Skip to content
Security News, Assessments & Alerts Page 4

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug Bridge (ADB) to enlist them in a network capable of carrying out distributed denial-of-service (DDoS) attacks.… 

Read More »Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a “false flag” operation. The attack, observed… 

Read More »MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open

The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open

The Hacker NewsMay 06, 2026Security Leadership / Industry Recognition For nearly 20 years, we at The Hacker News have mostly told scary stories about cyberspace — big hacks, broken systems, and new threats. But behind… 

Read More »The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open
Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?

Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?

Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, Gartner states that “enterprise adoption of… 

Read More »Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?
Google’s Android Apps Get Public Verification to Stop Supply Chain Attacks

Google’s Android Apps Get Public Verification to Stop Supply Chain Attacks

Ravie LakshmananMay 06, 2026Android / Data Security Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. “This new public ledger ensures the Google apps on… 

Read More »Google’s Android Apps Get Public Verification to Stop Supply Chain Attacks
Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

Ravie LakshmananMay 06, 2026Endpoint Security / Threat Intelligence Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote access tool (RAT) and a previous undocumented plugin dubbed Pheno with… 

Read More »Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

Ravie LakshmananMay 06, 2026Vulnerability / Network Security Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild. The vulnerability, tracked as… 

Read More »Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

Ravie LakshmananMay 05, 2026Vulnerability / Server Security The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to remote… 

Read More »Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

Ravie LakshmananMay 05, 2026Endpoint Security / Software Security A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. “These installers are… 

Read More »DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

Ravie LakshmananMay 05, 2026Network Security / Endpoint Security A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities in South America since at least late 2024 and government agencies… 

Read More »China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions