VMware Fusion Flaw Could Allow Attackers to Gain Root Privileges
A newly disclosed vulnerability in VMware Fusion has raised serious security concerns after researchers confirmed it could allow attackers to escalate privileges to root on…
Month: May 2026
Hackers Use PyInstaller and AMSI Patching to Deliver XWorm RAT v7.4
Cybersecurity researchers at Point Wild recently found a new way that cyberattackers are gaining unauthorised access to computers. The investigation, led by experts Kedar Shashikant…
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cyber threat…
Attackers replaced JDownloader installer downloads with malware
If you downloaded the JDownloader installer during the compromise window (May 6-7), you are advised to verify the file. JDownloader is a popular download management…
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
Ravie LakshmananMay 15, 2026Botnet / Threat Intelligence The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer…
Jaguar Land Rover profit slumps after cyber attack
Jaguar Land Rover (JLR) continues to face financial fallout from the devastating 2025 cyber attack on its systems, with sales and profits dropping precipitously during…
The hidden cost of fragmentation: 3 signs your retail tech stack is failing you
Small inefficiencies often show up – a delayed campaign here, inconsistent data there – until they begin to impact customer experience, operational speed, and increasingly,…
In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws
SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader…
CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day
CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day Pierluigi Paganini May 15, 2026 Microsoft warned that attackers are exploiting a new Exchange Server zero-day…
Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service. Source link
Cisco zero-day under ongoing attack by persistent threat group
Attackers returned once again to a common target with a massive user base by exploiting a max-severity zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and…
Gremlin Stealer’s Evolved Tactics: Hiding in Plain Sight With Resource Files
Executive Summary This article examines new obfuscation techniques the Gremlin stealer malware uses to conceal malicious payloads within embedded resources. We analyze a variant protected…