Cargo theft is evolving, with cybercriminal syndicates now playing a significant role by exploiting supply chain systems. These groups are using their technical skills to reroute goods, making it easier for them to steal valuable cargo. This shift from traditional methods of theft to cyber-enabled tactics poses a serious risk to logistics and transportation companies, which may find themselves vulnerable to these sophisticated attacks. Businesses need to enhance their cybersecurity measures to protect against these new threats, as reliance on digital systems increases the potential for exploitation. The implications of this trend are significant, impacting not only the financial bottom line of affected companies but also the overall integrity of supply chains.
Latest Cybersecurity Threats
Real-time threat intelligence from trusted sources
A recently discovered vulnerability in cPanel allows attackers to bypass authentication, raising significant concerns for millions of users. Following the disclosure of this flaw, multiple proof-of-concept exploits have surfaced, indicating that the vulnerability could be actively exploited in the wild. One researcher has noted that there has been zero-day activity linked to this issue for at least a month, suggesting that attackers may already be taking advantage of the situation. This flaw affects various versions of cPanel, which is widely used for managing web hosting services. Users and companies relying on cPanel should prioritize patching their systems to mitigate potential risks.
Cisco has announced its plan to acquire Astrix Security, a move aimed at improving its identity-centric security solutions, particularly for managing non-human identities like those used by AI systems and machines. This acquisition is part of Cisco's broader strategy to enhance security measures in an increasingly automated and interconnected environment. By integrating Astrix's technology, Cisco aims to better protect organizations from potential risks associated with machine access and identity misuse. This is important as businesses increasingly rely on AI and automated systems, which can introduce unique security challenges. The deal underscores the growing focus on securing these non-human identities to prevent unauthorized access and data breaches.
A phishing campaign named VENOMOUS#HELPER has been targeting over 80 organizations since at least April 2025. The attackers exploit legitimate Remote Monitoring and Management (RMM) tools, specifically SimpleHelp and ScreenConnect, to gain ongoing remote access to compromised systems. Most of the affected organizations are based in the United States. This type of attack is concerning because it allows attackers to maintain control over their targets, potentially leading to data breaches or further exploitation. Organizations need to be vigilant about phishing attempts and ensure that their RMM tools are secured against unauthorized access.
SecurityWeek
Trellix, a cybersecurity firm, recently reported a breach of its source code repository. Although the company is conducting a thorough investigation, they have not found any evidence that this incident has affected their source code release or distribution processes. This means that, at least for now, their products and services remain secure from any potential vulnerabilities that could arise from the breach. The implications of such a breach can be significant, as access to source code can provide attackers with insights that could be used to exploit systems or develop malicious software. Trellix is reassuring its clients that their security measures are intact, but the situation serves as a reminder of the ongoing risks associated with software development and source code management.
BleepingComputer
Trellix, a cybersecurity firm, has reported a data breach after attackers accessed part of its source code repository. The breach raises concerns about the security of the company's software and the potential exposure of sensitive information. While Trellix did not disclose the extent of the data accessed, incidents like this can lead to vulnerabilities in the software products they develop. This situation serves as a reminder for companies to regularly assess their security measures and safeguard their intellectual property. Customers and partners are advised to stay vigilant and monitor for any unusual activity related to Trellix products.
A college student is taking legal action against a dating app for allegedly using her TikTok videos to target men living in her dorm. According to her lawyer, the dating app edited her content to imply she was looking for a 'friend with benefits' and geofenced the posts to reach nearby male users. This raises significant concerns about privacy and consent, as the student did not authorize the app to use her videos in this manner. The case could set a precedent for how dating apps and other platforms handle user-generated content and targeted advertising. It also highlights the potential risks associated with sharing personal videos online, particularly on social media platforms.
SCM feed for Latest
A new botnet is targeting gaming servers by exploiting misconfigured Jenkins installations. Attackers accessed the Jenkins server through a vulnerability in the scriptText endpoint, which allowed them to execute remote code using a Groovy script. This incident raises concerns for gaming companies and server administrators, as it can lead to unauthorized access and potential service disruptions. Organizations using Jenkins need to ensure their configurations are secure to prevent similar attacks. The exploitation of this vulnerability could have significant implications for the security of gaming platforms and user data.
Hackread – Cybersecurity News, Data Breaches, AI and More
At the Wiz ZeroDay.Cloud event, researchers disclosed significant vulnerabilities in PostgreSQL that have existed for 20 years. These flaws, particularly in the pgcrypto module, could allow attackers to exploit the database's security, raising serious concerns for organizations relying on PostgreSQL for data management. The researchers emphasized the urgency of applying patches to mitigate these risks and protect sensitive information. With many systems still using outdated versions, companies should prioritize updating their PostgreSQL installations to safeguard against potential attacks. This incident serves as a stark reminder of the importance of regular security audits and timely updates in maintaining database integrity.
Fraudsters are increasingly targeting credit unions by exploiting standard business processes rather than using traditional hacking methods. According to research from Flare, these criminals use stolen identities to navigate verification systems, allowing them to secure loans fraudulently. This method of structured loan fraud poses a significant risk to credit unions, as it can lead to substantial financial losses and undermine customer trust. By bypassing security measures that are typically relied upon, these fraudsters are able to manipulate systems in ways that may not trigger alarms. It’s essential for credit unions to enhance their verification processes to combat this type of fraud effectively.
DigiCert, a prominent certificate authority, has revoked a number of certificates after a security breach involving its internal support portal. Hackers managed to deliver malware through a customer chat channel, which infected an analyst’s system. This breach allowed them access to sensitive internal systems, raising concerns about the security of the certificates issued by DigiCert. The incident highlights significant vulnerabilities in customer support systems, emphasizing the need for stronger security measures in such environments. Companies relying on DigiCert for SSL certificates may need to assess the implications of this breach on their own security postures.
Infosecurity Magazine
Stephen Campbell from Team Cymru has expressed concerns that many small defense contractors in the U.S. are not adequately equipped to fend off cyberattacks, particularly those originating from nation-state hackers. These smaller firms often use edge devices, which can be vulnerable entry points for attackers. Campbell emphasizes that without sufficient network data and resources, these companies struggle to detect and mitigate intrusions. This lack of preparedness could have serious implications, not just for the contractors themselves but also for national security, as these companies often handle sensitive defense information. The warning serves as a call for increased investment in cybersecurity measures among smaller firms in the defense sector.
The cybercrime group Silver Fox, based in China, has launched a phishing campaign targeting organizations in India and Russia using a new malware known as ABCDoor. The attackers sent emails posing as communications from the Income Tax Department of India in December 2025, followed by similar attempts aimed at Russian entities. This tactic is concerning as it exploits tax-related themes to gain trust and infiltrate systems. The use of ABCDoor malware can lead to unauthorized access to sensitive information, potentially compromising the security of targeted organizations. As cyber threats continue to evolve, it is crucial for companies in these regions to enhance their security measures and educate employees on recognizing phishing attempts.
BleepingComputer
CISA has issued a warning that the 'Copy Fail' vulnerability in Linux systems is being actively exploited by attackers. This flaw was disclosed just one day prior by researchers from Theori, who also released a proof-of-concept exploit. The vulnerability allows attackers to gain root access to compromised Linux systems, putting a wide range of users and organizations at risk. System administrators and users of affected Linux distributions need to take immediate action to secure their systems against potential exploits. The rapid exploitation following the disclosure highlights the urgency for organizations to patch their systems as soon as possible.
BleepingComputer
Microsoft has acknowledged that the April 2026 security updates for Windows are causing issues with third-party backup applications that rely on the psmounterex.sys driver. This problem is affecting various backup solutions, preventing users from successfully backing up their data. The situation is significant as it could lead to data loss for individuals and businesses that depend on these backup tools for data protection. Microsoft has not yet released a specific fix or workaround for this issue, leaving users in a precarious position. Companies and users are advised to monitor for updates from Microsoft regarding this ongoing issue.