⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxe...
Aggregating 7870 articles from trusted cybersecurity sources
Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxe...
The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks.
A critical authentication bypass vulnerability affecting cPanel and WHM servers, identified as CVE-2026-41940, is currently under active exploitation by a hi...
This upcoming webinar explores how organizations need to combine security, backups, and recovery planning to reduce the impact of modern cyberattacks. [.
The issue was found in the same area of the Linux kernel that produced last month’s Copy Fail bug, and also allows anyone with a basic account on an affected...
German authorities shut down a relaunched version of the criminal marketplace Crimenetwork and arrested its suspected operator. The domain seizure notice (So...
Fashion retailer Inditex, the parent company of Zara, has confirmed unauthorized access to customer transaction databases hosted by a third-party provider. D...
A malicious Hugging Face repository posing as an OpenAI release delivered infostealer malware to Windows systems and logged 244,000 downloads before being re...
OTT Cybersecurity LLC, the company behind Lyrie.
A stealthy Python-based infostealer campaign that abuses GitHub Releases to host payloads and maintain long-term, low‑visibility access to victim systems. Th...
Recently disclosed vulnerabilities in PHP, particularly within its widely used SOAP extension, have raised significant alarms across the cybersecurity commun...
Dubai, UAE, 11th May 2026, CyberNewswire
The ransomware group D1R claimed to have accessed a database of 40,000 entries from Synopsys and subsequently used this information to target Bosch, alleging...
The D1R cybercrime group claimed to have stolen valuable data from Synopsys and Bosch, threatening to leak it unless a ransom is paid. The post Synopsys Find...
The defendant's lawyer told Finnish media that he does not know where his client is but believes Kivimäki is outside Finland.
Effective data protection determines whether stolen information is actually usable and how much business and regulatory damage an organization suffers after ...
Supermarket giant Lidl has revealed details of a supplier breach impacting customer data
In this Help Net Security video, Chris Boehm, Field CTO, Zero Networks, breaks down how a vendor breach can become your breach. He explains that attackers no...
The "Breach at the Beach" CTF, created by Varonis researchers Doron Kapah and Mark Vaitsman, simulates attacks within Entra ID, focusing on how threat actors...
The compromised data includes customer salutations, first and last names, phone numbers, email addresses, dates of birth, and customer numbers.
The breach was discovered after mass emails were sent from legitimate AFA domains, claiming Argentina "stole" the win from Egypt.
Lidl disclosed a third-party data breach affecting online shop customers in Germany, Belgium, and the Netherlands. Payment data was not exposed.
Following the breach of several of her Telegram channels, controversial Russian journalist Ksenia Sobchak claimed published screenshots of her correspondence...
German discount supermarket chain Lidl has notified customers in Germany, Belgium, and the Netherlands that customer data was stolen after attackers breached...