Over 44,000 cPanel servers hit by Sorry ransomware following authentication bypass exploit
A critical authentication bypass vulnerability in Linux-based web hosting control panels is being mass-exploited to deploy a new strain of […]
Instructure pays ransom to ShinyHunters to prevent 3.65TB Canvas LMS data leak
The parent company of a global learning management system has confirmed reaching a settlement with threat actors to avoid the
Instructure pays ransom to ShinyHunters to prevent 3.65TB Canvas LMS data leak Read More »
Palo Alto Networks prepares for May 13 patch rollout for critical PAN-OS zero-day
Enterprise security teams are entering the final 24 hours of a critical unpatched exposure period for perimeter firewalls. Official software
Palo Alto Networks prepares for May 13 patch rollout for critical PAN-OS zero-day Read More »
Google identifies first AI-generated zero-day exploit targeting web admin tools
Cybersecurity researchers have identified a sophisticated zero-day exploit that appears to have been developed with the assistance of an advanced
Google identifies first AI-generated zero-day exploit targeting web admin tools Read More »
Typosquatted OpenAI Privacy Filter repo on Hugging Face delivers Rust-based infostealer
A malicious repository masquerading as a legitimate privacy tool from a leading AI laboratory trended on Hugging Face, leading to
Typosquatted OpenAI Privacy Filter repo on Hugging Face delivers Rust-based infostealer Read More »
Critical Bleeding Llama vulnerability in Ollama allows remote process memory leak
A critical heap out-of-bounds read vulnerability has been disclosed in a popular open-source framework used for running large language models
Critical Bleeding Llama vulnerability in Ollama allows remote process memory leak Read More »
Ivanti EPMM zero-day CVE-2026-6973 added to CISA KEV following targeted attacks
A critical improper input validation vulnerability in the Ivanti Endpoint Manager Mobile platform has been added to the federal list
Ivanti EPMM zero-day CVE-2026-6973 added to CISA KEV following targeted attacks Read More »
CISA KEV Deadline Update: Samsung MagicINFO remediation window closes
Federal agencies have reached the remediation deadline for a critical path traversal vulnerability in enterprise digital signage infrastructure. This flaw
CISA KEV Deadline Update: Samsung MagicINFO remediation window closes Read More »
Instructure shuts down Free-For-Teacher program as Canvas breach extortion deadline nears
The global academic community is facing an imminent data disclosure threat as a major learning management system provider approaches a
Instructure confirms Canvas LMS breach scope as ShinyHunters extends ransom deadline
The fallout from the massive intrusion into a leading global learning management system continues to expand as threat actors demonstrate
Instructure confirms Canvas LMS breach scope as ShinyHunters extends ransom deadline Read More »
