks warns of firewall RCE zero-day exploited in attacks Critical Click here

The Hacker News β€” 06/05/2026, 14:43:00

Google's Android Apps Get Public Verification to Stop Supply Chain Attacks Click here

The Hacker News β€” 06/05/2026, 14:04:00

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs Click here

SecurityWeek β€” 06/05/2026, 14:03:40

Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack Click here

The Hacker News β€” 06/05/2026, 11:44:00

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution CVE-2026-0300 Critical Click here

SecurityWeek β€” 06/05/2026, 10:16:23

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls CVE-2026-0300 Critical Click here

Proofpoint News Feed β€” 06/05/2026, 06:26:29

Proofpoint Establishes Innovation Precedent for Source-Agnostic Modern Enterprise Investigations Click here

Unit 42 β€” 06/05/2026, 04:30:33

Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years CVE-2026-31431 Medium Click here

BleepingComputer β€” 06/05/2026, 03:31:39

New stealthy Quasar Linux malware targets software developers Click here

darkreading β€” 06/05/2026, 02:10:11

Trellix Source Code Breach Highlights Growing Supply Chain Threats Click here

darkreading β€” 06/05/2026, 01:30:49

Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations Click here

BleepingComputer β€” 06/05/2026, 00:51:18

DAEMON Tools trojanized in supply-chain attack to deploy backdoor Click here

The Hacker News β€” 05/05/2026, 21:49:00

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE CVE-2026-23918 High Click here

darkreading β€” 05/05/2026, 20:27:51

Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk Click here

SANS Internet Storm Center, InfoCON: green β€” 05/05/2026, 20:07:01

Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th) Click here

The Hacker News β€” 05/05/2026, 19:49:00

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions Click here

BleepingComputer β€” 05/05/2026, 19:30:10

The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss Click here

All CISA Advisories β€” 05/05/2026, 17:30:00

ABB B&R Automation Runtime CVE-2025-11044 High Click here

All CISA Advisories β€” 05/05/2026, 17:30:00

Hitachi Energy PCM600 CVE-2018-1002208 Click here

All CISA Advisories β€” 05/05/2026, 17:30:00

Johnson Controls CEM AC2000 CVE-2026-21661 Click here

All CISA Advisories β€” 05/05/2026, 17:30:00

ABB B&R PVI CVE-2026-0936 Click here

The Hacker News β€” 05/05/2026, 17:28:00

The Back Door Attackers Know About β€” and Most Security Teams Still Haven’t Closed Click here

The Hacker News β€” 05/05/2026, 17:26:00

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks CVE-2026-29014 High Click here

The Hacker News β€” 05/05/2026, 16:00:00

We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is Click here

The Hacker News β€” 05/05/2026, 14:37:00

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows Click here

The Hacker News β€” 05/05/2026, 13:07:00

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API CVE-2026-22679 Critical Click here

The Hacker News β€” 05/05/2026, 12:05:00

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries Click here

Blogs on Information Technology, Network & Cybersecurity | Seqrite β€” 05/05/2026, 10:31:50

How to Choose the Right Managed Detection and Response Vendor High Click here

Blog β€” 05/05/2026, 10:30:00

CrowdStrike Launches Falcon OverWatch for Defender Click here

darkreading β€” 05/05/2026, 02:26:34

RMM Tools Fuel Stealthy Phishing Campaign Click here

darkreading β€” 05/05/2026, 00:44:14

Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability Critical Click here

The Hacker News β€” 04/05/2026, 23:36:00

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools Click here

SANS Internet Storm Center, InfoCON: green β€” 04/05/2026, 22:42:18

TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03), (Mon, May 4th) CVE-2024-1708 Critical Click here

darkreading β€” 04/05/2026, 20:09:26

Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia Click here

The Hacker News β€” 04/05/2026, 19:53:00

⚑ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More High Click here

Check Point Research β€” 04/05/2026, 19:19:31

4th May – Threat Intelligence Report CVE-2026-26268 Critical Click here

The Hacker News β€” 04/05/2026, 17:28:00

2026: The Year of AI-Assisted Attacks Click here

The Hacker News β€” 04/05/2026, 17:27:00

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia Click here

The Hacker News β€” 04/05/2026, 14:57:00

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks Click here

Blog β€” 04/05/2026, 10:30:00

CrowdStrike Technical Risk Assessments Reveal Common Exposure Patterns Click here

The Hacker News β€” 03/05/2026, 11:56:00

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV CVE-2026-31431 Critical Click here

The Hacker News β€” 02/05/2026, 12:11:00

Trellix Confirms Source Code Breach With Unauthorized Repository Access Click here

Unit 42 β€” 02/05/2026, 05:40:33

The npm Threat Landscape: Attack Surface and Mitigations (Updated May 1) Click here

Unit 42 β€” 02/05/2026, 04:30:13

Essential Data Sources for Detection Beyond the Endpoint Click here

The Hacker News β€” 01/05/2026, 19:56:00

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks Click here

darkreading β€” 01/05/2026, 17:30:55

Name That Toon: Mark of (Security) Progress Click here

All CISA Advisories β€” 01/05/2026, 17:30:00

Careful Adoption of Agentic AI Services Click here

All CISA Advisories β€” 01/05/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-31431 Critical Click here

The Hacker News β€” 01/05/2026, 15:26:00

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks High Click here

The Hacker News β€” 01/05/2026, 15:13:00

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft Click here

Unit 42 β€” 01/05/2026, 03:30:57

That AI Extension Helping You Write Emails? It’s Reading Them First Click here

darkreading β€” 01/05/2026, 02:31:18

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack Click here

darkreading β€” 01/05/2026, 02:11:18

Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug Click here

The Hacker News β€” 30/04/2026, 22:01:00

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials Click here

Krebs on Security β€” 30/04/2026, 19:34:26

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs CVE-2023-1389 High Click here

Cyble β€” 30/04/2026, 18:59:51

The Week in Vulnerabilities: GitHub Enterprise, Argo CD, Oracle Identity Manager, and Mozilla Security Flaws CVE-2026-5921 Critical Click here

SOC Prime β€” 30/04/2026, 18:17:48

CVE-2026-41940: Critical cPanel & WHM Authentication Bypass Exposes Hosting Servers to Admin Takeover CVE-2026-41940 Critical Click here

The Hacker News β€” 30/04/2026, 18:06:00

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials Click here

All CISA Advisories β€” 30/04/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-41940 Critical Click here

All CISA Advisories β€” 30/04/2026, 17:30:00

ABB Ability Symphony Plus Engineering CVE-2023-5869 Medium Click here

All CISA Advisories β€” 30/04/2026, 17:30:00

ABB PCM600 CVE-2018-1002208 Click here

All CISA Advisories β€” 30/04/2026, 17:30:00

ABB System 800xA, Symphony Plus IEC 61850 CVE-2025-3756 Click here

All CISA Advisories β€” 30/04/2026, 17:30:00

ABB Edgenius Management Portal CVE-2025-10571 Click here

All CISA Advisories β€” 30/04/2026, 17:30:00

ABB Ability OPTIMAX CVE-2025-14510 Click here

All CISA Advisories β€” 30/04/2026, 17:30:00

ABB AWIN Gateways CVE-2025-13777 High Click here

The Hacker News β€” 30/04/2026, 14:54:00

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions CVE-2026-31431 Medium Click here

The Hacker News β€” 30/04/2026, 12:37:00

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution High Click here

darkreading β€” 30/04/2026, 01:02:42

AI Finds 38 Security Flaws in Electronic Health Record Platform High Click here

The Hacker News β€” 29/04/2026, 21:56:00

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack Click here

darkreading β€” 29/04/2026, 20:53:53

Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error High Click here

The Hacker News β€” 29/04/2026, 20:13:00

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs Click here

Cyble β€” 29/04/2026, 18:43:05

How Cyble Blaze AI Turns Billions of Threat Signals into Actionable Intelligence Click here

darkreading β€” 29/04/2026, 18:30:00

Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities Click here

The Hacker News β€” 29/04/2026, 17:32:00

Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks Click here

All CISA Advisories β€” 29/04/2026, 17:30:00

Adapting Zero Trust Principles to Operational Technology Click here

The Hacker News β€” 29/04/2026, 15:07:00

Critical cPanel Authentication Vulnerability Identified β€” Update Your Server Immediately Click here

The Hacker News β€” 29/04/2026, 14:16:00

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV CVE-2024-1708 Critical Click here

The Hacker News β€” 29/04/2026, 11:04:00

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure CVE-2026-42208 Critical Click here

darkreading β€” 29/04/2026, 03:08:39

BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures Click here

darkreading β€” 29/04/2026, 02:08:59

NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later Click here

darkreading β€” 29/04/2026, 01:43:30

Feuding Ransomware Groups Leak Each Other's Data High Click here

darkreading β€” 29/04/2026, 00:37:16

Vidar Rises to Top of Chaotic Infostealer Market Click here

The Hacker News β€” 28/04/2026, 23:49:00

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push CVE-2026-3854 High Click here

The Hacker News β€” 28/04/2026, 23:09:00

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign Click here

darkreading β€” 28/04/2026, 20:29:24

Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain Click here

The Hacker News β€” 28/04/2026, 19:31:00

VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi High Click here

Check Point Research β€” 28/04/2026, 18:33:01

VECT: Ransomware by design, Wiper by accident Critical Click here

All CISA Advisories β€” 28/04/2026, 17:30:00

NSA GRASSMARLIN CVE-2026-6807 Click here

All CISA Advisories β€” 28/04/2026, 17:30:00

CISA Adds Two Known Exploited Vulnerabilities to Catalog CVE-2024-1708 Critical Click here

The Hacker News β€” 28/04/2026, 16:48:00

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE CVE-2026-25874 High Click here

Cyble β€” 28/04/2026, 16:12:53

ANZ Organizations Are in the Ransomware Crosshairsβ€” What the Dark Web Is Telling Us High Click here

Blog β€” 28/04/2026, 12:30:00

CrowdStrike Expands ChatGPT Enterprise Integration with Enhanced Audit Logging and Activity Monitoring Click here

darkreading β€” 28/04/2026, 01:42:34

UNC6692 Combines Social Engineering, Malware, Cloud Abuse Click here

darkreading β€” 27/04/2026, 21:01:41

Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation Medium Click here

Cyble β€” 27/04/2026, 19:18:20

Why U.S. Critical Infrastructure Is the Highest-Value Target in the Global Cyber War High Click here

darkreading β€” 27/04/2026, 18:39:54

20-Year-Old Malware Rewrites History of Cyber Sabotage Click here

Check Point Research β€” 27/04/2026, 17:37:53

27th April – Threat Intelligence Report CVE-2025-55182 High Click here

darkreading β€” 25/04/2026, 04:04:13

Helping Romance Scam Victims Requires a Proactive, Empathic Approach Click here

darkreading β€” 24/04/2026, 20:34:29

Glasswing Secured the Code. The Rest of Your Stack Is Still on You Click here

darkreading β€” 24/04/2026, 19:00:00

AI Phishing Is No. 1 With a Bullet for Cyberattackers Click here

All CISA Advisories β€” 24/04/2026, 17:30:00

CISA Adds Four Known Exploited Vulnerabilities to Catalog CVE-2024-7399 Critical Click here

Cyble β€” 24/04/2026, 08:07:38

The Week in Vulnerabilities: SharePoint, Fortinet, OpenClaw, and GPL Odorizers CVE-2026-32201 Critical Click here

darkreading β€” 24/04/2026, 06:30:00

Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia Click here

darkreading β€” 24/04/2026, 06:30:00

Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets Click here

SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms. β€” 24/04/2026, 03:30:45

fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet Click here

darkreading β€” 24/04/2026, 02:22:24

China-Backed Hackers Are Industrializing Botnets Click here

Threats - Cisco Talos Blog β€” 23/04/2026, 20:40:57

UAT-4356's Targeting of Cisco Firepower Devices CVE-2025-20333 Click here

SOC Prime β€” 23/04/2026, 19:31:11

CVE-2026-28950: Apple Fixes iOS Flaw That Retained Deleted Notification Data CVE-2026-28950 Critical Click here

Cyble β€” 23/04/2026, 18:23:03

Why AI Cybersecurity Is No Longer Optional for Australian Organizations: Moving from Reactive to Predictive Defense High Click here

All CISA Advisories β€” 23/04/2026, 17:30:00

SpiceJet Online Booking System CVE-2026-6375 High Click here

All CISA Advisories β€” 23/04/2026, 17:30:00

Yadea T5 Electric Bicycle CVE-2025-70994 Click here

All CISA Advisories β€” 23/04/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-39987 Critical Click here

All CISA Advisories β€” 23/04/2026, 17:30:00

Intrado 911 Emergency Gateway (EGW) CVE-2026-6074 Click here

All CISA Advisories β€” 23/04/2026, 17:30:00

Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera CVE-2025-65856 High Click here

All CISA Advisories β€” 23/04/2026, 17:30:00

Carlson Software VASCO-B GNSS Receiver CVE-2026-3893 Click here

SOC Prime β€” 23/04/2026, 16:25:43

CVE-2026-40372: Critical ASP.NET Core Flaw May Let Attackers Gain SYSTEM Privileges CVE-2026-40372 Critical Click here

Unit 42 β€” 23/04/2026, 15:30:31

Can AI Attack the Cloud? Lessons From Building an Autonomous Cloud Offensive Multi-Agent System Click here

darkreading β€” 23/04/2026, 15:30:00

'Zealot' Shows What AI's Capable of in Staged Cloud Attack Click here

darkreading β€” 23/04/2026, 12:31:00

Africa Relinquishes Cyberattack Lead to Latin America β€” For Now Click here

SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms. β€” 23/04/2026, 03:30:15

LABScon25 Replay | Are Your Chinese Cameras Spying For You Or On You? Click here

darkreading β€” 23/04/2026, 02:21:55

'The Gentlemen' Rapidly Rises to Ransomware Prominence High Click here

Cybersecurity Blog - Nextron Systems β€” 22/04/2026, 20:45:41

Nextron Systems Supports Locked Shields Cyber Defence Exercise Click here

↑