← Latest brief

Security news.

·Morning Brief

Today's security news highlights critical vulnerabilities and active exploitation, with CISA adding a Linux root access bug to its KEV catalog and a cPanel flaw being mass-exploited by ransomware. We also see continued threats from sophisticated phishing campaigns and supply chain attacks, alongside significant data br

THNKEV
May 3READ

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S. CISA has added a local privilege escalation flaw (CVE-2026-31431) in various Linux distributions to its Known Exploited Vulnerabilities catalog due to active exploitation.

BLEEPINGRANSOMWARE
May 2READ

Critical cPanel Flaw Mass-Exploited in "Sorry" Ransomware Attacks

A critical cPanel vulnerability, CVE-2026-41940, is being actively mass-exploited to breach websites and encrypt data in "Sorry" ransomware campaigns.

THNBREACH
May 2READ

Trellix Confirms Source Code Breach With Unauthorized Repository Access

Cybersecurity company Trellix announced a breach that led to unauthorized access to a portion of its source code repository.

BLEEPINGPATCH
May 2READ

ConsentFix v3 Attacks Target Azure with Automated OAuth Abuse

A new attack type, ConsentFix v3, is circulating on hacker forums, automating and scaling OAuth abuse against Azure environments.

THNPHISHING
May 1READ

30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign

A Vietnamese-linked operation, codenamed AccountDumpling, used Google AppSheet as a phishing relay to compromise approximately 30,000 Facebook accounts.

THN
May 1READ

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

Two cybercrime groups, Cordial Spider and Snarky Spider, are conducting rapid, high-impact data theft and extortion attacks within SaaS environments.

SECURITYWEEKPHISHING
May 2READ

New Bluekit Phishing Kit Features AI Assistant

A new phishing kit, Bluekit, currently under development, offers automated domain registration and an AI assistant to facilitate phishing campaigns.

SECURITYWEEKRANSOMWARE
May 1READ

Two US Security Experts Sentenced to Prison for Helping Ransomware Gang

Two cybersecurity professionals, Ryan Goldberg and Kevin Martin, were sentenced to four years in prison for facilitating BlackCat ransomware attacks.

Generated twice daily from public security RSS feeds. Informational only.