The News.
Daily intel.

Daily breach reporting, CVE disclosures, malware analyses, and threat campaigns. Yesterday's incidents, this morning's coverage — written by practitioners for the analysts and defenders who need it first.

148

Articles

143

Updated this month

14k+

Monthly readers

Showing 28–36 of 148 articles 143 updated this month

Intermediate 1.7k

News 9 min read

cPanel and WHM Patch Three Vulnerabilities Including RCE and Privilege Escalation

cPanel and WHM patch CVE-2026-29202 (CVSS 8.8 RCE), CVE-2026-29203 (CVSS 8.8 privilege escalation), and CVE-2026-29201 affecting 44,000+ servers. Update now.

Intermediate 1.3k

News 8 min read

ShinyHunters Defaces 330 Canvas Portals in Instructure Extortion Escalation

ShinyHunters defaced Canvas login portals at 330 colleges and universities on May 7, 2026, escalating their Instructure extortion campaign with a May 12 data leak deadline.

Intermediate 2.3k

News 7 min read

CVE-2026-0300: Palo Alto PAN-OS Zero-Day RCE Exploited, No Patch Until May 13

CVE-2026-0300 is a critical buffer overflow in Palo Alto PAN-OS enabling unauthenticated root-level RCE on internet-exposed firewalls. CISA KEV confirmed. No patch until May 13, 2026.

Intermediate 3.2k

News 10 min read

Google Chrome Downloads 4GB Gemini Nano AI to Your Device Without Asking

Google Chrome silently writes a 4GB Gemini Nano AI model to user devices without consent, reinstalls it if deleted, and may violate EU privacy law.

Intermediate 3.9k

News 7 min read

CVE-2026-6973: Ivanti EPMM Zero-Day Under Active Exploitation — Patch by May 10

CISA added CVE-2026-6973, an Ivanti EPMM RCE zero-day, to its KEV catalog. Federal agencies must patch to versions 12.6.1.1/12.7.0.1/12.8.0.1 by May 10, 2026.

Intermediate 1.1k

News 8 min read

Dirty Frag: CVE-2026-43284 and CVE-2026-43500 Grant Root Access Across All Major Linux Distros

Dirty Frag chains two Linux kernel bugs (CVE-2026-43284, CVE-2026-43500) to achieve root LPE on Ubuntu, RHEL, Fedora and more. A public PoC is live; one patch is still missing.

Intermediate 557

News 8 min read

ClaudeBleed: Flaw in Anthropic's Claude Chrome Extension Lets Any Plugin Hijack Your AI

ClaudeBleed, a CVSS 10.0 flaw in the Claude Chrome extension, lets any zero-permission extension hijack Anthropic's AI to steal emails, files, and GitHub data. Patch is incomplete.

Beginner 2.0k

News 6 min read

28 Fake Call History Apps Defrauded Users After 7.3 Million Google Play Downloads

Researchers found 28 fraudulent Android apps on Google Play with 7.3 million downloads that claimed to reveal call histories but charged users for fake data via hidden subscriptions.

Intermediate 3.4k

News 8 min read

PCPJack Cloud Worm Evicts Competitor Malware, Steals Credentials from Docker and Kubernetes

PCPJack is a new self-propagating cloud worm that removes TeamPCP infections, then harvests credentials from Docker, Kubernetes, Redis, MongoDB, and other exposed services.