Latest IntelligencePage 79
Search by keyword →
Critical Apache HTTP Server Flaw Exposes Millions of Servers to RCE Attacks
The Apache Software Foundation has released a critical security update for Apache HTTP Server, patching five vulnerabilities, including a dangerous double-free ...
Weaver E-cology critical bug exploited in attacks since March
Hackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since mid-March to run discovery commands. [...]...
Physical Cargo Theft Gets a Boost From Cybercriminals
Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain system...
RMM Tools Fuel Stealthy Phishing Campaign
Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far....
Amazon SES increasingly abused in phishing to evade detection
The Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render reput...
Researchers report Amazon SES abused in phishing to evade detection
Cybersecurity firm Kaspersky reports that the Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass ...
Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability
Shortly after the authentication-bypass flaw was disclosed multiple proof-of-concept exploits appeared, and one researcher claims there's been zero-day activity...
Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks
The acquisition strengthens Cisco’s push into identity-centric security for AI and machine access. The post Cisco Moves to Acquire Astrix Security to Tackle Non...
DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates
A sophisticated threat actor breached DigiCert’s internal support environment in early April 2026 by tricking support analysts into executing a disguised ...
Trellix Source Code Repository Breached
The cybersecurity firm’s investigation has not found any impact on its source code release or distribution process. The post Trellix Source Code Repository Bre...
Backdoored PyTorch Lightning package drops credential stealer
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, env...
New MicroStealer Malware Actively Attacking Telecom & Education Sectors
A new infostealer malware called MicroStealer has quietly entered the threat landscape and is already showing a worrying reach. First spotted in December 2025, ...
Trellix discloses data breach after source code repository hack
Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. [...]...
A Vulnerability in WHM cPanel and WP Squared Could Allow for Remote Code Execution
A vulnerability has been discovered in WHM, cPanel, and WP Squared that could allow for remote code execution. WHM, cPanel, and WP Squared are Linux-based web h...
Bluekit Phishing Kit Automates Domains, 2FA Lures, and Session Hijacking in One Panel
A newly identified phishing kit called Bluekit is changing how cybercriminals carry out phishing attacks by packing multiple attack capabilities into a single, ...
Malicious Tanstack Package Uses Postinstall Script to Steal Developer Environment Files
A malicious npm package impersonating the widely trusted TanStack project was discovered on April 29, 2026, silently stealing developer environment files the mo...
New xlabs_v1 Botnet Targets Minecraft Servers Through ADB-Exposed Android Devices
A newly identified botnet called xlabs_v1 has been found targeting Minecraft game servers by exploiting Android devices with the Android Debug Bridge (ADB) port...
CISA warns “Copy Fail” Linux flaw is already actively exploited
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Linux kernel flaw known as “Copy Fail” to its Known Exploited Vulnerabilitie...
They don’t hack, they borrow: How fraudsters target credit unions
Fraudsters aren't hacking credit unions, they are exploiting normal business processes. Flare reveals how structured loan fraud methods use stolen identities to...
DOJ Sentences Two Americans to Prison for ALPHV BlackCat Attacks on U.S. Victims
Two American cybersecurity professionals were sentenced to four years each in federal prison on April 30, 2026, for carrying out ransomware attacks against mult...