Weekly Cyber Catch-Up: PAN-OS, Ivanti EPMM, Apache HTTP/2, and Linux Kernel Flaws Under Active Attack
Active exploits targeting Palo Alto PAN-OS, Ivanti EPMM, Apache HTTP/2, and the Linux kernel demand urgent patching across enterprise and cloud environments.
The Latest
cPanel and WHM Emergency Patches Address Three Critical Flaws
cPanel and WHM have released emergency patches for three vulnerabilities that could allow attackers to compromise web hosting environments through…
Malware, Phishing, and Infrastructure Attacks Surge Across Platforms
A wave of critical vulnerabilities, new malware families, and AI-driven attacks target Apache, Chrome, Firefox, Linux, Azure AD, Microsoft Teams,…
Android Zero-Click Shell, Apache RCE, Ivanti 0-Day, and Chrome 148 Patch Roundup
A wave of critical vulnerabilities and active attack campaigns demands immediate patching across Android, Apache, Chrome, Linux, and enterprise platforms.
Active Exploits and Emerging Malware: May 2026 Threat Landscape Update
Attackers are exploiting PAN-OS and Ivanti EPMM zero-days while a new Mirai botnet variant and PyPI malware campaigns escalate threats…
Week in Review: Supply Chain Attacks, APT Campaigns, and Critical Patches Dominate Cybersecurity Landscape
A roundup of the week's top cybersecurity news includes supply chain attacks on Google Android and DAEMON Tools, active exploitation…
APT Groups Exploit Gaming Platforms and Debug APIs in Multi Vector Cyber Campaigns
North Korea's ScarCruft group uses a gaming platform to deploy BirdCall malware, while critical RCE flaws in Apache HTTP/2, MetInfo…
Three New Threats Hit Internet Infrastructure: Apache RCE, Edge Password Leak, and MicroStealer Malware
Apache HTTP Server, Microsoft Edge, and a new MicroStealer malware each pose distinct threats, from remote code execution to credential…
Chinese Silver Fox Group Uses Tax Phishing to Deliver New ABCDoor Backdoor
More than 1,600 phishing emails were flagged between early January and early February 2026 across industrial, consulting, retail, and transportation…
Critical MOVEit Automation Flaws Allow Unauthenticated Takeover
Researchers from Airbus SecLab discovered the authentication bypass and privilege escalation flaws in Progress MOVEit Automation, prompting urgent patches across…
Attackers Abuse Legitimate RMM Tools to Breach 80 US Organizations
The VENOMOUS#HELPER campaign uses phishing emails disguised as Social Security Administration statements to trick victims into installing legitimate remote access tools.
Hackers Exploit Critical cPanel Flaw to Breach Governments and Hosting Firms
The threat actor also used a prior custom exploit chain involving SQL injection and CAPTCHA bypass against an Indonesian defense…
AI Coding Tools Fuel a New Wave of Low Skill High Impact Cyber Attacks
AI tools like ChatGPT and Claude Code enabled individuals with no coding background to conduct attacks previously requiring skilled engineers,…
Fake TanStack npm Package Steals Developer Credentials via Postinstall Script
Security researchers uncovered a supply chain attack where a fake TanStack npm package used automated postinstall scripts to harvest environment…
Spotlight
Linux Kernel Zero Day Copy Fail Lets Attackers Gain Root Access on Major Distributions
The flaw was introduced through three separate kernel changes made in 2011, 2015, and 2017, none of which appeared malicious individually.
DigiCert Breach: Stolen EV Code Signing Certificates Linked to Zhong Stealer Malware
The attacker exploited a malfunctioning endpoint sensor to maintain undetected access for ten days, stealing certificates used to sign Zhong Stealer malware.
Bluekit Phishing Platform Bundles Domain Automation, 2FA Circumvention, and Session Hijack Tools
Varonis researchers found that Bluekit's centralized dashboard captures session tokens and cookies after victims complete 2FA, rendering that security measure ineffective.
New Supply Chain Worm Hits SAP npm Packages, Targets Developer Secrets
The Mini Shai-Hulud worm uses a Bun runtime bootstrap to silently harvest credentials from developer machines, cloud platforms, and AI coding tools before npm install completes.
Features
Apache MINA Flaws Expose Enterprise Apps to Full Takeover
A botched merge left critical Apache MINA deserialization fixes unpublished until project maintainers caught the error and reissued versions 2.2.7…
FBI and Dubai Police Dismantle Global Crypto Fraud Ring, Seizing $701 Million
The international operation involved 276 arrests and the shutdown of nine scam centers, with human trafficking victims forced to run…
AI Driven Zero Day Discovery Now Automates Attacks at Machine Speed
Attackers now use AI models to discover and exploit zero day vulnerabilities in minutes, with documented campaigns like GAMECHANGE showing…
MOVEit Automation Patches Critical Backend Flaws Allowing Full Server Takeover
Two critical MOVEit Automation vulnerabilities discovered by Airbus SecLab researchers allow unauthenticated attackers to bypass authentication and escalate privileges to…
Rogue DHCP Server Attack Can Fully Compromise FreeBSD Systems
The flaw allows attackers on the same local network to inject commands into the dhclient configuration file through unescaped double…
Mass Email Floods Precede Fake Teams IT Support in New Wave of Breaches
Security researchers warn that email bombing, which triggers panic, is the entry point for fake IT support calls that achieve…
