Cyber Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations of active exploitation risks. The flaw, tracked as CVE-2026-34926, affects on-premise deployments of Trend Micro Apex One and could allow attackers to tamper with endpoint security systems. CVE-2026-34926 […]

The post CISA Warns of Trend Micro Apex One Vulnerability Exploited in Attacks appeared first on Cyber Security News.

The FBI has issued a new cybersecurity warning about a rapidly emerging phishing-as-a-service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users to steal access tokens and bypass multi-factor authentication (MFA). Kali365 is being distributed primarily through Telegram channels, where threat actors can subscribe to the service and launch phishing campaigns with minimal […]

The post FBI Warns of Kali365 Attacking Microsoft 365 Users to Steal Logins and Bypass MFA appeared first on Cyber Security News.

Hackers have found a new and alarming way to weaponize one of the most trusted platforms in the AI world. A threat actor linked to North Korea has embedded second-stage malware inside Hugging Face, the widely used AI and machine learning hub, effectively turning it into a malware delivery channel and a live data exfiltration […]

The post Hackers Use Hugging Face to Host Second-Stage Malware for npm Supply Chain Attack appeared first on Cyber Security News.

Google has publicly released proof-of-concept (PoC) exploit code for a critical, still-unpatched vulnerability in the Chromium codebase, potentially exposing millions of users across Chrome, Microsoft Edge, and other Chromium-based browsers to stealthy botnet-style abuse. The vulnerability, originally reported in late 2022 by independent security researcher Lyra Rebane, remains unfixed after more than 42 months. It […]

The post Google Publishes Exploit Code for Unfixed Chromium Bug Exposing Millions of Users appeared first on Cyber Security News.

Hackers can weaponize a legitimately signed Lenovo driver to terminate security processes, highlighting a dangerous Bring Your Own Vulnerable Driver (BYOVD) attack vector that can bypass endpoint protection controls. Security researcher Jehad Abudagga has analyzed a Lenovo driver, BootRepair.sys, originally associated with the Lenovo PC Manager utility, and discovered that it can be abused to kill […]

The post Hackers Can Weaponize Lenovo Driver to Terminate EDR Processes appeared first on Cyber Security News.

A sweeping automated supply chain attack codenamed “Megalodon” struck GitHub on May 18, 2026, injecting malicious CI/CD backdoors into over 5,500 repositories in less than six hours, marking one of the most aggressive GitHub Actions poisoning campaigns ever recorded. SafeDep discovered that between approximately 11:36 and 17:48 UTC on May 18, 2026, the Megalodon campaign […]

The post Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours appeared first on Cyber Security News.

Hackers have been caught running a deceptive campaign that uses fake Microsoft Teams download websites to trick users into installing ValleyRAT, a remote access trojan capable of stealing data, logging keystrokes, and taking remote control of infected machines. The campaign, which first surfaced in mid-April 2026, targets unsuspecting users who believe they are downloading the […]

The post Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware appeared first on Cyber Security News.

A new wave of malware disguised as everyday productivity tools has been quietly spreading across the internet, stealing user credentials and giving attackers remote control of infected systems. Researchers have tracked hundreds of campaigns tied to a threat known as TamperedChef, also called EvilAI, which wraps dangerous code inside apps that look and feel completely […]

The post TamperedChef Malware Uses Signed Productivity Apps to Deliver Stealers and RATs appeared first on Cyber Security News.

A large-scale phishing campaign is actively targeting U.S. organizations, using fake event invitations as bait to steal login credentials, intercept one-time passwords, or install remote access tools. The operation has been running since at least December 2025, with researchers tracking a growing pool of malicious domains built around the same repeatable framework. What makes this […]

The post Fake Invitation Phishing Campaign Targets U.S. Organizations With Credential Theft appeared first on Cyber Security News.

India’s education sector is now at the center of a growing cybercrime storm. Millions of students across the country are being targeted by threat actors who have turned personal academic data into a weapon for phishing, social engineering, and direct financial theft. What makes this wave of attacks particularly dangerous is how organized and tailored […]

The post Indian Student Data Weaponized for Phishing, Social Engineering, and Financial Fraud appeared first on Cyber Security News.

Google has released an urgent security update for Chrome, addressing 16 vulnerabilities including two rated Critical that could allow attackers to execute arbitrary code on affected systems. The Stable channel has been updated to 148.0.7778.178/179 for Windows and Mac, and 148.0.7778.178 for Linux, with the rollout expected to complete over the coming days. Critical Chrome […]

The post Critical Chrome Vulnerabilities Enable Remote Code Execution Attacks – Patch Now! appeared first on Cyber Security News.

In a major international law enforcement success, authorities from seven countries dismantled First VPN, a criminal virtual private network linked to global cybercrime, during a coordinated operation on May 19 and 20, 2026. Dubbed Operation Saffron, the joint action was led by French and Dutch authorities and supported by Europol and Eurojust, resulting in the […]

The post Authorities Have Taken Down “First VPN” Used in Ransomware Attacks appeared first on Cyber Security News.

A new and sophisticated supply chain attack has been uncovered, targeting one of the most trusted corners of the open-source software world. Dubbed “Mini Shai-Hulud,” this campaign went after the @antv npm package ecosystem, a collection of widely used data visualization libraries powering dashboards and applications for developers globally. The attack was quiet, precise, and […]

The post Mini Shai-Hulud Compromises @antv npm Packages to Steal CI/CD Credentials appeared first on Cyber Security News.

Flipper Devices has unveiled Flipper One, a modular Linux cyberdeck aimed at becoming a fully open, mainline-first ARM platform for hackers, researchers, and makers The company says the new device is not a successor to Flipper Zero, but a separate Layer 1 product built for IP networking, high-performance computing, and expandable hardware experimentation. At the […]

The post Flipper Unveils New Flipper One Modular Linux Cyberdeck appeared first on Cyber Security News.

A well-known botnet is now targeting cloud environments in a more calculated way than before. P2PInfect, a Rust-written peer-to-peer malware active since mid-2023, has been observed compromising Kubernetes clusters by breaking into Redis instances left exposed to the internet. The campaign marks a notable shift, moving from simple server infections to persistent footholds inside managed […]

The post P2PInfect Botnet Compromises Kubernetes Clusters Through Exposed Redis Instances appeared first on Cyber Security News.

GitHub confirmed a significant security breach on May 18, 2026, after attackers leveraged a weaponized Visual Studio Code extension to compromise an employee’s device and exfiltrate data from the company’s internal source code repositories. The attack was detected and contained on Monday, May 18, when GitHub’s security team identified suspicious activity on an employee endpoint. […]

The post GitHub Internal Repositories Breached Via Weaponized VS Code Extension appeared first on Cyber Security News.

A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46333, exposes a serious local privilege escalation flaw that has remained undetected for nearly nine years. Security researchers at the Qualys Threat Research Unit (TRU) revealed that the issue allows attackers to exfiltrate sensitive data, including SSH private keys, and execute arbitrary commands as root on affected […]

The post Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys appeared first on Cyber Security News.

Two newly disclosed Microsoft Defender vulnerabilities are being actively exploited in the wild, enabling local attackers to elevate privileges to SYSTEM and potentially disrupt endpoint protection across Windows environments. The bugs, tracked as CVE‑2026‑41091 (Elevation of Privilege) and CVE‑2026‑45498 (Denial of Service), were published on May 19, 2026, and affect core Microsoft Defender components used […]

The post New Microsoft Defender 0‑Days Actively Exploited in the Wild appeared first on Cyber Security News.

A dangerous piece of malware known as BadIIS has been actively targeting Internet Information Services (IIS) web servers, quietly hijacking them and redirecting unsuspecting visitors to illegal gambling sites, adult content platforms, and other illicit destinations. The attacks have been going on for years across the Asia-Pacific region and beyond, placing thousands of legitimate websites […]

The post BadIIS Malware Turns Hijacks IIS Servers and Redirect Users to Illicit Sites appeared first on Cyber Security News.

Cisco has disclosed a critical security vulnerability in its Secure Workload platform that could allow unauthenticated attackers to gain unauthorized access to sensitive resources via internal APIs. The flaw, tracked as CVE-2026-20223, carries a maximum CVSS score of 10.0 and is categorized under CWE-306 (Missing Authentication for Critical Function). The issue stems from improper authentication […]

The post Critical Cisco Secure Workload Vulnerability Enables Unauthorized API Access appeared first on Cyber Security News.