Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Upcoming Drupal Core Security Fix for High-Severity Vulnerability
Drupal has announced a planned release of a core security update for all supported branches, scheduled for May 20, 2026, ...
How the Mini Shai-Hulud Worm Compromised AntV npm Packages
A large-scale npm supply chain attack has affected hundreds of packages in the @antv ecosystem — a popular data visualization ...
How INTERPOL’s Operation Ramz Reshapes Cybercrime Enforcement in MENA
INTERPOL has concluded an unprecedented coordinated anti-cybercrime operation in the Middle East and North Africa (MENA) region. Operation Ramz, conducted ...
Analysis of Malicious npm Packages Delivering Shai-Hulud and More
Researchers from OX Security discovered four malicious npm packages published by the same user but containing fundamentally different malicious payloads ...
How SAP, Fortinet, n8n and Others Fixed 11 Critical Bugs in May 2026
In May 2026, five major vendors — Ivanti, Fortinet, SAP, n8n and Broadcom (VMware) — released fixes for 11 critical ...
How the Fast16 Framework Targeted Uranium Compression Modeling
According to researchers from Symantec and Carbon Black (part of Broadcom), the Lua-based malicious framework fast16 was designed to deliberately ...
MiniPlasma: Public cldflt.sys Exploit Grants SYSTEM on Fully Patched Windows
A security researcher under the alias Chaotic Eclipse has released a working exploit named MiniPlasma, which allows obtaining SYSTEM-level privileges ...
Active Exploitation of NGINX CVE-2026-42945 and openDCIM Flaws
The critical vulnerability CVE-2026-42945 in NGINX Plus and NGINX Open, which allows an attacker to cause denial of service or, ...
How CVE-2026-42897 Puts On-Premises Exchange Servers at Risk
Microsoft has disclosed vulnerability CVE-2026-42897 (CVSS 8.1) in on-premises versions of Exchange Server, which is already being actively exploited by ...
Compromised GitHub Actions Steal CI/CD Credentials via Runner Memory
The popular GitHub Actions actions-cool/issues-helper and actions-cool/maintain-one-comment have been compromised through a supply-chain attack: all existing tags in the repositories ...