Security Archives - Tech News

The WebAssembly Flaw That Shatters vm2 Isolation and Grants Host Access vm2 sandbox escape CVE-2026-26956 Smartphone Vulnerabilities

The WebAssembly Flaw That Shatters vm2 Isolation and Grants Host Access

Do Son May 8, 2026

A critical vulnerability within the widely adopted vm2 library for Node.js has jeopardized services that execute third-party...

The Bridge to Your Phone: How the Pheno Module Hijacks Microsoft Phone Link to Siphon Private OTPs

Do Son May 7, 2026

Adversaries increasingly find that compromising a smartphone is no longer a prerequisite for intercepting messages containing one-time...

Sixty-Four Days of Silence: The cPanel Zero-Day That Compromised Millions Before a Patch Existed cPanel CVE-2026-41940 exploit

Sixty-Four Days of Silence: The cPanel Zero-Day That Compromised Millions Before a Patch Existed

Do Son May 7, 2026

A critical vulnerability within cPanel, of which server proprietors were apprised only in late April, has proven...

Deciphering Disaster: How a Morse Code Prompt Injection Drained $200,000 via Grok and Bankrbot Grok Bankrbot Morse code exploit

Deciphering Disaster: How a Morse Code Prompt Injection Drained $200,000 via Grok and Bankrbot

Do Son May 7, 2026

A user on X successfully manipulated Grok and Bankrbot through a message encoded in Morse code, orchestrating...

732 Bytes to Root: How the “CopyFail” Linux Kernel Flaw is Subverting Global Server Security Linux CopyFail vulnerability

732 Bytes to Root: How the “CopyFail” Linux Kernel Flaw is Subverting Global Server Security

Do Son May 7, 2026

A critical vulnerability within the Linux kernel, christened CopyFail, has begun to precipitate significant disruptions for server...

Zero-Day Alert: Unauthenticated Root RCE Discovered in Palo Alto Networks PAN-OS (CVE-2026-0300) CVE-2026-0300 PAN-OS vulnerability

Zero-Day Alert: Unauthenticated Root RCE Discovered in Palo Alto Networks PAN-OS (CVE-2026-0300)

Do Son May 7, 2026

Palo Alto Networks has issued a critical warning regarding a formidable vulnerability within the PAN-OS operating system...

The Face of Extortion: Conti and Akira’s “Psychological Negotiator” Sentenced for Weaponizing Children’s Medical Data Akira ransomware negotiator ConnectWise Breach Iran Shipping Hacked China cyber threat

Akira ransomware negotiator ConnectWise Breach Iran Shipping Hacked China cyber threat

The Face of Extortion: Conti and Akira’s “Psychological Negotiator” Sentenced for Weaponizing Children’s Medical Data

Do Son May 6, 2026

A Latvian national affiliated with the prolific ransomware operations known as Conti and Akira has been sentenced...

The Mini-App Trap: How the FEMITBOT Toolkit Turns Telegram into a High-Speed Phishing Machine FEMITBOT Telegram mini-apps

The Mini-App Trap: How the FEMITBOT Toolkit Turns Telegram into a High-Speed Phishing Machine

Do Son May 6, 2026

Criminal syndicates are increasingly leveraging the inherent trust associated with ubiquitous platforms as a fundamental component of...

Trust Corrupted: How a Microsoft Defender Flaw Erased DigiCert Root Certificates and Paralyzed Windows Systems Microsoft Defender DigiCert false positive Windows Zero-Day CVE-2026-40372 .NET update

Microsoft Defender DigiCert false positive Windows Zero-Day CVE-2026-40372 .NET update

Trust Corrupted: How a Microsoft Defender Flaw Erased DigiCert Root Certificates and Paralyzed Windows Systems

Do Son May 6, 2026

Windows users globally were unexpectedly besieged by alarming notifications as the integrated security infrastructure began misidentifying pivotal...

Malicious PyTorch Lightning Release Exfiltrates Cloud Keys and Browser Data PyTorch Lightning 2.6.3 malware

Malicious PyTorch Lightning Release Exfiltrates Cloud Keys and Browser Data

Hieu Phan Trong May 5, 2026

A compromised iteration of a widely utilized AI development tool has been identified, harboring the capability to...

The Spy in Your Pocket: How the Cerberus Anti-Theft App Evaded Google Play to Become a Modern Stalkerware Nightmare Cerberus Anti-theft stalkerware

The Spy in Your Pocket: How the Cerberus Anti-Theft App Evaded Google Play to Become a Modern Stalkerware Nightmare

Hieu Phan Trong May 5, 2026

Cerberus has once again become the focal point of a controversy where a mobile security application metamorphoses...

Beyond the Screen: “Digit” Pleads Guilty to Plotting Physical Destruction of Global Oil & Gas Infrastructure Artem Revensky guilty plea Kettering Health Malaysia WhatsApp hack Ascom Hacked - Scattered Spider Everest hacker group 4chan Data Breach Commvault breach Mirai botnet Ivanti Vulnerability Cetus Protocol hack

Artem Revensky guilty plea Kettering Health Malaysia WhatsApp hack Ascom Hacked - Scattered Spider Everest hacker group 4chan Data Breach Commvault breach Mirai botnet Ivanti Vulnerability Cetus Protocol hack

Beyond the Screen: “Digit” Pleads Guilty to Plotting Physical Destruction of Global Oil & Gas Infrastructure

Hieu Phan Trong May 5, 2026

A hacker, indicted for orchestrating assaults on oil and gas infrastructure across several nations, has formally entered...

Beacons of Risk: How Axon’s “Untrackable” Police Gear is Broadcasting Officer Locations to Criminals Axon taser Bluetooth tracking

Beacons of Risk: How Axon’s “Untrackable” Police Gear is Broadcasting Officer Locations to Criminals

Hieu Phan Trong May 5, 2026

A law enforcement officer has not yet crossed the threshold of the precinct, yet an alien mobile...

CISA Adds Critical 9.8 cPanel Zero-Day to KEV as Ransomware Attacks Surge CVE-2026-41940 cPanel exploit US cybersecurity funding CISA Cybersecurity funding government breach Cybersecurity Alerts Windows zero-day