1 posts were published in the last hour 12:32 : Dirty Frag: A new Linux privilege escalation vulnerability is already in the wild
Dirty Frag: A new Linux privilege escalation vulnerability is already in the wild
Dirty Frag: unpatched Linux kernel flaw grants root access on Ubuntu, RHEL and Fedora. A working exploit is already public. Security researchers have disclosed a new unpatched vulnerability in the Linux kernel, code-named Dirty Frag, that allows an unprivileged local…
Modular RAT Campaign Steals Credentials and Captures Screenshots
A sophisticated spear-phishing campaign, dubbed Operation GriefLure, targeting senior executives in Vietnam and the Philippines with a stealthy modular remote access trojan (RAT). The campaign focuses on high-value organizations, including Viettel Group Vietnam’s largest military-backed telecom provider and St. Luke’s Medical…
ShinyHunters escalates Canvas attacks with school login defacements
Days after the first attack, ShinyHunters is applying pressure with ransom messages on school login portals. This article has been indexed from Malwarebytes Read the original article: ShinyHunters escalates Canvas attacks with school login defacements
Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
The hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply. The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek. This article has been…
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers’ systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network…
AI Firm Braintrust Prompts API Key Rotation After Data Breach
Hackers accessed one of the company’s AWS accounts and compromised AI provider secrets stored in Braintrust. The post AI Firm Braintrust Prompts API Key Rotation After Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Cline Kanban WebSocket Vulnerability Enables Malicious Sites to Take Over AI Coding Agents
Cline, a widely adopted open-source AI coding agent, has recently patched a severe vulnerability in its local Kanban server. Trusted by developers with deep access to source code, cloud credentials, and terminals, Cline automates complex coding tasks. However, researchers from…
Fake OpenClaw Installer Targets Crypto Wallets and Password Managers
Hackers are abusing a fake OpenClaw installer to deploy a modular Rust-based infostealer framework dubbed Hologram, aimed at harvesting credentials from more than 250 crypto wallet and password manager browser extensions while hiding behind trusted cloud and messaging services. The site…
Mozilla Patches 423 Firefox Vulnerabilities with Claude Mythos and Other AI Models
Mozilla has fixed a total of 423 Firefox security bugs in April 2026 alone, a figure nearly 20 times higher than its monthly average of about 21 bugs throughout 2025, driven by a groundbreaking agentic AI pipeline built around Anthropic’s…
New NWHStealer Delivery Chain Uses Bun Loader, Anti-VM Checks, and Encrypted C2
A new and evolving threat has caught the attention of cybersecurity researchers worldwide. A Windows-based information stealer known as NWHStealer has resurfaced with a more sophisticated delivery chain, now using the Bun JavaScript runtime as part of its infection process.…
New PCPJack Worm Targets Docker, Kubernetes, Redis, and MongoDB for Credential Theft
A sophisticated new malware framework called PCPJack has been found actively targeting cloud environments across the internet, hunting for exposed services and stripping away credentials at scale. The worm zeroes in on Docker, Kubernetes, Redis, and MongoDB deployments, turning misconfigured…
Meta fights Ofcom over how many billions count as billions
Social media biz says watchdog’s fine formula is ‘disproportionate’ and should stop counting global revenue This article has been indexed from www.theregister.com – Articles Read the original article: Meta fights Ofcom over how many billions count as billions
Hackers ate my homework: Educational SaaS Canvas down after cyberattack
ShinyHunters takes the credit and gives developer an F for security This article has been indexed from www.theregister.com – Articles Read the original article: Hackers ate my homework: Educational SaaS Canvas down after cyberattack
Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom
A system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals. The post Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom appeared first…
Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)
Ivanti has released fixes for 5 high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, one of which (CVE-2026-6973) has being exploited as a zero-day by attackers. “We are aware of a very limited number of customers exploited with CVE-2026-6973,”…
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that’s being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called “darkworm.” The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation…
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and…
Australian Cyber Security Centre Issues Alert Over ClickFix Attacks
ACSC warns over a campaign targeting organizations which uses ClickFix to deliver Vidar infostealer malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Australian Cyber Security Centre Issues Alert Over ClickFix Attacks
Pentest-Tools.com Releases Free Scanner for CVE-2026-41940 as cPanel Authentication Bypass Enters Its Third Week of Active Exploitation
Pentest-Tools.com has released a free, no-login scanner for CVE-2026-41940, the critical authentication bypass affecting cPanel & WHM and WP Squared that has been actively exploited in the wild since at least February 2026. The vulnerability, rated CVSS 9.8 Critical and…
16-30 April 2026 Cyber Attacks Timeline
In the second timeline of April 2026 I collected 108 events, corresponding to an average of 7.2 events per day, a number that confirms a growing trend, driven by the increasing number of supply chain attacks, compared to the previous…
Google is turning Android Studio into a policy watchdog
Google has expanded Play Policy Insights in Android Studio to help developers catch policy issues while coding, including warnings for common problems such as missing login credentials. Later this year, developers who connect their Play developer account directly to Android…
IT Security News Hourly Summary 2026-05-08 12h : 11 posts
11 posts were published in the last hour 10:4 : ZiChatBot Malware Abuses Zulip APIs for Stealthy C2 Operations 10:4 : Helping North Korean IT remote workers is becoming a fast track to prison 9:32 : Fake Moustache Fools Age…
ZiChatBot Malware Abuses Zulip APIs for Stealthy C2 Operations
A new cross‑platform malware family, dubbed ZiChatBot, that abuses the trusted Python Package Index (PyPI) ecosystem and the Zulip team chat platform to run a stealthy command‑and‑control (C2) channel. During routine threat hunting, analysts observed a series of malicious wheel packages…