Cybersecurity News from Across the Internet
Attackers are actively exploiting a Linux vulnerability in the wild, and researchers warn that the fallout could be broad — anyone with authenticated local access can leverage it to gain total control of a system. But the story behind CVE-2026-31431 is almost as interesting as the bug itself. Theori, the company that discovered the bug, … Read More “‘Copy Fail’ is a real Linux security crisis wrapped in AI slop – CyberScoop” »
An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate Remote Monitoring and Management (RMM) software as a way to establish persistent remote access to compromised hosts. The activity, codenamed VENOMOUS#HELPER, has impacted over 80 organizations, most of which are in the U.S., according to Securonix. It shares … Read More “Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools – The Hacker News” »
Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule and automate file movement workflows in enterprise environments without requiring any custom scripts. The – … Read More “Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass – The Hacker News” »
A vulnerability has been discovered in WHM, cPanel, and WP Squared that could allow for remote code execution. WHM, cPanel, and WP Squared are Linux-based web hosting control panels for server and website management. While WHM provides server-level control, cPanel provides administrator access to the website backend, webmail, and databases. Successful exploitation could allow unauthenticated … Read More “A Vulnerability in WHM cPanel and WP Squared Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted … Read More “⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More – The Hacker News” »
Researchers revealed 20-year-old PostgreSQL flaws at Wiz ZeroDay.Cloud event, exposing critical bugs in pgcrypto and prompting urgent patches for database security. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A 19-year-old woman is suing the makers of a dating app, alleging they took a video she posted online, repurposed it without her consent into an advertisement for the app, then used geofencing to target that ad to people in her area. According to the lawsuit filed Apr. 28 in Tennessee and an interview with … Read More “A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory – CyberScoop” »
Secure Browsers boost safety with tracking blocks, fingerprint protection, session control, and real-time threat defense against modern web attacks. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Secure philanthropy needs hardened payments, API security, and compliance controls to protect global donations from fraud and attacks. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Here’s a tip for you all. Unless you want to draw attention to yourself as a cybercriminal, don’t flaunt your diamond-encrusted “HACK THE PLANET” necklace on Snapchat, or pose as a Sopranos crime boss while the FBI is reportedly closing in. Read more in my article on the Hot for Security blog. – Read More … Read More “Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition – GRAHAM CLULEY” »
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor. The activity involved using phishing emails that mimic correspondence from the Income Tax Department of India in December 2025, followed by a similar campaign aimed at Russian entities. … Read More “Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia – The Hacker News” »
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan’s largest internet cafe chain. When asked, the young man shared his motivation for the hack: he wanted to … Read More “2026: The Year of AI-Assisted Attacks – The Hacker News” »
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed vulnerability in cPanel. The activity, detected by Ctrl-Alt-Intel on May 2, 2026, … Read More “Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks – The Hacker News” »
Missile and drone attacks that took out cloud data centers in the Middle East underscored a critical vulnerability in the modern economy: reliance on digital infrastructure that sustains competitive advantage and operational continuity for corporations, nations, and militaries. The outages and downstream disruption were a preview of a new form of strategic and operational risk. … Read More “Why data centers now belong on the critical infrastructure list – CyberScoop” »
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam centers used for cryptocurrency investment fraud schemes targeting Americans, resulting in millions of dollars in losses. The crackdown was led by the Dubai Police, under the United Arab Emirates (UAE) Ministry of Interior, in partnership … Read More “Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M – The Hacker News” »
VECT 2.0 ransomware contains fatal flaws that permanently destroy files, making recovery impossible and rendering ransom payments useless for victims worldwide. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2026-31431 (CVSS score: 7.8), is a case of local privilege escalation (LPE) flaw that could allow … Read More “CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV – The Hacker News” »
Scammers are abusing Google AppSheet and Google Drive to bypass security filters and steal thousands of Facebook Business accounts globally. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a “portion” of its source code. It said it “recently identified” the compromise of its source code repository and that it began working with “leading forensic experts” to resolve the matter immediately. It also said it has notified law enforcement … Read More “Trellix Confirms Source Code Breach With Unauthorized Repository Access – The Hacker News” »
SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A new campaign shows misconfigured Jenkins servers abused to deploy a DDoS botnet targeting gaming systems, with Valve Corporation infrastructure in focus. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a “phishing relay” to distribute phishing emails with an aim to compromise Facebook accounts. The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen accounts back through an illicit storefront run by the threat actors. In all, roughly … Read More “30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign – The Hacker News” »
Cybersecurity agencies from the United States, Australia, Canada, New Zealand and the United Kingdom jointly published guidance Friday urging organizations to treat autonomous artificial intelligence systems as a core cybersecurity concern, warning that the technology is already being deployed in critical infrastructure and defense sectors with insufficient safeguards. The guidance focuses on agentic AI — … Read More “US government, allies publish guidance on how to safely deploy AI agents – CyberScoop” »
Torrance, United States / California, 1st May 2026, CyberNewswire – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO. Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to – … Read More “China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists – The Hacker News” »
Cybersecurity researchers are warning of two cybercrime groups that are carrying out “rapid, high-impact attacks” operating almost within the confines of SaaS environments, while leaving minimal traces of their actions. The clusters, Cordial Spider (aka BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) and Snarky Spider (aka O-UNC-025 and UNC6661), have been attributed to high-speed data theft and … Read More “Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks – The Hacker News” »
Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required – Read More –
The U.S. Department of Justice (DoJ) on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accused of deploying the ransomware against multiple victims located throughout the U.S. … Read More “Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks – The Hacker News” »
The managed security services market is projected to grow from $38.31 billion in 2025 to $69.16 billion by 2030[1], with cybersecurity being the fastest-growing sector[2]. Despite this opportunity, many MSPs leave revenue on the table because their go-to-market strategy fails to connect technical expertise with business needs. This execution gap is where most deals stall. … Read More “Top Five Sales Challenges Costing MSPs Cybersecurity Revenue – The Hacker News” »
A critical cPanel vulnerability lets attackers bypass login and gain root access, with active exploitation reported before patches were released. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A researcher from offensive security firm Theori has found a nine-year-old flaw in the Linux kernel with the help of AI – Read More –
The cybersecurity workers used their knowledge and skills to conduct ransomware attacks for notorious gang, rather than protect victims against them – Read More –
A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence. The activity has been attributed to the GitHub account “BufferZoneCorp,” which has published a set of repositories that are associated with malicious Ruby gems … Read More “Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft – The Hacker News” »
Organisations must act now to prepare for a wave of patches that will address decades of technical debt. – Read More – All Feed
Compare top diagram software in 2026 and see why Wondershare EdrawMax can be a practical choice for fast, template rich, AI supported diagramming. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Two former cybersecurity professionals who moonlighted as cybercriminals, committing a series of ransomware attacks in 2023, were each sentenced to four years in prison, the Justice Department said Thursday. Ryan Clifford Goldberg and Kevin Tyler Martin previously pleaded guilty to one of three charges brought against them in December and faced up to 20 years … Read More “Former incident responders sentenced to 4 years in prison for committing ransomware attacks – CyberScoop” »
A severe authentication bypass vulnerability in cPanel, one of the most widely deployed web hosting control panel platforms on the internet, is being actively exploited in the wild, according to security researchers and hosting providers. The vulnerability, tracked as CVE-2026-41940, affects all supported versions of cPanel and WebHost Manager (WHM) released after version 11.40, as … Read More “cPanel’s authentication bypass bug is being exploited in the wild, CISA warns – CyberScoop” »
Congress extended a controversial surveillance law for 45 days on Thursday, hours before its latest expiration following an earlier extension. The Senate passed — then the House cleared — a 45-day extension of Section 702 of the Foreign Intelligence Surveillance Act, which authorizes warrantless surveillance of foreign targets. But those targets are sometimes communicating electronically … Read More “Congress kicks the can down the road on surveillance law (again) – CyberScoop” »
Private chats and photos of celebrities and influencers were exposed after a suspected stalkerware setup left a database open, revealing sensitive messages and files. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The Federal Communications Commission approved new regulations Wednesday designed to crack down on robocalling, protect telecommunications networks from cyberattacks and further vet equipment-testing labs based overseas. Commissioners unanimously passed a measure to strengthen telecom companies’ “Know Your Customer” requirements for verifying callers’ identities. Among the potential solutions being considered are requiring telecoms to verify a … Read More “FCC tightens KYC rules for telecoms, closes loophole for banned foreign services – CyberScoop” »
A misconfigured server linked to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an AI coding error caused a major security flaw. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is … Read More “PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials – The Hacker News” »
As more businesses relocate their operations to the cloud, one important decision arises: should you choose managed or… – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Suspects accused of distributing malware and selling access to stolen Roblox accounts on Russian marketplaces – Read More –
A pair of persistent and problematic threat groups affiliated with The Com are actively targeting organizations across multiple critical infrastructure sectors for rapid data theft and extortion attacks, according to CrowdStrike. The financially-motivated attackers, which CrowdStrike tracks as Cordial Spider and Snarky Spider, have used voice-phishing and social engineering attacks to break into victims’ identity … Read More “Two new extortion crews are speedrunning the Scattered Spider playbook – CyberScoop” »
Deep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentials – Read More –
Post Content – Read More – IC3.gov News
The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online. Security is always a moving target. … Read More “ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories – The Hacker News” »
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work … Read More “Anti-DDoS Firm Heaped Attacks on Brazilian ISPs – Krebs on Security” »
