Cybersecurity News

Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.

Apache HTTP Server graphic highlighting critical double-free bug CVE-2026-23918.
Cybersecurity News

CVE-2026-23918: critical Apache HTTP/2 flaw and mitigation guidance

CyberSecureFox Editorial Team

Apache Software Foundation has released a security update for Apache HTTP Server that fixes a critical vulnerability CVE-2026-23918 (CVSS 8.8) ...

Botnet representation targeting Android ADB through connected devices.
Cybersecurity News

New xlabs_v1 Mirai Botnet Exploits Android ADB for DDoS Attacks

CyberSecureFox Editorial Team

Researchers from Hunt.io have discovered a new botnet based on Mirai, identifying itself as xlabs_v1, which exploits devices with an ...

Graphic depicting cPanel WHM vulnerabilities affecting WordPress security.
Cybersecurity News

Security updates for cPanel, WHM and WP Squared: three CVEs

CyberSecureFox Editorial Team

cPanel has released security updates for cPanel and Web Host Manager (WHM), addressing three vulnerabilities: arbitrary file read, arbitrary Perl ...

Cybersecurity News

How CallPhantom and GoldFactory Exploit Trust in Mobile Apps

CyberSecureFox Editorial Team

28 fraudulent applications under the collective codename CallPhantom managed to gain more than 7.3 million installs in Google Play, promising ...

Dark digital art featuring a llama surrounded by data streams and a mysterious figure.
Cybersecurity News

How Bleeding Llama and Ollama Windows Auto-Update Lead to Critical RCE

CyberSecureFox Editorial Team

Ollama, one of the most popular platforms for running LLM models locally, has faced two classes of critical issues at ...

Cybersecurity News

Exploited PAN-OS User-ID Portal RCE (CVE-2026-0300) Guidance

CyberSecureFox Editorial Team

Palo Alto Networks PAN-OS contains a critical vulnerability CVE-2026-0300 in the User-ID Authentication Portal service that is already being exploited ...

Hooded figure controlling a digital dark web from behind computer screens.
Cybersecurity News

MetInfo CMS 7.9–8.1 under active attack via CVE-2026-29014 RCE

CyberSecureFox Editorial Team

The critical remote code execution vulnerability CVE-2026-29014 (CVSS 9.8) in MetInfo CMS versions 7.9, 8.0, and 8.1 is already being ...

Dark, surreal chess scene with puppet master controlling pieces and eerie figures.
Cybersecurity News

How MuddyWater Uses Chaos Ransomware Branding for Espionage

CyberSecureFox Editorial Team

MuddyWater, an Iran-linked state-sponsored group, has begun conducting targeted espionage and sabotage operations under the banner of the Chaos ransomware ...

** Dual-themed illustration contrasting cyber threats and secure coding practices.
Cybersecurity News

Inside PCPJack: Cloud Credential Theft Targeting Open Services

CyberSecureFox Editorial Team

PCPJack is a new credential theft framework targeting exposed cloud services (Docker, Kubernetes, Redis, MongoDB, RayML, vulnerable web applications). It ...

A hooded figure holds a key toward a giant cracked penguin symbol amidst dark shadows.
Cybersecurity News

How Dirty Frag Breaks Linux Kernel Security for Local Attackers

CyberSecureFox Editorial Team

Dirty Frag is a new, currently unpatched local privilege escalation vulnerability in the Linux kernel that allows any local user ...

123192 Next

CyberSecureFox

© 2026 INFO

About

About

Authors

Contact

Editorial

Editorial Standards

Corrections

Legal

Privacy Policy

Terms of Service