AI-Generated Zero-Day Weaponized: Google Warns as North Korea Hijacks Git Hooks and ODINI Exfiltrates via Magnetic Emissions
Google warns AI can now autonomously craft zero-day exploits as North Korean hackers weaponize Git hooks and ODINI malware exfiltrates data from air-gapped computers via CPU magnetic emissions.
The Latest
cPanel Flaw Exploited for Backdoors as Apache HTTP/2 and PAN-OS Zero-Days Collide
Attackers are exploiting a critical cPanel vulnerability to deploy persistent backdoors, while Apache HTTP/2, PAN-OS, and Linux kernel zero-days are…
Hackers Weaponize AI and DLL Sideloading in Coordinated Multi-Platform Malware Blitz
A wave of coordinated cyberattacks combines AI-generated exploits, phantom device registration, magnetic emission data theft, and social engineering across Windows,…
Weekly Cyber Catch-Up: PAN-OS, Ivanti EPMM, Apache HTTP/2, and Linux Kernel Flaws Under Active Attack
Active exploits targeting Palo Alto PAN-OS, Ivanti EPMM, Apache HTTP/2, and the Linux kernel demand urgent patching across enterprise and…
cPanel and WHM Emergency Patches Address Three Critical Flaws
cPanel and WHM have released emergency patches for three vulnerabilities that could allow attackers to compromise web hosting environments through…
Malware, Phishing, and Infrastructure Attacks Surge Across Platforms
A wave of critical vulnerabilities, new malware families, and AI-driven attacks target Apache, Chrome, Firefox, Linux, Azure AD, Microsoft Teams,…
Android Zero-Click Shell, Apache RCE, Ivanti 0-Day, and Chrome 148 Patch Roundup
A wave of critical vulnerabilities and active attack campaigns demands immediate patching across Android, Apache, Chrome, Linux, and enterprise platforms.
Active Exploits and Emerging Malware: May 2026 Threat Landscape Update
Attackers are exploiting PAN-OS and Ivanti EPMM zero-days while a new Mirai botnet variant and PyPI malware campaigns escalate threats…
Week in Review: Supply Chain Attacks, APT Campaigns, and Critical Patches Dominate Cybersecurity Landscape
A roundup of the week's top cybersecurity news includes supply chain attacks on Google Android and DAEMON Tools, active exploitation…
APT Groups Exploit Gaming Platforms and Debug APIs in Multi Vector Cyber Campaigns
North Korea's ScarCruft group uses a gaming platform to deploy BirdCall malware, while critical RCE flaws in Apache HTTP/2, MetInfo…
Three New Threats Hit Internet Infrastructure: Apache RCE, Edge Password Leak, and MicroStealer Malware
Apache HTTP Server, Microsoft Edge, and a new MicroStealer malware each pose distinct threats, from remote code execution to credential theft and targeted sector attacks.
Chinese Silver Fox Group Uses Tax Phishing to Deliver New ABCDoor Backdoor
More than 1,600 phishing emails were flagged between early January and early February 2026 across industrial, consulting, retail, and transportation…
Critical MOVEit Automation Flaws Allow Unauthenticated Takeover
Researchers from Airbus SecLab discovered the authentication bypass and privilege escalation flaws in Progress MOVEit Automation, prompting urgent patches across…
Attackers Abuse Legitimate RMM Tools to Breach 80 US Organizations
The VENOMOUS#HELPER campaign uses phishing emails disguised as Social Security Administration statements to trick victims into installing legitimate remote access…
Spotlight
Hackers Exploit Critical cPanel Flaw to Breach Governments and Hosting Firms
The threat actor also used a prior custom exploit chain involving SQL injection and CAPTCHA bypass against an Indonesian defense training portal before pivoting to cPanel attacks.
AI Coding Tools Fuel a New Wave of Low Skill High Impact Cyber Attacks
AI tools like ChatGPT and Claude Code enabled individuals with no coding background to conduct attacks previously requiring skilled engineers, as exploit windows shrank to 44 days and malicious software…
Fake TanStack npm Package Steals Developer Credentials via Postinstall Script
Security researchers uncovered a supply chain attack where a fake TanStack npm package used automated postinstall scripts to harvest environment files containing API keys, tokens, and credentials.
Linux Kernel Zero Day Copy Fail Lets Attackers Gain Root Access on Major Distributions
The flaw was introduced through three separate kernel changes made in 2011, 2015, and 2017, none of which appeared malicious individually.
Features
DigiCert Breach: Stolen EV Code Signing Certificates Linked to Zhong Stealer Malware
The attacker exploited a malfunctioning endpoint sensor to maintain undetected access for ten days, stealing certificates used to sign Zhong…
Bluekit Phishing Platform Bundles Domain Automation, 2FA Circumvention, and Session Hijack Tools
Varonis researchers found that Bluekit's centralized dashboard captures session tokens and cookies after victims complete 2FA, rendering that security measure…
New Supply Chain Worm Hits SAP npm Packages, Targets Developer Secrets
The Mini Shai-Hulud worm uses a Bun runtime bootstrap to silently harvest credentials from developer machines, cloud platforms, and AI…
Apache MINA Flaws Expose Enterprise Apps to Full Takeover
A botched merge left critical Apache MINA deserialization fixes unpublished until project maintainers caught the error and reissued versions 2.2.7…
FBI and Dubai Police Dismantle Global Crypto Fraud Ring, Seizing $701 Million
The international operation involved 276 arrests and the shutdown of nine scam centers, with human trafficking victims forced to run…
AI Driven Zero Day Discovery Now Automates Attacks at Machine Speed
Attackers now use AI models to discover and exploit zero day vulnerabilities in minutes, with documented campaigns like GAMECHANGE showing…
