Security news.
Today's security brief highlights a series of significant cyber incidents, including a utility firm breach and new malware campaigns. CISA has also updated its Known Exploited Vulnerabilities catalog with four actively exploited flaws, urging immediate patching.
American utility firm Itron discloses breach of internal IT network
Itron, Inc. has reported a cybersecurity incident where an unauthorized third party accessed certain internal systems.
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
CISA has added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including flaws in SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers, due to active exploitation.
Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group, UNC6692, is using social engineering via Microsoft Teams to deploy a new custom malware suite named 'Snow,' which includes a browser extension, tunneler, and backdoor.
China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks
The China-linked APT group GopherWhisper is leveraging multiple Go-based backdoors and custom loaders/injectors in attacks targeting government entities.
ADT confirms data breach after ShinyHunters leak threat
Home security giant ADT has confirmed a data breach following a ransom threat from the ShinyHunters extortion group.
Firestarter malware survives Cisco firewall updates, security patches
U.S. and U.K. cybersecurity agencies warn about Firestarter, a custom malware persisting on Cisco Firepower and Secure Firewall devices even after updates and patches.
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Cybersecurity researchers have discovered a Lua-based malware, 'fast16,' dating back to 2005, which targeted high-precision calculation software years before Stuxnet.
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
A new vulnerability, Pack2TheRoot, in the PackageKit daemon could allow local Linux users to gain root permissions by installing or removing system packages.