Latest Cybersecurity News and Articles
06 May 2026
The agency has issued guidance to help critical infrastructure operators prepare for cyberattacks by foreign threat actors.
The post CISA: Critical Infrastructure Must Master Isolation, Recovery appeared first on SecurityWeek.
06 May 2026
The persistent, evasive implant provides remote access, surveillance, and credential exfiltration capabilities.
The post Sophisticated Quasar Linux RAT Targets Software Developers appeared first on SecurityWeek.
06 May 2026
Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks.
"This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said.
The initiative builds upon the foundation of Pixel Binary Transparency, which Google introduced in October 2021
06 May 2026
Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote access tool (RAT) and a previous undocumented plugin dubbed Pheno with the aim of facilitating credential theft.
"According to the functionalities of the CloudZ RAT and Pheno plugin, this was with the intention of stealing victims' credentials and potentially one-time passwords (OTPs),"
06 May 2026
While trojanized Daemon Tools versions were installed worldwide, a sophisticated backdoor was dropped only on a dozen systems.
The post Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack appeared first on SecurityWeek.
06 May 2026
Containing fixes for critical-severity vulnerabilities, the monthly rollouts will focus on addressing priority issues faster.
The post Oracle Debuts Monthly Critical Security Patch Updates appeared first on SecurityWeek.
06 May 2026
Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild.
The vulnerability, tracked as CVE-2026-0300, has been described as a case of unauthenticated remote code execution. It carries a CVSS score of 9.3 if the User-ID Authentication Portal is configured to enable access from the internet or any
06 May 2026
CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls.
The post Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls appeared first on SecurityWeek.
05 May 2026
The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution (RCE).
The vulnerability, tracked as CVE-2026-23918 (CVSS score: 8.8), has been described as a case of "double free and possible RCE" in the HTTP/2 protocol handling. This issue
05 May 2026
A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky.
"These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital certificates belonging to DAEMON Tools developers," Kaspersky researchers Igor Kuznetsov, Georgy Kucherin, Leonid
05 May 2026
The malicious emails claim to contain a conduct report and lure victims to a Microsoft phishing website that leverages AitM.
The post Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations appeared first on SecurityWeek.
05 May 2026
A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025.
The activity is being tracked by Cisco Talos under the moniker UAT-8302, with post-exploitation involving the deployment of custom-made malware families that have been put
05 May 2026
AI red team specialist details his methods for manipulating AI guardrails through jailbreaking and data poisoning, helping developers harden machine learning models.
The post Hacker Conversations: Joey Melo on Hacking AI appeared first on SecurityWeek.
05 May 2026
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 5, 2026 – Watch the YouTube video SOC teams are overwhelmed by the volume of threat alerts they must manage. A Forrester analysis found that just three attack scenarios can trigger thousands of
The post QevlarAI: Moving SOC Teams From Reactive Mode To Proactive Defense appeared first on Cybercrime Magazine.
05 May 2026
Dubbed Bleeding Llama, the heap out-of-bounds read issue can be exploited remotely, without authentication.
The post Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft appeared first on SecurityWeek.
05 May 2026
CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction.
The post Critical Remote Code Execution Vulnerability Patched in Android appeared first on SecurityWeek.
05 May 2026
Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with no expiration date, no automatic cleanup, and in most organizations, no one watching it. Your perimeter controls don't see it. Your MFA doesn't stop it. And when an attacker gets hold of one, they don't need a password.
OAuth
05 May 2026
Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new findings from VulnCheck.
The vulnerability in question is CVE-2026-29014 (CVSS score: 9.8), a code injection flaw that could result in arbitrary code execution.
"MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code
05 May 2026
The most severe of these security defects could allow remote attackers to execute arbitrary code.
The post Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server appeared first on SecurityWeek.
05 May 2026
Deniss Zolotarjovs was directly involved in extortion strategies and in negotiations with victim companies.
The post Karakurt Ransomware Negotiator Sentenced to Prison appeared first on SecurityWeek.