1. The ShinyHunters extortion group breached the Canvas education platform and defaced login portals for thousands of schools, threatening to leak 275 million records (krebsonsecurity.com).
2. A new unpatched Linux kernel vulnerability named Dirty Frag allows local attackers to gain root access on most major distributions (thehackernews.com).
3. The Copy Fail vulnerability, identified as CVE-2026-31431, is currently under active exploitation in the wild (thehackernews.com).
4. Ivanti warned that CVE-2026-6973 in Endpoint Manager Mobile is being exploited to grant remote code execution and admin-level access (thehackernews.com).
5. Palo Alto Networks reported that threat actors have attempted to exploit the critical buffer overflow vulnerability CVE-2026-0300 in PAN-OS software (thehackernews.com).
6. The new PCPJack malware framework is spreading worm-like across cloud environments to steal credentials while removing competing malware infections (bleepingcomputer.com).
7. A new banking trojan named TCLBanker is targeting 59 financial platforms by using a trojanized Logitech AI installer to spread via WhatsApp and Outlook (bleepingcomputer.com).
8. A former government contractor was convicted for intentionally destroying dozens of federal databases following his termination (bleepingcomputer.com).
9. Sri Lankan authorities arrested 37 individuals during a raid on a scam center linked to global cryptocurrency investment fraud (bitdefender.com).
10. A massive DNSSEC failure in the .de domain caused significant outages across large parts of the German web (reddit.com).
11. Egnyte is currently investigating a potential ransomware attack affecting its systems (reddit.com).
12. Multiple Americans were sentenced for operating laptop farms that facilitated remote access for North Korean cyber operations (reddit.com).
Be First to Comment