Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Copy Fail (CVE-2026-31431): New Linux Kernel Bug Enables Easy Root Privilege Escalation
A newly disclosed Linux kernel vulnerability, dubbed Copy Fail and tracked as CVE-2026-31431, has been rated CVSS 7.8 and allows ...
Checkmarx Supply Chain Attack and Dark Web Data Leak: Expert Analysis of the Incident
Application security vendor Checkmarx is continuing to investigate a significant software supply chain attack that has reportedly led to internal ...
Critical LiteLLM Vulnerability CVE-2026-42208: SQL Injection Threatens AI Gateway Security
The open source AI gateway LiteLLM by BerriAI is at the center of a serious security incident. A critical vulnerability ...
Critical cPanel Authentication Vulnerability: What Hosting Providers and Site Owners Must Do Now
One of the world’s most widely used hosting control panels, cPanel, has received urgent security updates to address a serious ...
Microsoft Entra ID Agent ID Administrator Vulnerability Exposed Critical Service Principal Takeover Risk
A recently disclosed vulnerability in Microsoft Entra ID (formerly Azure AD) allowed users with a new Agent ID Administrator role ...
Silk Typhoon Suspect Extradited to the US over Microsoft Exchange and COVID‑19 Espionage Campaigns
Chinese citizen Xu Zewei, whom US authorities describe as a member of the state‑linked hacking group known as Silk Typhoon, ...
Critical CVE-2026-25874 Vulnerability in Hugging Face LeRobot Exposes AI Robotics to Remote Code Execution
A critical vulnerability CVE-2026-25874 has been identified in the open-source robotics platform LeRobot by Hugging Face, enabling unauthenticated remote code ...
Apple Patches iOS Notification Bug That Left Deleted Signal Messages on iPhones (CVE-2026-28950)
Apple has released an unscheduled security update for iOS and iPadOS to fix a critical flaw in the Notification Services ...
DOJ Sentences Cybersecurity Professionals for Supporting BlackCat Ransomware Operations
The U.S. Department of Justice (DOJ) has sentenced two cybersecurity professionals to four years in prison each for assisting the ...
Fake CAPTCHA Pages Fuel International SMS Fraud and TDS‑Driven Crypto Scams
A newly documented telecom fraud campaign shows how attackers are combining fake CAPTCHA pages, premium‑rate international numbers and advertising infrastructure ...
