Cyber Security News

A new supply chain attack dubbed “mini Shai Hulud” has compromised four SAP-related npm packages by injecting malicious preinstall scripts that silently execute during dependency installation, targeting developer environments and CI/CD pipelines to steal credentials across GitHub, npm, and major cloud providers. Security researchers at StepSecurity, Aikido Security, SafeDep, Socket, and Wiz identified that malicious […]

The post SAP npm Packages Compromised to Harvest Developer and CI/CD Secrets appeared first on Cyber Security News.

North Korea’s state-sponsored Lazarus Group has unleashed a newly identified, modular macOS malware kit dubbed “Mach-O Man” a sophisticated, four-stage attack chain targeting fintech executives, crypto developers, and high-value enterprise users through fake meeting invitations and social engineering lures. Analyzed by Mauro Eldritch in collaboration with ANY.RUN’s interactive sandbox platform, Mach-O Man, is a Go-compiled […]

The post Lazarus Hackers Attacking macOS Users With ‘Mach-O Man’ Malware Kit appeared first on Cyber Security News.

WILMINGTON, Delaware, April 29th, 2026, CyberNewswire Malicious intent-based deepfake detection shifts the focus from purely technical analysis to real-world risk and impact Brinker, recently named “Narrative Intelligence Solution of the Year 2026” by The Cyber Review, today announced the official launch of its malicious intent-based deepfake detection capability, introducing a fundamentally new approach to combating […]

The post Brinker Introduces a Novel Approach to Deepfake Detection appeared first on Cyber Security News.

A high-severity vulnerability in Cursor, one of the most widely used AI-powered coding environments today, has put developers at direct risk of remote code execution. Tracked as CVE-2026-26268, the flaw allows an attacker to run arbitrary code on a developer’s local machine simply by getting them to clone a malicious repository. The most alarming part […]

The post Cursor AI Coding Agent Vulnerability Allow Attackers to Execute Code on Developer’s Machine appeared first on Cyber Security News.

A newly identified malware called SLOTAGENT has drawn attention in the cybersecurity community for its strong ability to resist analysis and avoid detection. The malware does not rely on brute force tactics. Instead, it uses two precise techniques, API hashing and encrypted strings, to make reverse engineering extremely difficult for researchers. This level of technical […]

The post SLOTAGENT Malware Uses API Hashing and Encrypted Strings to Hinder Reverse Engineering appeared first on Cyber Security News.

A dangerous infostealer malware called LofyStealer is actively targeting Minecraft players by disguising itself as a game cheat tool named “Slinky.” The malware runs a two-stage attack that quietly steals sensitive data from popular web browsers while staying largely hidden from standard security software installed on the victim machine. The campaign is notably more sophisticated […]

The post Minecraft Players Targeted by LofyStealer Using Node.js Loader and In-Memory Browser Injection appeared first on Cyber Security News.

Video hosting platform Vimeo has confirmed a data breach resulting in unauthorized access to its user database. The security incident stems from a compromise at Anodot, a third-party analytics vendor utilized by Vimeo and several other major organizations. This event highlights the escalating threat of supply chain attacks within the software-as-a-service (SaaS) ecosystem. The breach […]

The post Vimeo Confirms Data Breach – Hackers Accessed Users Database appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability in Microsoft Windows. On April 28, 2026, the agency officially added this security flaw to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability impacts the Microsoft Windows Shell and is actively being exploited in real-world attacks. Organizations worldwide […]

The post CISA Warns Microsoft Windows Shell 0-click Vulnerability Exploited in Attacks appeared first on Cyber Security News.

A critical, currently unpatched remote code execution (RCE) vulnerability has been disclosed in LeRobot, Hugging Face’s popular open-source machine learning framework for real-world robotics. Tracked as CVE-2026-25874 with a critical CVSS score of 9.3, the flaw allows unauthenticated attackers to execute arbitrary system commands on vulnerable host machines. With nearly 24,000 stars on GitHub, this […]

The post Hugging Face LeRobot Vulnerability Enables Unauthenticated RCE Attacks appeared first on Cyber Security News.

Google has released a critical security update for its Chrome desktop browser to address 30 security vulnerabilities, including four severe flaws that could enable Remote Code Execution (RCE) attacks. The Stable channel has been updated to version 147.0.7727.137/138 for Windows and Mac, and to 147.0.7727.137 for Linux. Google is rolling out this update gradually over […]

The post Critical Chrome Vulnerabilities Enables Remote Code Execution Attacks appeared first on Cyber Security News.

A sophisticated, memory-resident phishing campaign called BlobPhish, active since October 2024, that exploits browser Blob URL APIs to silently steal credentials from Microsoft 365 users, major U.S. banks, and financial platforms while remaining almost completely invisible to traditional security tools. BlobPhish is a sustained credential-phishing operation that fundamentally changes how phishing pages are delivered to […]

The post New BlobPhish Attack Leverages Browser Blob Objects to Steal Users’ Login Credentials appeared first on Cyber Security News.

A critical remote code execution (RCE) vulnerability tracked as CVE-2026-3854 in GitHub’s internal git infrastructure that could have allowed any authenticated user to compromise backend servers, access millions of private repositories, and, in the case of GitHub Enterprise Server (GHES), achieve full server takeover. Discovered by Wiz researchers through AI-augmented reverse engineering of closed-source compiled […]

The post Critical GitHub.com and Enterprise Server RCE Vulnerability Enables Full Server Compromise appeared first on Cyber Security News.

Microsoft has officially acknowledged a known issue in its April 2026 Windows 11 cumulative update: Remote Desktop Protocol (RDP) security warning dialogs may render incorrectly on certain system configurations, a significant usability concern given that the warnings are designed to protect users from active phishing threats. The bug was introduced alongside the April 14, 2026, […]

The post Microsoft Confirms Remote Desktop Warnings May Display Incorrectly After April Update appeared first on Cyber Security News.

Application security testing firm Checkmarx has confirmed a significant escalation in its ongoing security incident. Cybercriminals have officially published company data on the dark web. This new development directly ties back to a supply chain attack that initially compromised the company’s systems on March 23, 2026. Working alongside a leading third-party forensic firm, Checkmarx traced […]

The post Checkmarx Confirms GitHub Repository Data Published on Dark Web appeared first on Cyber Security News.

A critical pre-authentication SQL injection vulnerability in LiteLLM, a widely used open-source AI gateway with over 22,000 GitHub stars, is actively being exploited in the wild. Tracked as CVE-2026-42208, this severe flaw allows unauthorized attackers to extract highly sensitive cloud and AI provider credentials directly from the platform’s PostgreSQL database. LiteLLM acts as a central […]

The post Critical LiteLLM SQL Injection Vulnerability Exploited in the Wild appeared first on Cyber Security News.

A Chinese national tied to one of the most damaging state-sponsored hacking campaigns in recent history has been extradited to the United States from Italy. Xu Zewei, 34, a citizen of the People’s Republic of China, landed on U.S. soil this past weekend and appeared before U.S. District Court in Houston, Texas, on April 27, […]

The post Chinese Silk Typhoon Hacker Extradited to the U.S. from Italy appeared first on Cyber Security News.

WhatsApp is currently developing an independent cloud backup system designed to give users more direct control over their chat histories. This upcoming feature will allow users to store their backups securely on WhatsApp’s native servers. The update aims to reduce reliance on third-party cloud services like Google Drive and Apple’s iCloud while enforcing strict cryptographic […]

The post WhatsApp Testing Own Cloud Backup Provider for Default End-to-End Encryption appeared first on Cyber Security News.

A critical zero-click authentication coercion vulnerability, tracked as CVE-2026-32202, stemming from an incomplete patch for a Windows Shell security feature bypass actively weaponized by the Russian APT28 threat group. Microsoft confirmed active exploitation of the flaw and released a fix as part of its April 2026 Patch Tuesday update. According to CERT-UA, the APT28 threat actor, also known […]

The post New Windows 0-Click Vulnerability Exploited to Bypass Defender SmartScreen appeared first on Cyber Security News.

Silver Fox, a China-based threat group has launched a new wave of attacks targeting businesses and individuals across Asia, using fake tax audit notifications and counterfeit software update alerts to install dangerous malware on victim systems. The campaign reflects a sharp rise in socially engineered attacks that exploit the trust people place in official-looking messages […]

The post New Silver Fox Campaign Uses Fake Tax Audit Alerts and Software Updates to Deliver Malware appeared first on Cyber Security News.

A wave of large-scale phishing campaigns backed by Chinese-language services is quietly targeting people around the world, using everyday messaging apps to steal personal and financial credentials. These operations have grown well beyond regional limits, making them one of the most organized and active threats in the current cyber threat landscape. Phishing-as-a-service, commonly known as […]

The post Chinese-Backed Smishing Services Use OTT Messaging and SMS to Scale Credential Theft appeared first on Cyber Security News.