CISA Warns of cPanel & WHM Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw affecting widely used web hosting management platforms.…
Category: CyberSecurityNews
Email Bombing and Fake IT Support Calls Fuel New Microsoft Teams Phishing Attacks
A new wave of cyberattacks is targeting employees through a combination of inbox flooding and fake IT support contacts on Microsoft Teams, tricking users into…
Microsoft Defender Mistakenly Flags DigiCert Root Certificates as Malware
Microsoft Defender triggered widespread false positive alerts after a faulty security update caused it to flag two legitimate DigiCert root certificates as malicious, potentially disrupting…
New Spyware Platform Lets Buyers Rebrand and Resell Android Surveillance Malware
A new Android spyware tool is being sold openly on the internet, and it comes with something far more dangerous than its surveillance features alone.…
PoC Exploit Disclosed for cPanel Vulnerability, 44,000 Servers Compromised
A weaponized proof-of-concept (PoC) exploit framework dubbed “cPanelSniper” has been publicly released for CVE-2026-41940, a maximum-severity authentication bypass in cPanel & WHM that has already…
Attackers Abuse Google AppSheet, Netlify, and Telegram in Facebook Phishing Campaign
A sophisticated cybercriminal operation dubbed “AccountDumpling” has compromised approximately 30,000 Facebook accounts worldwide. Discovered by Guardio Labs, this Vietnamese-linked campaign abuses Google’s AppSheet platform to…
Trellix Source Code Breach – Hackers Gain Unauthorized Access to Repository
Cybersecurity giant Trellix has disclosed a significant security incident involving unauthorized access to a portion of its source code repository. The company confirmed the breach…
Hackers Breach Government and Military Servers by Exploiting cPanel Vulnerability
A sophisticated adversarial campaign targeting South-East Asian government and military infrastructure, combining rapid exploitation of a critical cPanel authentication bypass with a custom zero-day exploit…
Multiple Exim Mail Server Vulnerabilities Leads to Crash with Malicious DNS data
The Exim development team has released version 4.99.2 to address four newly discovered security vulnerabilities affecting their mail server software. These flaws allow attackers to…
Attackers Deploy AiTM Phishing Pages to Access SharePoint, HubSpot, and Google Workspace
Threat actors are rapidly shifting their intrusion tradecraft toward high-speed, SaaS-centric attacks that completely bypass traditional endpoint security. Since October 2025, security researchers have tracked…
The Agency Mirage: Why AI Needs Real Engineering
By Marceu Martins De Souza Filho, M.Sc. I. The 1999 Mirror: We’ve Been Here Before In 1999, the world was obsessed with “eyeballs.” The goal…
EtherRAT Campaign Uses SEO Poisoning and GitHub Facades to Target Enterprise Admins
A new and well-planned malware campaign has been actively targeting enterprise administrators, DevOps engineers, and security analysts by hijacking their everyday search habits. Rather than…