Security news.
Today's security news highlights critical vulnerabilities and active exploitation, with CISA adding a Linux root access bug to its KEV catalog and a cPanel flaw being mass-exploited by ransomware. We also see continued threats from sophisticated phishing campaigns and supply chain attacks, alongside significant data br
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
The U.S. CISA has added a local privilege escalation flaw (CVE-2026-31431) in various Linux distributions to its Known Exploited Vulnerabilities catalog due to active exploitation.
Critical cPanel Flaw Mass-Exploited in "Sorry" Ransomware Attacks
A critical cPanel vulnerability, CVE-2026-41940, is being actively mass-exploited to breach websites and encrypt data in "Sorry" ransomware campaigns.
Trellix Confirms Source Code Breach With Unauthorized Repository Access
Cybersecurity company Trellix announced a breach that led to unauthorized access to a portion of its source code repository.
ConsentFix v3 Attacks Target Azure with Automated OAuth Abuse
A new attack type, ConsentFix v3, is circulating on hacker forums, automating and scaling OAuth abuse against Azure environments.
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
A Vietnamese-linked operation, codenamed AccountDumpling, used Google AppSheet as a phishing relay to compromise approximately 30,000 Facebook accounts.
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Two cybercrime groups, Cordial Spider and Snarky Spider, are conducting rapid, high-impact data theft and extortion attacks within SaaS environments.
New Bluekit Phishing Kit Features AI Assistant
A new phishing kit, Bluekit, currently under development, offers automated domain registration and an AI assistant to facilitate phishing campaigns.
Two US Security Experts Sentenced to Prison for Helping Ransomware Gang
Two cybersecurity professionals, Ryan Goldberg and Kevin Martin, were sentenced to four years in prison for facilitating BlackCat ransomware attacks.