Latest Cybersecurity News and Articles
08 May 2026
A system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals.
The post Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom appeared first on SecurityWeek.
08 May 2026
The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and low-severity, across live enterprise environments.
The dataset behind these findings includes 10 million monitored
08 May 2026
Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that's being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called "darkworm."
The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination.
08 May 2026
The malware framework targets web applications and cloud environments, including AWS, Docker, Kubernetes, and more.
The post ‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials appeared first on SecurityWeek.
08 May 2026
RansomHouse has published several screenshots to demonstrate access to internal Trellix services.
The post Ransomware Group Takes Credit for Trellix Hack appeared first on SecurityWeek.
08 May 2026
Lax extension permissions and improper trust implementation allow attackers to inject prompts in the Claude Chrome extension.
The post Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover appeared first on SecurityWeek.
08 May 2026
CVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code.
The post Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.
08 May 2026
Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel.
Dubbed Dirty Frag, it has been described as a successor to Copy Fail (CVE-2026-31431, CVSS score: 7.8), a recently disclosed LPE flaw impacting the Linux kernel that has since come under active exploitation in the wild. The vulnerability was reported to Linux kernel maintainers
07 May 2026
An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service's login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions.
07 May 2026
Musk said that he could have founded OpenAI as a for-profit company, just like the other companies he started or took over. “I deliberately chose this,” he said, “for the public good.”
The post Worries About AI’s Risks to Humanity Loom Over the Trial Pitting Musk Against OpenAI’s Leaders appeared first on SecurityWeek.
07 May 2026
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.
The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1.
It allows "a remotely authenticated user with administrative access to achieve remote code
07 May 2026
Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments.
"The toolset harvests credentials from cloud, container, developer, productivity, and financial services, then exfiltrates the data through attacker-controlled infrastructure while attempting
07 May 2026
The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was.
The post Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking appeared first on SecurityWeek.
07 May 2026
The company is expanding its platform’s capabilities with the acquisition of SecureIQx and Korbit.ai.
The post Boost Security Raises $4 Million for SDLC Defense Platform appeared first on SecurityWeek.
07 May 2026
Mitiga researchers say attackers can silently redirect Claude Code MCP traffic, intercept OAuth tokens, and maintain persistent access to connected SaaS platforms.
The post Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking appeared first on SecurityWeek.
07 May 2026
The fresh browser update resolves critical-severity integer overflow and use-after-free vulnerabilities.
The post Chrome 148 Rolls Out With 127 Security Fixes appeared first on SecurityWeek.
07 May 2026
The hardest part of cybersecurity isn't the technology, it’s the people.
Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one "Patient Zero" infection.
In 2026, hackers are using AI to make these "first clicks" nearly impossible to spot. If a single laptop gets compromised on your watch, do you have a plan to stop it from taking down
07 May 2026
Cisco’s AI security researchers have analyzed ways to target vision-language models (VLMs) using pixel-level perturbation.
The post Attackers Could Exploit AI Vision Models Using Imperceptible Image Changes appeared first on SecurityWeek.
07 May 2026
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026.
The vulnerability in question is CVE-2026-0300 (CVSS score: 9.3/8.7), a buffer overflow vulnerability in the User-ID Authentication Portal service of Palo Alto Networks PAN-OS software that could allow an unauthenticated attacker
07 May 2026
The software developer has identified the impacted systems, removed potentially compromised files, and validated installation packages.
The post Vendor Says Daemon Tools Supply Chain Attack Contained appeared first on SecurityWeek.