🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

Wiz ZeroDay.Cloud Event Reveals 20-Year-Old PostgreSQL Vulnerabilities 🚀 Cybersecurity researchers participating in Wiz’s ZeroDay.Cloud hacking event in London, England, exploited two critical vul...

The New Ouroboros Technique and How It Fits in dMSA’s Security Model Delegated Managed Service Accounts (dMSAs) were designed to solve a real operational problem: moving services off legacy servic...

Progress Software Addresses Critical MOVEit Automation Bug 🚀 Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result i...

DigiCert Hacked with a Malicious Screensaver File 🚨 A threat actor gained access to DigiCert’s backend and stole 27 code signing certificates that were later used to sign malware. The incident too...

Cyber-Secure Philanthropy: Tech Infrastructure for Global Donations Nonprofits move enormous amounts of money across borders. Most of it flows through web forms and third-party processors that wer...

Paying Ransom Won’t Help as VECT 2.0 Ransomware Destroys Data Irreversibly A major coding error in the VECT 2.0 ransomware is permanently destroying victim data, leaving no way for files to be rec...

Microsoft Defender Flags DigiCert Certs as Trojan 🚨 Microsoft Defender is mistakenly identifying legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, leading to widespread false-...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2026-39804 mtrudel - banditmtrude...

Trellix Discloses Security Breach of Code Repository 🚨 Trellix has disclosed a security breach affecting part of its source code repository. However, the company assures that there are no signs of...

Brace for the Patch Tsunami: AI is Unearthing Decades of Buried Code Debt 🚨 Britain’s cyber agency is warning that AI-fueled bug hunting is about to flush out years of buried flaws, leaving defend...

Watch Guard! Qilin Affiliate Exploits Network Appliances for Initial Access 🚨 Qilin is a long-standing and prolific Ransomware-as-a-Service (RaaS) group, active since late 2022, causing real-world...

The Internet Is Falling Down, Falling Down, Falling Down 🚨 Source: Watchtowr Labs Date Published: May 1, 2026 cPanel and WHM is the control panel solution that runs, depending on who you ask, som...

Copy Fail Vulnerability in Major Linux Distributions 🚨 Copy Fail (CVE-2026-31431) is a logic bug in the Linux kernel’s cryptographic template. It allows an unprivileged local user to trigger a det...

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This o...

DeepDoor Python Backdoor Evades Detection On Windows A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified targeting Windows systems...

Agent’s Claims on WhatsApp Access Spark Security Concerns A US agent claimed that WhatsApp encryption is fake, alleging that Meta accesses all unencrypted messages. This revelation has sparked sig...

Microsoft Won’t Patch PhantomRPC - Feature or Bug? 🚨 A researcher has discovered a weakness called PhantomRPC that Microsoft does not consider a vulnerability it plans to patch. PhantomRPC involve...

Hackers Exploit RCE Flaws in Qinglong Task Scheduler for Cryptomining 🚨 Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy ...

Hackers Arrested for Hijacking and Selling 610,000 Roblox Accounts 🚨 The Ukrainian police have arrested three individuals involved in hacking over 610,000 Roblox gaming accounts and selling them f...