List cybersec
The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"The Hacker News launches 'Cybersecurity Stars Awards 2026' to recognize cybersecurity leaders and achi..
1:10 pm, May 6, 2026 Cybersecurity
Webinar: Why network incidents escalate and how to fix response gaps
Most network incidents don't escalate due to a lack of alerts; they escalate when response breaks down. This webinar explores how to fix gaps in triage, enrichment, and coordination. [...]
1:10 pm, May 6, 2026 Cybersecurity
MuddyWater hackers use Chaos ransomware as a decoy in attacks
The MuddyWater Iranian hackers disguised their operations as a Chaos ransomware attack, relying on Microsoft Teams social engineering to gain access and establish persistence. [...]
1:10 pm, May 6, 2026 Cybersecurity
Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
{ "priority": "HIGH", "cve": "N/A", "target": "Windows Phone Link", "threat_actor": "CloudZ RAT", "patch_ready": false, "insight": "CloudZ RAT and Pheno plugin used to steal credentials an..
10:10 am, May 6, 2026 Cybersecurity
Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
{ "priority": "INFO", "cve": "N/A", "target": "Google Android Apps", "threat_actor": "N/A", "patch_ready": false, "insight": "Google introduces Binary Transparency for Android to prevent s..
10:10 am, May 6, 2026 Cybersecurity
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. [...]
10:10 am, May 6, 2026 Cybersecurity
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
{ "priority": "CRITICAL", "cve": "CVE-2026-0300", "target": "Palo Alto PAN-OS", "threat_actor": "N/A", "patch_ready": false, "insight": "A critical buffer overflow vulnerability in Palo Al..
8:10 am, May 6, 2026 Cybersecurity
ISC Stormcast For Wednesday, May 6th, 2026 https://isc.sans.edu/podcastdetail/9920, (Wed, May 6th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast details for Wednesday, May 6th, 2026." }
2:10 am, May 6, 2026 Cybersecurity
Instructure hacker claims data theft from 8,800 schools, universities
{ "priority": "HIGH", "cve": "N/A", "target": "Instructure", "threat_actor": "Instructure hacker", "patch_ready": false, "insight": "A hacker claims to have stolen 280 million data records..
10:10 pm, May 5, 2026 Cybersecurity
New stealthy Quasar Linux malware targets software developers
{ "priority": "HIGH", "cve": "N/A", "target": "Linux", "threat_actor": "N/A", "patch_ready": false, "insight": "New Quasar Linux malware targets software developers with rootkit, backdoor,..
10:10 pm, May 5, 2026 Cybersecurity
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. [...]
8:10 pm, May 5, 2026 Cybersecurity
The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how End-of-Life (EOL) software can create blind spots in..
7:10 pm, May 5, 2026 Cybersecurity
Student hacked Taiwan high-speed rail to trigger emergency brakes
{"priority":"CRITICAL","cve":"N/A","target":"Taiwan High-Speed Rail (THSR) TETRA communication system","threat_actor":"Individual hacker","patch_ready":false,"insight":"A university student hacked int..
6:10 pm, May 5, 2026 Cybersecurity
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
{ "priority": "HIGH", "cve": "N/A", "target": "DAEMON Tools", "threat_actor": "N/A", "patch_ready": false, "insight": "A supply chain attack on DAEMON Tools compromises official installers..
5:10 pm, May 5, 2026 Cybersecurity
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
{ "priority": "CRITICAL", "cve": "CVE-2026-23918", "target": "Apache HTTP Server", "threat_actor": "N/A", "patch_ready": true, "insight": "Apache HTTP/2 flaw CVE-2026-23918 enables DoS and..
5:10 pm, May 5, 2026 Cybersecurity
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
{ "priority": "HIGH", "cve": "N/A", "target": "Government entities", "threat_actor": "UAT-8302", "patch_ready": false, "insight": "China-linked APT group UAT-8302 targets government entiti..
4:10 pm, May 5, 2026 Cybersecurity
FTC to ban data broker Kochava from selling Americans’ location data
{ "priority": "INFO", "cve": "N/A", "target": "Kochava", "threat_actor": "N/A", "patch_ready": false, "insight": "The FTC will ban Kochava from selling location data without consumers' exp..
3:10 pm, May 5, 2026 Cybersecurity
The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how End-of-Life (EOL) software can create blind spots in CVE feeds an..
2:10 pm, May 5, 2026 Cybersecurity
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
{ "priority": "CRITICAL", "cve": "CVE-2026-29014", "target": "MetInfo CMS", "threat_actor": "N/A", "patch_ready": false, "insight": "CVE-2026-29014 in MetInfo CMS is being exploited for re..
1:10 pm, May 5, 2026 Cybersecurity
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
{ "priority": "HIGH", "cve": "N/A", "target": "Google, Microsoft", "threat_actor": "N/A", "patch_ready": false, "insight": "OAuth tokens with no expiration date left behind by AI tools and..
1:10 pm, May 5, 2026 Cybersecurity
Vimeo data breach exposes personal information of 119,000 people
{ "priority": "HIGH", "cve": "N/A", "target": "Vimeo", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "ShinyHunters extortion gang stole personal info of 119,000 people f..
1:10 pm, May 5, 2026 Cybersecurity
Google now offers up to $1.5 million for some Android exploits
{ "priority": "INFO", "cve": "N/A", "target": "Google Android", "threat_actor": "N/A", "patch_ready": false, "insight": "Google updates its vulnerability rewards program for Android and Ch..
12:10 pm, May 5, 2026 Cybersecurity
Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th)
{"priority":"INFO","cve":"N/A","target":"MS Edge","threat_actor":"N/A","patch_ready":false,"insight":"Possible security concern with cleartext passwords in MS Edge in 2026"}
12:10 pm, May 5, 2026 Cybersecurity
SSL.com rotates their root certificate today, (Tue, May 5th)
{ "priority": "INFO", "cve": "N/A", "target": "SSL.com", "threat_actor": "N/A", "patch_ready": false, "insight": "SSL.com is rotating their root certificate on May 5, 2026, as part of norm..
12:10 pm, May 5, 2026 Cybersecurity
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
{"priority":"LOW","cve":"N/A","target":"N/A","threat_actor":"Karakurt","patch_ready":false,"insight":"A Latvian national was sentenced to 8.5 years in prison for their role as a cold case negotiator i..
11:10 am, May 5, 2026 Cybersecurity
We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The rapid adoption of AI services is putting progress in software security at ..
11:10 am, May 5, 2026 Cybersecurity
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
{ "priority": "HIGH", "cve": "N/A", "target": "Android and Windows", "threat_actor": "ScarCruft", "patch_ready": false, "insight": "ScarCruft compromises a video game platform to deploy Bi..
10:10 am, May 5, 2026 Cybersecurity
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Phone Link", "threat_actor": "CloudZ", "patch_ready": false, "insight": "CloudZ malware uses a new plugin to hijack Microsoft Phone..
10:10 am, May 5, 2026 Cybersecurity
ScarCruft hackers push BirdCall Android malware via game platform
{ "priority": "HIGH", "cve": "N/A", "target": "Android", "threat_actor": "APT37", "patch_ready": false, "insight": "APT37 delivers BirdCall Android malware via a video game platform." }
9:10 am, May 5, 2026 Cybersecurity
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft disclosed a large-scale credential theft campaign targeting 35..
8:10 am, May 5, 2026 Cybersecurity
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
{ "priority": "CRITICAL", "cve": "CVE-2026-22679", "target": "Weaver E-cology", "threat_actor": "N/A", "patch_ready": true, "insight": "CVE-2026-22679 is an actively exploited RCE flaw in ..
8:10 am, May 5, 2026 Cybersecurity
ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast for May 5th, 2026, providing cybersecurity updates and a..
2:10 am, May 5, 2026 Cybersecurity
Weaver E-cology critical bug exploited in attacks since March
Hackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since mid-March to run discovery commands. [...]
11:10 pm, May 4, 2026 Cybersecurity
Amazon SES increasingly abused in phishing to evade detection
{ "priority": "HIGH", "cve": "N/A", "target": "Amazon SES", "threat_actor": "N/A", "patch_ready": false, "insight": "Amazon SES is being abused to send convincing phishing emails that evad..
8:10 pm, May 4, 2026 Cybersecurity
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate Remote Monitoring and Management (RMM) software as a way to establish persistent rem..
7:10 pm, May 4, 2026 Cybersecurity
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
{ "priority": "CRITICAL", "cve": "N/A", "target": "MOVEit Automation", "threat_actor": "N/A", "patch_ready": true, "insight": "Progress Software has released patches for a critical authent..
6:10 pm, May 4, 2026 Cybersecurity
TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03), (Mon, May 4th)
Summary
6:10 pm, May 4, 2026 Cybersecurity
Backdoored PyTorch Lightning package drops credential stealer
{ "priority": "CRITICAL", "cve": "N/A", "target": "PyTorch Lightning", "threat_actor": "N/A", "patch_ready": false, "insight": "A malicious PyTorch Lightning package on PyPI delivers a cre..
6:10 pm, May 4, 2026 Cybersecurity
Trellix discloses data breach after source code repository hack
Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. [...]
5:10 pm, May 4, 2026 Cybersecurity
⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Weekly recap of various cyber threats and vulnerabilities, including AI-powered phishing, A..
4:10 pm, May 4, 2026 Cybersecurity
DShield Honeypot Update, (Mon, May 4th)
{ "priority": "INFO", "cve": "N/A", "target": "DShield honeypot", "threat_actor": "N/A", "patch_ready": false, "insight": "The DShield honeypot is set to receive updates, including automat..
3:10 pm, May 4, 2026 Cybersecurity
They don’t hack, they borrow: How fraudsters target credit unions
{"priority":"MEDIUM","cve":"N/A","target":"credit unions","threat_actor":"fraudsters","patch_ready":false,"insight":"Fraudsters exploit normal business processes to target credit unions using structur..
2:10 pm, May 4, 2026 Cybersecurity
Webinar: Why MSPs must rethink security and backup strategies
Security breaches don't just test your defenses—they test your recovery. Join Kaseya in our upcoming webinar to learn how MSPs strengthen resilience with SaaS backups and BCDR to stay operational af..
1:10 pm, May 4, 2026 Cybersecurity
Progress warns of critical MOVEit Automation auth bypass flaw
{ "priority": "CRITICAL", "cve": "N/A", "target": "MOVEit Automation", "threat_actor": "N/A", "patch_ready": true, "insight": "Progress Software warned customers to patch a critical authen..
1:10 pm, May 4, 2026 Cybersecurity
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
{ "priority": "HIGH", "cve": "N/A", "target": "Linux", "threat_actor": "N/A", "patch_ready": false, "insight": "CISA warns that threat actors are exploiting the 'Copy Fail' Linux security ..
12:10 pm, May 4, 2026 Cybersecurity
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
{"priority":"HIGH","cve":"N/A","target":"Organizations in Russia and India","threat_actor":"Silver Fox","patch_ready":false,"insight":"Silver Fox deploys ABCDoor malware via tax-themed phishing in Ind..
12:10 pm, May 4, 2026 Cybersecurity
2026: The Year of AI-Assisted Attacks
{"priority":"LOW","cve":"N/A","target":"Kaikatsu Club","threat_actor":"N/A","patch_ready":false,"insight":"A 17-year-old was arrested for hacking Kaikatsu Club to extract 7 million users' personal dat..
12:10 pm, May 4, 2026 Cybersecurity
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers ..
11:10 am, May 4, 2026 Cybersecurity
Microsoft confirms April Windows updates cause backup failures
{ "priority": "MEDIUM", "cve": "N/A", "target": "Microsoft Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft confirms April Windows updates cause backup failures..
11:10 am, May 4, 2026 Cybersecurity
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "International operation arrests 276 suspects and shuts down 9 crypto scam cente..
7:10 am, May 4, 2026 Cybersecurity
AI Testing
