Subscribe below for free to get these delivered straight to your inbox
Instructure, owner of Canvas, reportedly reached an agreement with threat actors after a data breach, amid concerns it may have involved a ransomware payment.
Cybersecurity experts are assessing the Stryker cyberattack. Here’s what hospitals should focus on while no impact has been found.
Instructure confirms two Canvas intrusions, says data was stolen, and ShinyHunters sets a final May 12 pay-or-leak deadline.
Microsoft says Dirty Frag is an active Linux privilege escalation issue that can raise post-compromise risk and affect common enterprise environments.
Rapid7 says MuddyWater used Microsoft Teams social engineering, screen sharing, and remote tools in a false flag ransomware-style intrusion.
Ivanti warns of an actively exploited EPMM 0-day affecting on-premises deployments and urges immediate patching and log review.
Dirty Frag is an unpatched Linux kernel privilege escalation chain affecting ESP and RxRPC subsystems across major distributions, with PoC available.
Instructure confirmed a breach affecting student data after ShinyHunters claimed responsibility and shared a sample tied to schools in the U.S.
Cisco Talos details patched vulnerabilities in Foxit PDF Editor, Epic Games Store, and MedDream PACS, including privilege escalation and XSS flaws.
Copy Fail is a Linux kernel flaw that can lead to root access on many distributions, including container environments, with a working local exploit.
CISA has added CVE-2026-31431, a Linux local privilege escalation bug, to the KEV catalog after signs of active exploitation.
New React Server Components flaws CVE-2025-55183 and CVE-2025-55184 can cause denial of service and source code disclosure in affected apps.
Storm-1175 rapidly exploits newly disclosed flaws, moves laterally, steals data, and deploys Medusa ransomware, often within 24 hours.
A public cPanelSniper PoC targets CVE-2026-41940, a critical cPanel flaw linked to tens of thousands of compromised servers worldwide.
CVE-2026-31431, nicknamed Copy Fail, can let a local Linux user gain root on major distributions shipped since 2017.
LiteLLM CVE-2026-42208, a critical SQL injection flaw, was exploited in the wild within 36 hours of disclosure. Patch now.
Massachusetts regulators say Fidelity will pay $1.25 million after a data breach exposed sensitive information tied to 77,000 people.
Medtronic disclosed a data breach affecting corporate IT systems and said it does not expect a material impact on business or financial results.
Stryker’s cyberattack disrupted systems and prompted precautions at Michigan hospitals, highlighting supply-chain risk for healthcare providers.
A critical LiteLLM flaw was exploited shortly after disclosure, enabling access to database data and potentially allowing modification.
Kaspersky details PhantomRPC, a Windows RPC privilege escalation technique that can let processes with impersonation privileges reach SYSTEM level.
ADT says a major data breach affected 5.5 million customers, and hackers are already leaking stolen personal information online.
Pitney Bowes is the latest company linked to ShinyHunters, with Have I Been Pwned confirming an 8.2 million email address leak.
VulnCheck says ransomware crews are leaning more on zero-days, with a growing share of 2025 attacks tied to first-time exploitation.
FBI and CISA warn Akira ransomware is targeting critical sectors by exploiting edge devices, VPNs and backup servers in multi-stage attacks.
Check Point says attackers exploited WinRAR CVE-2025-8088 within days, using phishing and malicious archives in a targeted espionage campaign.
ShinyHunters reportedly exposed sensitive data from around 40 organizations, including Zara, Carnival and 7-Eleven, in a new leak.
Stryker confirmed a global cyberattack disrupted its Microsoft environment, with no ransomware indication and no current U.S. hospital impact.
Two security incidents have rattled the AI industry, with reported exposure of customer data at Mercor and source code in another breach.
Qilin ransomware claimed an April 20, 2026 cyberattack on U.S. retail company B&e Juice and threatened to leak sensitive data.
Three recently disclosed Windows zero-days are being used in attacks to gain elevated or SYSTEM privileges, according to Huntress Labs.
A public BlueHammer exploit for a Windows zero-day highlights disclosure concerns, local privilege escalation risk, and patch urgency.
Cisco Talos disclosed one Foxit Reader use-after-free flaw and six LibRaw vulnerabilities, including heap overflows and integer overflows.
A ransomware attack forced a water treatment plant in Minot, North Dakota, to switch to manual operations while officials responded.
Vercel says hackers breached internal systems through a Context AI OAuth compromise and stole customer data, keys, and source code.
Russian state hackers are abusing CVE-2026-21509 to deploy MiniDoor and Covenant malware against European government targets. Learn about the latest APT28 campaign.
Fortinet discloses CVE-2026-24858, a critical FortiOS SSO zero-day exploited in the wild. Learn how to secure your FortiManager and FortiAnalyzer systems now.
Learn about CVE-2026-24061, a decade-old vulnerability in GNU InetUtils telnetd that allows remote root access through simple argument injection.
A critical authentication bypass vulnerability in nginx-ui (CVE-2026-33032) allows attackers to achieve full server takeover. Learn how to secure your Nginx environment.
Microsoft has patched CVE-2026-21509, a critical Office zero-day used in targeted attacks to bypass security features and OLE mitigations in Microsoft 365.
Explore the latest CVE reports from April 2026, highlighting critical unpatched flaws in SuperAGI frameworks, H3C network hardware, and Django-based platforms.
CISA adds CVE-2026-34197 in Apache ActiveMQ to its KEV catalog following reports of active exploitation. Learn about the Jolokia API vulnerability and how to patch.
New Trellix research details a Russian APT28 campaign using CVE-2026-21509 to target European maritime and transport agencies with advanced malware and cloud C2.
Microsoft Defender faces active exploitation of three zero-day flaws. While BlueHammer is patched, RedSun and UnDefend remain unpatched and under active attack.
Microsoft releases an out-of-band update for CVE-2026-21509, an Office zero-day bypass vulnerability under active exploitation. Learn how to secure your systems.
You must be logged in to post a comment.