24Articles
7Categories
2026-05-03Date
🚨 CISA KEV 2[−]
3 May KEVCISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEVThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, t…THEHACKERNEWS.COM
3 May KEVU.S. CISA adds a flaw in WebPros cPanel to its Known Exploited Vulnerabilities catalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in WebPros cPanel to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Defender, tracked as CVE-2026-41940 (CVSS score…SECURITYAFFAIRS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 13[−]
3 MayCVE-2026-37555Information published.MSRC.MICROSOFT.COM
3 MayCVE-2026-30656Information published.MSRC.MICROSOFT.COM
3 MayCVE-2026-7598 libssh2 userauth.c userauth_password integer overflowInformation published.MSRC.MICROSOFT.COM
3 MayCVE-2025-9403 jqlang jq JSON jq_test.c run_jq_tests assertionInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 2[−]
3 MayWeek in review: High-severity LPE vulnerability in the Linux kernel, cPanel 0-day exploited for monthsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: The AI criminal mastermind is already hiring on gig platforms Labor-hire platforms let anyone with a credit card post a task and pay a stranger to complete it. The RentAHuman platfor…HELPNETSECURITY.COM
3 MayGoogle Revamps Bug Bounty Programs: Android Rewards Rise, Chrome Payouts Drop in the Age of AIGoogle revamps bug bounties: Android rewards rise to $1.5M, Chrome payouts drop, shifting focus to high-impact, AI-resistant vulnerabilities. Google has announced a major overhaul of its Vulnerability Reward Programs (VRP) for Android and Chrome, marking a strategic shift in how …SECURITYAFFAIRS.COM
🔥 INCIDENT REPORTING 3[−]
3 MaySecurity Affairs newsletter Round 575 by Pierluigi Paganini – INTERNATIONAL EDITIONA new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Two US cybersecurity experts …SECURITYAFFAIRS.COM
3 MaySalt Typhoon breach IBM subsidiary in Italy: a warning for Europe’s digital defensesApril 2026 breach at Sistemi Informativi (IBM Italy) raises concerns over Chinese-linked cyber ops in Europe, including Salt Typhoon. In late April 2026, the Italian cybersecurity landscape was shaken by a significant breach targeting Sistemi Informativi, a company wholly owned b…SECURITYAFFAIRS.COM
3 MayMarcus & Millichap - 1,837,078 breached accountsIn April 2026, the commercial real estate brokerage firm Marcus & Millichap was named as one of multiple alleged victims of the ShinyHunters hacking and extortion group . Data alleged to have been obtained from the company was subsequently released publicly and included 1.8M uniq…HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 2[−]
3 MayWireshark 4.6.5 Released, (Sun, May 3rd)Wireshark release 4.6.5 fixes 43 vulnerabilities (38 CVEs) and 35 bugs. ISC.SANS.EDU
3 MayChatGPT advanced account security adds passkeys and hardware keysJournalists, elected officials, researchers, and political dissidents have spent years adapting their accounts to phishing-resistant authentication on consumer platforms. ChatGPT now joins that list. OpenAI has introduced Advanced Account Security, an opt-in setting that strips p…HELPNETSECURITY.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
3 MaySECURITY AFFAIRS MALWARE NEWSLETTER ROUND 95Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet 73 Open VSX Sleep…SECURITYAFFAIRS.COM
📡 INFOSEC NEWS 1[−]
3 May3 easy-to-miss cybersecurity risks for small businessesSmall business owners should be sure to fix these three non-technical risks that require little cybersecurity expertise.MALWAREBYTES.COM