Cybersecurity News from Across the Internet
Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild. The vulnerability, tracked as CVE-2026-0300, has been described as a case of unauthenticated remote code execution. It carries a CVSS score of 9.3 if the User-ID Authentication Portal is configured to … Read More “Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution – The Hacker News” »
DataDome researchers uncovered a massive low and slow DDoS attack that delivered 2.45 billion requests using 1.2 million IP addresses. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The Cybersecurity and Infrastructure Security Agency is urging critical infrastructure owners and operators to plan for delivering essential services under emergency conditions – potentially for months at a time. The federal government’s top cybersecurity agency warned that state-sponsored hackers, particularly two Chinese groups known as Salt Typhoon and Volt Typhoon, continue to threaten critical sectors … Read More “CISA wants critical infrastructure to operate ‘weeks to months’ in isolation during conflict – CyberScoop” »
The Cybersecurity and Infrastructure Security Agency has gotten “by far” the biggest gains from artificial intelligence automation in its security operations unit to help analysts sift through threats, but it’s also proven valuable elsewhere within the agency, CISA officials said Tuesday. It’s “really allowing those analysts to do triage very fast, so they focus on … Read More “CISA boasts AI automation improvements to threat analysis, mission support – CyberScoop” »
The Cybersecurity and Infrastructure Security Agency has gotten “by far” the biggest gains from artificial intelligence automation in its security operations unit to help analysts sift through threats, but it’s also proven valuable elsewhere within the agency, CISA officials said Tuesday. It’s “really allowing those analysts to do triage very fast, so they focus on … Read More “CISA boasts AI automation improvements to threat analysis, mission support – CyberScoop” »
A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. “These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital certificates belonging to DAEMON Tools developers,” Kaspersky researchers Igor Kuznetsov, Georgy Kucherin, Leonid – Read … Read More “DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware – The Hacker News” »
The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote code execution (RCE). The vulnerability, tracked as CVE-2026-23918 (CVSS score: 8.8), has been described as a case of “double free and possible RCE” in the HTTP/2 protocol … Read More “Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE – The Hacker News” »
A federal judge sentenced a Latvian national to 102 months in prison for his involvement in a series of ransomware attacks for more than two years prior to his arrest in 2023, the Justice Department said Monday. Deniss Zolotarjovs, a resident of Moscow at the time, helped an organization led by former leaders of the … Read More “Latvian national sentenced for ransomware attacks run by former Conti leaders – CyberScoop” »
A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. The activity is being tracked by Cisco Talos under the moniker UAT-8302, with post-exploitation involving the deployment of custom-made malware families that have … Read More “China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions – The Hacker News” »
Cambridge, MA, 5th May 2026, CyberNewswire – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new findings from VulnCheck. The vulnerability in question is CVE-2026-29014 (CVSS score: 9.8), a code injection flaw that could result in arbitrary code execution. “MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated … Read More “MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks – The Hacker News” »
Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with no expiration date, no automatic cleanup, and in most organizations, no one watching it. Your perimeter controls don’t see it. Your MFA doesn’t stop it. And when an attacker gets … Read More “The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed – The Hacker News” »
An anti-ICE website, GTFO ICE, linked to Miles Taylor, is accused of exposing the personal details of 17,662 activists, sparking concerns that the data may have reached government agencies. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A massive fraud network called FEMITBOT uses Telegram Mini Apps and fake brand names like Apple, Disney, and… – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace of AI adoption is putting that progress at risk. Businesses are moving fast to self-host LLM infrastructure, drawn by the promise of AI as a force multiplier and the pressure to deliver more value faster. … Read More “We Scanned 1 Million Exposed AI Services. Here’s How Bad the Security Actually Is – The Hacker News” »
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China. While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to … Read More “ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows – The Hacker News” »
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens. The multi-stage campaign, observed between April 14 and 16, 2026, targeted more than 35,000 users across over 13,000 organizations in 26 … Read More “Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries – The Hacker News” »
A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under active exploitation in the wild. The vulnerability (CVE-2026-22679, CVSS score: 9.8) relates to a case of unauthenticated remote code execution affecting Weaver E-cology 10.0 versions prior to 20260312. The issue resides in the “/papi/esearch/data/devops/ – Read … Read More “Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API – The Hacker News” »
Attackers are actively exploiting a Linux vulnerability in the wild, and researchers warn that the fallout could be broad — anyone with authenticated local access can leverage it to gain total control of a system. But the story behind CVE-2026-31431 is almost as interesting as the bug itself. Theori, the company that discovered the bug, … Read More “‘Copy Fail’ is a real Linux security crisis wrapped in AI slop – CyberScoop” »
An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate Remote Monitoring and Management (RMM) software as a way to establish persistent remote access to compromised hosts. The activity, codenamed VENOMOUS#HELPER, has impacted over 80 organizations, most of which are in the U.S., according to Securonix. It shares … Read More “Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools – The Hacker News” »
Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule and automate file movement workflows in enterprise environments without requiring any custom scripts. The – … Read More “Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass – The Hacker News” »
This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted … Read More “⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More – The Hacker News” »
Researchers revealed 20-year-old PostgreSQL flaws at Wiz ZeroDay.Cloud event, exposing critical bugs in pgcrypto and prompting urgent patches for database security. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A 19-year-old woman is suing the makers of a dating app, alleging they took a video she posted online, repurposed it without her consent into an advertisement for the app, then used geofencing to target that ad to people in her area. According to the lawsuit filed Apr. 28 in Tennessee and an interview with … Read More “A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory – CyberScoop” »
Secure Browsers boost safety with tracking blocks, fingerprint protection, session control, and real-time threat defense against modern web attacks. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Secure philanthropy needs hardened payments, API security, and compliance controls to protect global donations from fraud and attacks. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Here’s a tip for you all. Unless you want to draw attention to yourself as a cybercriminal, don’t flaunt your diamond-encrusted “HACK THE PLANET” necklace on Snapchat, or pose as a Sopranos crime boss while the FBI is reportedly closing in. Read more in my article on the Hot for Security blog. – Read More … Read More “Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition – GRAHAM CLULEY” »
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor. The activity involved using phishing emails that mimic correspondence from the Income Tax Department of India in December 2025, followed by a similar campaign aimed at Russian entities. … Read More “Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia – The Hacker News” »
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan’s largest internet cafe chain. When asked, the young man shared his motivation for the hack: he wanted to … Read More “2026: The Year of AI-Assisted Attacks – The Hacker News” »
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed vulnerability in cPanel. The activity, detected by Ctrl-Alt-Intel on May 2, 2026, … Read More “Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks – The Hacker News” »
Missile and drone attacks that took out cloud data centers in the Middle East underscored a critical vulnerability in the modern economy: reliance on digital infrastructure that sustains competitive advantage and operational continuity for corporations, nations, and militaries. The outages and downstream disruption were a preview of a new form of strategic and operational risk. … Read More “Why data centers now belong on the critical infrastructure list – CyberScoop” »
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam centers used for cryptocurrency investment fraud schemes targeting Americans, resulting in millions of dollars in losses. The crackdown was led by the Dubai Police, under the United Arab Emirates (UAE) Ministry of Interior, in partnership … Read More “Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M – The Hacker News” »
VECT 2.0 ransomware contains fatal flaws that permanently destroy files, making recovery impossible and rendering ransom payments useless for victims worldwide. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2026-31431 (CVSS score: 7.8), is a case of local privilege escalation (LPE) flaw that could allow … Read More “CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV – The Hacker News” »
Scammers are abusing Google AppSheet and Google Drive to bypass security filters and steal thousands of Facebook Business accounts globally. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a “portion” of its source code. It said it “recently identified” the compromise of its source code repository and that it began working with “leading forensic experts” to resolve the matter immediately. It also said it has notified law enforcement … Read More “Trellix Confirms Source Code Breach With Unauthorized Repository Access – The Hacker News” »
SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A new campaign shows misconfigured Jenkins servers abused to deploy a DDoS botnet targeting gaming systems, with Valve Corporation infrastructure in focus. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a “phishing relay” to distribute phishing emails with an aim to compromise Facebook accounts. The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen accounts back through an illicit storefront run by the threat actors. In all, roughly … Read More “30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign – The Hacker News” »
Cybersecurity agencies from the United States, Australia, Canada, New Zealand and the United Kingdom jointly published guidance Friday urging organizations to treat autonomous artificial intelligence systems as a core cybersecurity concern, warning that the technology is already being deployed in critical infrastructure and defense sectors with insufficient safeguards. The guidance focuses on agentic AI — … Read More “US government, allies publish guidance on how to safely deploy AI agents – CyberScoop” »
Torrance, United States / California, 1st May 2026, CyberNewswire – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO. Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to – … Read More “China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists – The Hacker News” »
Cybersecurity researchers are warning of two cybercrime groups that are carrying out “rapid, high-impact attacks” operating almost within the confines of SaaS environments, while leaving minimal traces of their actions. The clusters, Cordial Spider (aka BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) and Snarky Spider (aka O-UNC-025 and UNC6661), have been attributed to high-speed data theft and … Read More “Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks – The Hacker News” »
The U.S. Department of Justice (DoJ) on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accused of deploying the ransomware against multiple victims located throughout the U.S. … Read More “Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks – The Hacker News” »
The managed security services market is projected to grow from $38.31 billion in 2025 to $69.16 billion by 2030[1], with cybersecurity being the fastest-growing sector[2]. Despite this opportunity, many MSPs leave revenue on the table because their go-to-market strategy fails to connect technical expertise with business needs. This execution gap is where most deals stall. … Read More “Top Five Sales Challenges Costing MSPs Cybersecurity Revenue – The Hacker News” »
A critical cPanel vulnerability lets attackers bypass login and gain root access, with active exploitation reported before patches were released. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence. The activity has been attributed to the GitHub account “BufferZoneCorp,” which has published a set of repositories that are associated with malicious Ruby gems … Read More “Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft – The Hacker News” »
Compare top diagram software in 2026 and see why Wondershare EdrawMax can be a practical choice for fast, template rich, AI supported diagramming. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Two former cybersecurity professionals who moonlighted as cybercriminals, committing a series of ransomware attacks in 2023, were each sentenced to four years in prison, the Justice Department said Thursday. Ryan Clifford Goldberg and Kevin Tyler Martin previously pleaded guilty to one of three charges brought against them in December and faced up to 20 years … Read More “Former incident responders sentenced to 4 years in prison for committing ransomware attacks – CyberScoop” »
