Category: Uncategorized
-
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia [email protected] (The Hacker News)
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor. The activity involved using phishing emails that mimic correspondence from the Income Tax Department of India in December 2025, followed by a similar campaign aimed at Russian entities.…
-
How cyber insurance helped with breach recovery — or not
Four organizations, each with cyber insurance policies, responded differently to data breaches. Read the real-world examples of what went right and wrong.Read More
-
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks [email protected] (The Hacker News)
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed vulnerability in cPanel. The activity, detected by Ctrl-Alt-Intel on May 2, 2026,…
-
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M [email protected] (The Hacker News)
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam centers used for cryptocurrency investment fraud schemes targeting Americans, resulting in millions of dollars in losses. The crackdown was led by the Dubai Police, under the United Arab Emirates (UAE) Ministry of Interior, in partnership…
-
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV [email protected] (The Hacker News)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2026-31431 (CVSS score: 7.8), is a case of local privilege escalation (LPE) flaw that could allow…
-
Trellix Confirms Source Code Breach With Unauthorized Repository Access [email protected] (The Hacker News)
Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a “portion” of its source code. It said it “recently identified” the compromise of its source code repository and that it began working with “leading forensic experts” to resolve the matter immediately. It also said it has notified law enforcement…
-
Microsoft Shell Spoofing Zero-day Vulnerability
What is the Attack? A newly disclosed vulnerability, CVE-2026-32202, has emerged due to an incomplete patch by Microsoft for a previously exploited remote code execution flaw (CVE-2026-21510). While the original update addressed both RCE and SmartScreen bypass, it failed to eliminate a residual zero-click NTLM authentication coercion issue. This allows attackers to silently force a…
-
News brief: Critical infrastructure, OT cybersecurity attacks
Check out the latest security news from TechTarget SearchSecurity’s sister sites, Cybersecurity Dive and Dark Reading.Read More
-
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign [email protected] (The Hacker News)
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a “phishing relay” to distribute phishing emails with an aim to compromise Facebook accounts. The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen accounts back through an illicit storefront run by the threat actors. In all, roughly…
-
Tape’s strategic role in modern data protection
As the backup playbook gets rewritten, tape returns to quietly strengthen resilience, complementing the cloud and disk with dependable recovery and predictable long-term costs.Read More