Multi-Year Phishing Campaign Compromises Over 500 Organizations
A sustained phishing operation has breached more than 500 entities across aviation, energy, logistics, and critical infrastructure over several years.
JDownloader site compromised to distribute Python RAT malware
Popular download manager's official website served malicious Windows and Linux installers this week, deploying remote access trojan to unsuspecting users.
Linux zero-day grants root access across major distributions
Dirty Frag exploit enables local privilege escalation with a single command, affecting most enterprise Linux deployments currently in production.
Iranian intelligence operatives disguise espionage as ransomware attack
MuddyWater APT group deployed Chaos ransomware to mask intrusion tied to Iran's Ministry of Intelligence and Security, incident responders report.
DAEMON Tools trojanized in supply chain breach, patched version released
Disc Soft confirms malware was inserted into its popular disc imaging software; users urged to update immediately to clean build.
Palo Alto Networks Confirms Zero-Day Exploit in Firewall Software
CVE-2026-0300 targets the Captive Portal service in PAN-OS, affecting PA and VM series firewalls currently deployed in enterprise networks.
China-aligned group exploits Exchange, IIS flaws across Asian governments
Trend Micro tracks Shadow-Earth-053 campaign targeting defense and critical infrastructure sectors with known Microsoft vulnerabilities in ongoing espionage operation.
Dubai-Led Operation Arrests 276, Seizes $701M in Crypto Scam Crackdown
International task force dismantles nine fraud centers targeting U.S. investors, marking rare U.S.-China coordination on transnational cybercrime.
cPanel Vulnerability Exploited in Mass Ransomware Campaign
A newly disclosed critical flaw in cPanel is being actively exploited to breach websites and deploy 'Sorry' ransomware across multiple targets.
French authorities detain 15-year-old over state document agency breach
A teenager allegedly sold stolen data from France Titres, the agency managing national identity documents and driver's licenses.
cPanel authentication bypass exploited in wild since February
Critical vulnerability CVE-2026-41940 in cPanel, WHM, and WP Squared is under active exploitation with public proof-of-concept code now available.
China May Have Quietly Cut Fentanyl Precursor Exports
U.S. overdose deaths fell sharply in 2024, possibly due to Beijing's enforcement—but neither side wants to claim credit publicly.
Ransomware Groups Attack Each Other, Expose Infrastructure
0APT and KryBit leaked operational data during a mutual attack, handing defenders rare visibility into ransomware tradecraft and infrastructure.
Chinese National Extradited from Italy on Cyberespionage Charges
A suspected Silk Typhoon operative now faces U.S. prosecution for intelligence operations targeting American networks, marking a rare extradition in state-sponsored cyber cases.