Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
Turla turns Kazuar into a 3-module P2P botnet, enabling stealthy C2, resilient tasking, and persistent access.
Fonte
thehackernews.com
38articoli totali nell'archivio
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Claw Chain flaws in OpenClaw 2026.4.22 enable data theft, privilege escalation, and persistence when chained.
What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack…
Trusted-tool abuse hit 84% of 700,000 incidents, driving 45-day assessments that reduce attack surface by 30%+.
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
CVE-2026-42897 is exploited in on-prem Exchange; crafted emails enable spoofing, forcing urgent mitigation.
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
CISA added CVE-2026-20182, a CVSS 10.0 Cisco Catalyst SD-WAN Controller authentication bypass flaw, to its KEV catalog.
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin…
CVE-2026-20182 bypasses Cisco SD-WAN auth via DTLS port 12346, enabling admin access after May 2026 exploitation.
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Three node-ipc versions contain stealer/backdoor code, exposing developer and cloud secrets to exfiltration.
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+…
Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited flaws.
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
PraisonAI auth bypass exposed /agents after May 11 disclosure, enabling exploit checks within 3h44m.
How AI Hallucinations Are Creating Real Security Risks
AI hallucinations are confident but false outputs that pose major security risks. Learn how they impact threat detection and how…
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
YellowKey bypasses BitLocker via WinRE USB FsTx files, exposing Windows 11 and Server 2022/2025 systems.
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Fragnesia CVE-2026-46300 corrupts Linux page cache via XFRM ESP-in-TCP, enabling local root access on major distros.
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Microsoft’s new MDASH AI system found 16 Windows vulnerabilities fixed in this month’s Patch Tuesday, including 2 RCE flaws in…
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
FamousSparrow reused ProxyNotShell from Dec 2025-Feb 2026, deploying Deed RAT and TernDoor to sustain energy-sector access.
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
PamDOORa Linux backdoor abuses PAM modules for SSH persistence and credential theft, increasing Linux server compromise risks.
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major…
Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
CVE-2026-0300 exploited after April 9 attempts enables PAN-OS RCE, leading to stealth espionage and lateral movement by April 29.
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts…
ThreatsDay Bulletin: fake apps, supply chain attacks, AI-fueled exploits, ransomware chaos, and the biggest cyber threats this…
Day Zero Readiness: The Operational Gaps That Break Incident Response
Delayed IR access and 14-day logs limit visibility during breaches, increasing attacker dwell time and recovery costs.
The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now…
CyberStars Awards 2026 launched as a global program recognizing cybersecurity excellence across products, companies, and…
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
CVE-2026-0300 exploited via public PAN-OS portal before May 13, 2026 patch, enabling root RCE on firewalls.
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Apache fixes CVE-2026-23918 in HTTP/2; double-free flaw enables DoS and RCE, impacting version 2.4.66 users.
We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually…
AI infrastructure exposes 1M services from 2M hosts due to weak defaults, increasing risk of data leaks and system compromise
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft disclosed a credential theft campaign targeting 35,000+ users at 13,000+ organizations across 26 countries.
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
MOVEit Automation flaws (CVE-2026-4670, CVE-2026-5174) enable bypass and escalation, risking enterprise data exposure.
Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust
84% of attacks misuse legitimate tools across 700,000 incidents, reducing detection effectiveness and increasing internal breach…
Trellix Confirms Source Code Breach With Unauthorized Repository Access
Trellix reports source code breach with partial repository access, no exploitation found, raising security concerns.
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
30,000 Facebook accounts hacked via AppSheet phishing emails, exploiting Meta lures, leading to large-scale account theft and…
CTM360 Exposes Global GovTrap Campaign With 11,000+ Fake Government Portals…
11,000+ malicious domains fuel GovTrap impersonation campaign, exploiting global government trust to steal data and payments.