1+ day, 2+ hour ago  (283+ words) Cybersecurity researchers at Guardio Labs have uncovered a massive phishing operation dubbed Account Dumpling that has compromised more than 30, 000 Facebook accounts worldwide. The threat actors developed a sophisticated, multi-cluster attack infrastructure to maximize their success rate against various targets. The…...

3+ day, 1+ hour ago  (372+ words) These flaws allow attackers to execute arbitrary code and deploy resource-draining cryptomining malware on vulnerable servers. Qinglong is a self-hosted task management platform used by developers to automate background tasks using Python, Java Script, Shell, and Type Script scripts. With…...

1+ day, 3+ hour ago  (388+ words) A critical zero-day vulnerability in c Panel and Web Host Manager (WHM) is under massive active exploitation following the public release of a sophisticated proof-of-concept exploit. Tracked as CVE-2026-41940, this flaw has already compromised tens of thousands of servers worldwide....

2+ day, 2+ hour ago  (359+ words) A sophisticated software supply chain attack originating from the Git Hub account Buffer Zone Corp has been uncovered, targeting developers and continuous integration environments through malicious Ruby gems and Go modules. The campaign deployed sleeper packages that impersonated legitimate developer…...

1+ day, 21+ hour ago  (505+ words) The attack chain begins with SEO poisoning across search engines such as Bing, Yahoo, Duck Duck Go, and Yandex. Threat actors manipulate search rankings so that malicious Git Hub repositories appear as top results for queries like "Kusto Explorer download…...

2+ day, 29+ min ago  (694+ words) A new DDo S botnet that abuses exposed Jenkins servers to launch powerful attacks against Valve Source Engine game infrastructure, including servers hosting titles like Counter'Strike and Team Fortress 2. The campaign shows how a single misconfigured CI server can be…...

2+ day, 2+ hour ago  (269+ words) gbhackers. com FBI Warns Logistics Sector of Fake Business Identity Cargo Scams The FBI issued a public service announcement warning the transportation and logistics sectors about a massive increase in cyber-enabled strategic cargo theft. Threat actors are increasingly using sophisticated…...

4+ day, 3+ hour ago  (284+ words) Microsoft has officially confirmed a known issue affecting Remote Desktop Protocol (RDP) connections following the April 14, 2026, Patch Tuesday updates. Specifically impacting Windows 11 version 26 H1 (KB5083768, OS Build 28000. 1836), the update was intended to harden systems against malicious. rdpfiles. However, a newly introduced user…...

2+ day, 23+ hour ago  (270+ words) A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9. 8 flaw allows unauthenticated remote attackers to bypass c Panel and WHM login mechanisms, granting them full administrative control over servers. The…...

2+ day, 3+ hour ago  (280+ words) Anthropic has officially launched the public beta of Claude Security, an advanced vulnerability detection and remediation tool now available to Claude Enterprise customers. Powered by the highly capable Claude Opus 4. 7 model, this platform shifts application security testing from basic pattern…...