CPO Magazine

Security Flaw in Claude AI Chrome Extension Enables Attackers to Execute Privileged Commands and Steal Data

A security flaw in “Claude in Chrome” enables any Chrome extension, including those without permissions, to execute ...

New critical Exim mailer flaw allows remote code execution

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...
Infosecurity Magazine

China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer

A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive ...
SecurityWeek

F5 Patches Over 50 Vulnerabilities

F5’s May 2026 quarterly security notification details 51 high and medium-severity vulnerabilities impacting BIG-IP, BIG-IQ, ...

Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator

Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could ...
The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...
The Hacker News

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.
The Daily Hodl

Hackers Targeting 59 Banking, Fintech and Crypto Platforms, Stealing Credentials, PINs and More: Report

A new banking trojan is reportedly targeting 59 banking, fintech and cryptocurrency platforms while spreading through popular ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
AppleInsider

New infostealer malware hides on Mac disguised as official Apple tools

Security researchers say a new macOS infostealer called SHub Reaper disguises itself as Apple security software to steal passwords, cryptocurrency wallets, and sensitive files. The malware abuses ...

GitHub investigates unauthorized access to internal repositories

GitHub confirmed an attacker was able to access its internal repositories after a code extension breach, with TeamPCP ...