Archive
All articles, newest first. Page 18.
Why an Active Directory Password Reset Isn't Enough to Evict an Attacker
A simple Active Directory password reset often fails to eliminate persistence. Valid Kerberos tickets, local hash caching, and ACL-bas…
Google Detects First AI-Weaponized Zero-Day Bypassing 2FA
A May 11, 2026, report from Google’s Threat Intelligence Group reveals a milestone in offensive AI: an exploit targeting an authorizat…
Google Report: Enterprise Tech Hit by Record 48% of Zero-Day Exploits in 2025
Google’s GTIG report tracks 90 zero-days exploited in 2025, revealing a strategic pivot toward enterprise infrastructure. Chinese APT…
MetInfo CMS Under RCE Attack: Critical Vulnerability CVE-2026-29014 Actively Exploited
Threat actors are weaponizing CVE-2026-29014, an unauthenticated RCE vulnerability (CVSS 9.8) in MetInfo CMS. Activity spiked on May 1…
CVE-2026-3854: Critical RCE Vulnerability in GitHub Triggered via Single ‘git push’
A specifically crafted git push command can execute remote code on GitHub.com and GitHub Enterprise Server. While the cloud environmen…
Bleeding Llama: Critical Ollama Vulnerability Exposes Secrets on 300,000 AI Servers
Cyera researchers have disclosed CVE-2026-7482, a critical memory leak in the Ollama framework. A malformed GGUF file allows unauthent…
Weaponized OAuth: Government and Public Sector Targeted in Malicious Redirection Campaign
Microsoft researchers have identified active campaigns abusing OAuth redirection to steer government and public sector entities toward…
Critical Apache HTTP/2 Double-Free Flaw Enables RCE and Unauthenticated DoS
CVE-2026-23918 in Apache 2.4.66 allows for unauthenticated Denial-of-Service via a single TCP connection and potential RCE on Debian a…
Weaver E-cology 10.0 N-Day RCE: Unauthenticated Exploitation via Debug API (CVE-2026-22679)
CVE-2026-22679 enables unauthenticated RCE in Weaver E-cology 10.0 via the Dubbo debug endpoint. In-the-wild attacks began March 17, 2…
Weaver E-cology Under Attack: Critical RCE Exploited via Debug Endpoint
CVE-2026-22679 in Weaver E-cology allows unauthenticated RCE via an exposed debug API. With active exploitation documented since March…
One Million AI Services Exposed Online: Massive Risks from Misconfigurations and Hardcoded Credentials
A security scan of over 2 million hosts has uncovered 1 million exposed AI services, many of which lack basic authentication or featur…
NVIDIA Confirms GeForce NOW Data Breach via Armenian Partner
NVIDIA has confirmed that a regional partner in the GeForce NOW Alliance suffered a breach exposing user personal data. While central…
cPanel Issues Critical Patches as Zero-Day Exploitation Targets WHM with Mirai and Ransomware
cPanel has released security updates for three new WHM vulnerabilities while confirming that a critical authentication bypass (CVE-202…
Trellix Confirms Source Code Breach as RansomHouse Claims Attack on Internal Infrastructure
Cybersecurity giant Trellix has confirmed unauthorized access to its source code repository following an extortion claim by RansomHous…
Zara Data Breach: 197,000 Emails Exposed via Compromised Anodot Tokens
Threat actor ShinyHunters has published a 140 GB Zara dataset allegedly obtained via compromised Anodot authentication tokens. Have I…
TCLBanker Weaponizes WhatsApp and Outlook to Target 59 Financial Platforms
TCLBanker targets 59 financial institutions—spanning banks, fintech, and crypto—using autonomous worm modules to propagate through Wha…
ShinyHunters Defaces Canvas LMS, Threatening Leak of 275 Million Records
The ShinyHunters group hijacked the Canvas login page on May 7, 2026, threatening to leak data from 275 million users and causing wide…
Ivanti EPMM Zero-Days Under Attack: CISA Mandates Unprecedented 3-Day Patch Deadline
Two unauthenticated RCE zero-days in Ivanti Endpoint Manager Mobile (EPMM) have prompted CISA to issue a rare 72-hour remediation mand…
Critical GitHub RCE: Single Git Push Triggers Backend Code Execution
CVE-2026-3854 allows RCE on GitHub.com and GHES via a single git push. The discovery, facilitated by AI-assisted reverse engineering o…
CVE-2026-31431: CISA Mandates Container Patch — Actively Exploited in the Wild
CISA has confirmed active exploitation of CVE-2026-31431, a critical Linux kernel vulnerability dubbed "Copy Fail." With a 732-byte Po…
Critical Palo Alto Zero-Day Grants Root RCE; Patches Delayed Until May 13
CVE-2026-0300 enables unauthenticated root RCE on Palo Alto firewalls. While CISA has ordered federal agencies to apply mitigations wi…
DAEMON Tools Supply Chain Attack: Official Installers Trojanized Since April
Signed installers for DAEMON Tools Lite were caught distributing multi-stage malware for nearly a month. While thousands were infected…
MuddyWater Mimics Chaos Ransomware to Conceal Targeted Espionage Operations
A Rapid7 investigation reveals that Iranian threat actor MuddyWater impersonated a Chaos ransomware affiliate in early 2026 to mask es…
BRICKSTORM: CISA and NSA Alert on Evolving Rust Backdoor Targeting vSphere
Cybersecurity agencies have updated their Malware Analysis Report for BRICKSTORM, a sophisticated ELF backdoor targeting VMware vSpher…