[ad_1] Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE). Dubbed DirtyDecrypt (aka …
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability Read More
[ad_1] In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries. The targets of …
The New Phishing Click: How OAuth Consent Bypasses MFA Read More
[ad_1] Ravie LakshmananMay 19, 2026Vulnerability / Email Security Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gatewayan enterprise-grade email security solution, that could be exploited to achieve remote …
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access Read More
[ad_1] Ravie LakshmananMay 19, 2026Supply Chain Attack / Developer Security Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio …
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer Read More
[ad_1] Ravie LakshmananMay 19, 2026Software Security / Malware In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helperto run malicious code that harvests …
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials Read More
[ad_1] Microsoft on Thursday disclosed a zero-day vulnerability in Exchange that’s under active exploitation, but four days later customers are still awaiting a patch. The zero-day, tracked as CVE-2026-42897, affects …
Microsoft Exchange Zero-Day Under Attack, No Patch Available Read More
[ad_1] Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts …
CISA Admin Leaked AWS GovCloud Keys on Github – Krebs on Security Read More
[ad_1] INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects. The …
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests Read More
[ad_1] Iranian hackers reportedly breached systems that monitor fuel levels in storage tanks serving gas stations around the US, demonstrating yet again the changing nature of modern warfare and Iran’s …
Fuel Tank Breaches Expand Scope of Iran’s Cyber Offensive Read More
[ad_1] Ravie LakshmananMay 18, 2026Cybersecurity / Hacking Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were …
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More Read More