Critrical cPanel flaw mass-exploited in “Sorry” ransomware attacks
A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in “Sorry” ransomware attacks. This week, an emergency…
Month: May 2026
Attackers Abuse Google AppSheet, Netlify, and Telegram in Facebook Phishing Campaign
A sophisticated cybercriminal operation dubbed “AccountDumpling” has compromised approximately 30,000 Facebook accounts worldwide. Discovered by Guardio Labs, this Vietnamese-linked campaign abuses Google’s AppSheet platform to…
Multiple Wireshark Vulnerabilities Allow Arbitrary Code Execution via Malformed Packets
The Wireshark Foundation has released version 4.6.5 of its widely used network protocol analyzer, addressing a massive wave of security vulnerabilities. This urgent update patches…
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a gateway,…
1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom
Over 1,800 developers were affected by the Mini Shai-Hulud supply chain attack that hit the PyPi, NPM, and PHP ecosystems over the past two days.…
Most Companies Aren’t Anywhere Near Ready for AI
Most of the frustration people have with AI not being able to do what they want is actually them not being able to describe what…
Stopping the quiet drift toward excessive agency with re-permissioning
With AI spending forecasted to hit $2.5 trillion in 2026, and with 40% of enterprise apps expected to embed task-specific AI agents by the end…
Qakbot Malware Takedown and Defending Forward
On Tuesday, August 29, 2023, the Federal Bureau of Investigations Los Angeles announced that they and other international partners disrupted the Qakbot malware infrastructure in…
Microsoft fixes Remote Desktop warnings displaying incorrectly
Microsoft has fixed a known issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. This known issue affects…
Trellix Source Code Breach – Hackers Gain Unauthorized Access to Repository
Cybersecurity giant Trellix has disclosed a significant security incident involving unauthorized access to a portion of its source code repository. The company confirmed the breach…
DDoS Malware Targets Jenkins to Hit Valve Game Servers
A new DDoS botnet that abuses exposed Jenkins servers to launch powerful attacks against Valve Source Engine game infrastructure, including servers hosting titles like Counter‑Strike…
Google AppSheet Exploited in 30,000-User Facebook Phishing Operation
Cybersecurity researchers at Guardio Labs have discovered a massive phishing operation that uses Google’s own infrastructure to hijack Facebook accounts. This research reveals a Vietnamese-linked operation…