DDoS Malware Targets Jenkins to Hit Valve Game Servers
A new DDoS botnet that abuses exposed Jenkins servers to launch powerful attacks against Valve Source Engine game infrastructure, including servers hosting titles like Counter‑Strike…
Month: May 2026
Google AppSheet Exploited in 30,000-User Facebook Phishing Operation
Cybersecurity researchers at Guardio Labs have discovered a massive phishing operation that uses Google’s own infrastructure to hijack Facebook accounts. This research reveals a Vietnamese-linked operation…
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control…
FBI Warns of Surge in Hacker-Enabled Cargo Theft
A new alert issued by the FBI warns of a surge in cyber-enabled cargo theft, with hackers targeting both brokers and carriers in sophisticated attacks.…
Two US cybersecurity experts sentenced in ransomware case, third awaits July ruling
Two US cybersecurity experts sentenced in ransomware case, third awaits July ruling Pierluigi Paganini May 02, 2026 Two US security experts were sentenced to 4…
ODNI to CISOs on threat assessments: You’re on your own
Every year, CISOs, CSOs, and chief risk officers pore over the Office of the Director of National Intelligence (ODNI)’s Annual Threat Assessment (ATA) for insights…
CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments
In this article Microsoft Defender is investigating a high-severity local privilege escalation vulnerability (CVE-2026-31431) affecting multiple major Linux distributions including Red Hat, SUSE, Ubuntu, and…
How Huntress Transformed Its Detection Engine
Scaling data analysis to meet the demands of a rapidly growing company is a daunting challenge. This blog post details Huntress’ journey while facing this…
ConsentFix v3 attacks target Azure with automated OAuth abuse
A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums as an improved technique that automates attacks against Microsoft Azure. The first…
Hackers Breach Government and Military Servers by Exploiting cPanel Vulnerability
A sophisticated adversarial campaign targeting South-East Asian government and military infrastructure, combining rapid exploitation of a critical cPanel authentication bypass with a custom zero-day exploit…
Multiple Exim Mail Server Vulnerabilities Could Trigger Crashes via Malicious DNS Data
The developers of the Exim mail server have officially rolled out version 4.99.2 to address four newly discovered security vulnerabilities. This critical update patches multiple…
2 US Cybersecurity Experts Jailed for Aiding ALPHV (BlackCat) Ransomware
Two cybersecurity experts from the United States have been sent to prison for turning against the industry they were meant to protect. The accused, Ryan…