11Articles
6Categories
2026-05-09Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
9 MaycPanel, WHM Release Fixes for Three New Vulnerabilities — Patch NowcPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 (CVSS score: 4.3) - An insu…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 4[−]
9 MayNVIDIA Confirms GeForce Data Breach Exposed Users’ Personal DataGFN Cloud Internet Services, operating as the regional NVIDIA GeForce NOW cloud gaming partner, GFN.AM has officially confirmed a significant data breach. The security incident exposed personal information of users registered on their streaming platform. While the company has now…GBHACKERS.COM
9 MayCybersecurity Today Month in Review: AI Coding Risks, Canvas Breach, QR Phishing SurgeThis week's panel dives into the cybersecurity stories that matter most for security leaders, IT teams, and anyone watching how AI is changing risk. Jim Love is joined by David Shipley (Beauceron Security), Laura Payne (White Tuque), and Jeff Williams (Contrast Security). Cyberse…CYBERSECURITYTODAY.LIBSYN.COM
9 MayVidar Infostealer Campaign Steals Passwords, Cookies, Crypto Wallets, and Device DataA highly evasive multi-stage malware campaign deploying the Vidar Infostealer. First discovered in late 2018 and built on the Arkei stealer source code, Vidar is notorious for aggressively harvesting user credentials, browser session cookies, cryptocurrency wallets, and detailed …GBHACKERS.COM
9 MayShinyHunters defaces Canvas portals during finals week.CISA orders Federal agencies to patch Ivanti zero-day by Sunday. Progress Software urges customers to patch critical MOVEit flaw.THECYBERWIRE.COM
📢 SECURITY ADVISORIES 1[−]
9 MayHackable Robot Lawn Mower Unlocks a New NightmarePlus: Meta officially kills encrypted Instagram DMs, the Trump administration targets “violent left wing extremists,” leaked documents reveal Russia's school for elite hackers, and more.WIRED.COM
🔥 INCIDENT REPORTING 1[−]
9 MayBraintrust security incident raises concerns over AI supply chain risksBraintrust warned customers to rotate API keys after hackers breached an AWS account, exposing secrets tied to cloud-based AI models. AI observability startup Braintrust warned customers to rotate API keys after attackers gained unauthorized access to one of the company’s AWS acc…SECURITYAFFAIRS.COM
🕵️ THREAT INTELLIGENCE 3[−]
9 MayThe spy who logged me in.⁠Mark Kelly⁠, Staff Threat Researcher at ⁠Proofpoint⁠, is discussing their work on "I’d come running back to EU again: TA416 resumes European government espionage campaigns." China-linked threat group TA416 has resumed large-scale phishing and malware campaigns targeting European…THECYBERWIRE.COM
9 MayTCLBANKER Malware Leverages WhatsApp and Outlook Worm Features in Active AttacksA sophisticated Brazilian banking trojan named TCLBANKER, deployed through a trojanized Logitech installer and capable of hijacking victims’ WhatsApp and Outlook accounts to spread itself to new targets. The campaign, tracked as REF3076, delivers TCLBANKER through a malicio…GBHACKERS.COM
9 MayAI Coding Agents Need SandboxesThe speaker argues that AI coding agents should be treated like privileged automation systems, not harmless autocomplete tools. Recommended controls include containerization, disposable workspaces, restricted network access, detailed process logging, and manual review of configur…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
9 MayQuasar Linux RAT (QLNX): A Fileless Linux Implant Built for Stealth and PersistenceResearchers uncovered QLNX, a Linux RAT targeting developers to steal credentials, log keystrokes, monitor systems, and enable remote access. Security researchers discovered a previously undocumented Linux malware called Quasar Linux RAT (QLNX) that targets developers and DevOps …SECURITYAFFAIRS.COM