MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
Ravie LakshmananMay 05, 2026Vulnerability / Network Security Threat actors are actively exploiting a critical security flaw impacting an open-source content...
Hacking
Category Added in a WPeMatico Campaign
We Scanned 1 Million Exposed AI Services. Here’s How Bad the Security Actually Is
While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace...
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
Ravie LakshmananMay 05, 2026Cyber Espionage / Surveillance The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video...
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
Ravie LakshmananMay 05, 2026Vulnerability / Network Security A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA)...
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures...
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
Ravie LakshmananMay 04, 2026Network Security / Endpoint Security An active phishing campaign has been observed targeting multiple vectors since at...
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Ravie LakshmananMay 04, 2026Vulnerability / Enterprise Software Progress Software has released updates to address two security flaws in MOVEit Automation,...
⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
Ravie LakshmananMay 04, 2026Cybersecurity / Hacking This week, the shadows moved faster than the patches. While most teams were still...
2026: The Year of AI-Assisted Attacks
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had...
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
Ravie LakshmananMay 04, 2026Malware / Network Security The China-based cybercrime group known as Silver Fox has been linked to a...
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
Ravie LakshmananMay 04, 2026Vulnerability / Network Security A previously unknown threat actor has been observed targeting government and military entities...
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam...
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
Ravie LakshmananMay 03, 2026Vulnerability / Container Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently...
Trellix Confirms Source Code Breach With Unauthorized Repository Access
Ravie LakshmananMay 02, 2026Data Breach / Enterprise Security Cybersecurity company Trellix has announced that it suffered a breach that enabled...
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
Ravie LakshmananMay 01, 2026Malware / Threat Intelligence A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as...
