Fortinet discloses CVE-2026-44277 and CVE-2026-26083, unauthenticated RCE flaws affecting FortiSandbox and FortiAuthenticator. Patch now before attackers weaponize these.
ShinyHunters leaked 140GB of Zara customer data stolen through compromised Anodot authentication tokens. The breach exposed email addresses, order history, and support tickets from Snowflake and BigQuery integrations.
CVE-2026-44211 (CVSS 9.7) allowed malicious websites to hijack Cline's Kanban WebSocket server, exfiltrate workspace data, and execute arbitrary commands through the AI agent. Patched in v0.1.66.
A new proof-of-concept tool abuses Windows CreateFileW API to block file access across SMB shares. The technique evades all tested EDR products and requires no elevated privileges.
A new TrickMo variant routes Android trojan traffic through The Open Network, making domain takedowns ineffective. The malware adds SSH tunneling and SOCKS5 proxy capabilities for network pivoting.
TeamPCP compromised 84 versions across 42 TanStack packages on May 11 using GitHub Actions cache poisoning. The malware steals CI/CD credentials and includes a wiper that triggers on token revocation.
Google's Threat Intelligence Group identifies a criminal group using an LLM-generated exploit to bypass 2FA in a web admin tool—marking the first confirmed AI-built zero-day in active use.
CVE-2026-42208, a CVSS 9.3 pre-auth SQL injection in the LiteLLM LLM gateway, was weaponized within 36 hours of disclosure. CISA added it to KEV with a May 11 federal deadline.
Matthew Knoot and Erick Prince sentenced for operating laptop farms that helped North Korean IT workers infiltrate 70 US companies, generating over $1.2 million for Pyongyang.
SOCRadar documents a persistent phishing operation that stole 2,000+ credentials from aviation, energy, and government sectors over four years using GitHub-hosted infrastructure.
Learn about ransomware, phishing, malware, and essential online safety practices.
Curated books, tools, and resources to deepen your cybersecurity knowledge.
Get the latest cybersecurity news delivered to your inbox.