Cyber Security News

cPanel has disclosed three critical security vulnerabilities tracked as CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 affecting its widely deployed cPanel & WHM web hosting control panel and WP Squared (WP2) platform. The flaws, patched on May 8, 2026, expose servers to arbitrary file reads, Perl code injection, and denial-of-service (DoS) attacks, making immediate patching essential for hosting […]

The post New cPanel and WHM Flaws Enable Code Execution, DoS Attacks appeared first on Cyber Security News.

A highly sophisticated Brazilian banking trojan named TCLBANKER, tracked under the campaign REF3076, this malware represents a major update to the older Maverick and SORVEPOTEL families. It stands out because it uses a fake, signed Logitech installer to infect systems and spreads automatically via WhatsApp and Microsoft Outlook. The attack begins when a user downloads […]

The post TCLBANKER Malware Targets Users Through Self-Propagating WhatsApp and Outlook Worm Modules appeared first on Cyber Security News.

A data breach at GFN.AM, an authorized NVIDIA GeForce NOW cloud gaming service provider operating under “GFN CLOUD INTERNET SERVICES” LLC, has exposed personal information belonging to registered users. The company disclosed the incident on May 5, 2026, revealing that unauthorized access to its database occurred as far back as March 9, 2026, nearly two […]

The post NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce Users appeared first on Cyber Security News.

Let’s Encrypt temporarily suspended all certificate issuance on May 8, 2026, after engineers identified a critical issue involving a cross-signed certificate linking the organization’s Generation X root to its upcoming Generation Y root infrastructure. The incident triggered a complete shutdown of issuance across both production and staging environments before services were restored within hours. At […]

The post Let’s Encrypt Halts Certificate Issuance After Cross-Signed Root Certificate Incident appeared first on Cyber Security News.

Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge, all released on May 7, 2026, requiring no action from end users or administrators. Microsoft’s Security Response Center published advisories for CVE-2026-26129, CVE-2026-26164, and CVE-2026-33111 as part of its ongoing commitment to transparency in […]

The post Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information appeared first on Cyber Security News.

A new backdoor called PamDOORa has emerged as a serious and growing threat to Linux systems, targeting one of the most trusted components of the operating system to silently steal SSH credentials. The malware was advertised for sale on a Russian-speaking cybercrime forum called Rehub, with its complete source code initially listed at $1,600 before […]

The post New PamDOORa Backdoor Attacking Linux Systems to Steal SSH Credentials appeared first on Cyber Security News.

A newly identified malware campaign is targeting senior executives and government investigators across Southeast Asia, using a modular Remote Access Trojan capable of stealing credentials, capturing screenshots, and maintaining deep persistence on infected systems. The operation, dubbed Operation GriefLure, is running two simultaneous campaigns hitting Vietnam’s military-linked telecom sector and the Philippine healthcare industry. What […]

The post Hackers Deploy Modular RAT With Credential Theft and Screenshot Capture Capabilities appeared first on Cyber Security News.

Škoda Auto has disclosed a significant IT security incident affecting its official online shop, revealing that unauthorized individuals exploited a vulnerability in the platform’s standard shop software to gain temporary unauthorized access to customer data. During routine technical security monitoring, Škoda’s IT team identified that attackers had leveraged a flaw in the shop’s underlying software […]

The post Škoda Security Incident Exposes Customers Data From Online Shop appeared first on Cyber Security News.

A dangerous new infostealer campaign is targeting some of the most sensitive data people store on their computers. Disguised as a legitimate installer for OpenClaw, a popular open-source personal AI assistant, the malware silently takes over systems and goes after over 250 browser extensions tied to crypto wallets and password managers. The campaign has been […]

The post Hackers Use Fake OpenClaw Installer to Steal Crypto Wallet and Password Manager Credentials appeared first on Cyber Security News.

A newly discovered malware called ZiChatBot has been found quietly using the REST APIs of a legitimate team chat application called Zulip to receive and carry out commands from its operators. This approach is unusual because the malware never communicates with a private server that security tools could flag or block, making it harder to […]

The post New ZiChatBot Malware Uses Zulip REST APIs as Command and Control Server appeared first on Cyber Security News.

An active malware distribution campaign abusing two prominent AI platforms, Hugging Face and ClawHub, to deliver trojans, cryptominers, and infostealers disguised as legitimate AI tools and agent extensions. The campaign marks a significant evolution in supply chain attacks, shifting from traditional software repositories to trusted AI ecosystems. Within the OpenClaw ecosystem distributed through ClawHub, Acronis […]

The post Hackers Leveraged Hugging Face and ClawHub With 575+ Malicious Skills to Deploy Malware appeared first on Cyber Security News.

A 12-year-old boy grabbed an eyebrow pencil, drew a moustache on his face, held it up to his screen, and was verified as 15 years old. That single moment, shared by a parent in a UK survey, says more about online age verification than any technical report could. The UK Online Safety Act came into […]

The post Fake Moustache Bypasses Age Verification System Raising Online Safety Act Concerns appeared first on Cyber Security News.

Vercel has released an extensive set of security advisories for Next.js, addressing more than a dozen vulnerabilities, including denial-of-service, middleware bypass, server-side request forgery, and cross-site scripting. The flaws affect Next.js versions 13.x through 16.x using the App Router, as well as React Server Components packages for versions 19.x. CVE-2026-23870: Denial of Service via React […]

The post Multiple Critical Vulnerabilities Patched in Next.js and React Server Components appeared first on Cyber Security News.

Ivanti has issued a critical security advisory for its Endpoint Manager Mobile (EPMM) product, disclosing multiple actively exploited vulnerabilities, including CVE-2026-6973, and urging all on-premises EPMM customers to apply patches immediately. At the time of disclosure, Ivanti confirmed active exploitation of CVE-2026-6973, a vulnerability that requires admin authentication to succeed. The flaws exclusively affect the […]

The post New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.

CISA has issued an urgent warning regarding a critical vulnerability in Palo Alto Networks PAN-OS. Tracked as CVE-2026-0300, this severe security flaw was recently added to CISA’s Known Exploited Vulnerabilities catalog on May 6, 2026. The vulnerability allows unauthenticated threat actors to execute arbitrary code and gain root privileges on affected firewall appliances, prompting immediate […]

The post CISA Warns of Palo Alto PAN-OS Vulnerability Exploited to Gain Root Access appeared first on Cyber Security News.

Cisco has issued a critical security advisory regarding a high-severity vulnerability impacting its Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO). Tracked formally as CVE-2026-20188 with a CVSS base score of 7.5, this flaw poses a significant risk to network infrastructure. If successfully exploited, the vulnerability allows unauthenticated, remote attackers to trigger a severe […]

The post New Cisco Network Vulnerability Let Remote Attacker Cause DoS Attack appeared first on Cyber Security News.

Hackers are using convincing fake pages for Claude AI to trick users into running malware on their own systems. The campaign, known as “InstallFix” or the Fake Claude Installer threat, marks a sharp shift in how cybercriminals exploit the trust people place in artificial intelligence tools. Instead of targeting software vulnerabilities, these attackers are targeting […]

The post Hackers Using Fake Claude AI Installer Pages to Trick Users Into Running Malware on Their Systems appeared first on Cyber Security News.

Phone-based scams are evolving faster than most security filters can keep up with. Attackers are now leaning heavily on Voice over Internet Protocol (VoIP) numbers that disappear before detection systems can flag them, leaving users exposed and defenders scrambling. These scam campaigns arrive through email, where attackers embed phone numbers directly into message bodies, subject […]

The post Scammers Use Short-Lived VoIP Numbers and Reuse Windows to Defeat Reputation-Based Blocking appeared first on Cyber Security News.

A sophisticated China-linked hacker group known as UAT-8302 has been quietly targeting government agencies across South America and southeastern Europe, using a mix of custom malware and widely available open-source tools to steal sensitive data. The group has been active since at least late 2024 and stepped up its operations against government bodies in southeastern […]

The post UAT-8302 Uses Custom Malware and Open-Source Tools to Steal Data From Government Agencies appeared first on Cyber Security News.

WatchGuard has released urgent security updates to address multiple high-severity vulnerabilities affecting the WatchGuard Agent on Windows. The most critical of these flaws allows authenticated local attackers to escalate their privileges to the highest system level, granting them complete control over the compromised machine. Additional vulnerabilities discovered in the software include network-based buffer overflows that […]

The post WatchGuard Agent Vulnerabilities Let Attackers Grant Full SYSTEM Privileges on Windows appeared first on Cyber Security News.