Articles tagged "Critical"

Found 893 articles

A Chinese cyber threat group known as 'FamousSparrow' has been targeting an Azerbaijani oil and gas firm with a series of attacks. This marks a shift for the group, which previously focused on sectors like hospitality, telecom, and government. The ongoing attacks raise concerns about the security of critical infrastructure in the South Caucasus region, especially given the strategic importance of energy resources. Researchers are alarmed by the group's expanding reach, which could have implications for other companies in similar industries. As these attacks continue, organizations in the energy sector should bolster their defenses against potential cyber intrusions.

Read Original

Microsoft's new agentic security system has identified 16 vulnerabilities in the Windows networking and authentication stack, including four critical remote code execution (RCE) flaws. Among these, CVE-2026-40361 and CVE-2026-40364 are particularly concerning due to their higher likelihood of being exploited by attackers. These vulnerabilities could allow unauthorized users to execute arbitrary code on affected systems, potentially leading to severe security breaches. Organizations using Microsoft Windows should prioritize addressing these vulnerabilities to protect their systems from potential exploitation, especially as the threat landscape evolves. The discovery of these flaws underscores the importance of continuous security assessments in software development and deployment.

Read Original

The U.S. House Committee on Homeland Security has called for testimony from executives at Instructure regarding two significant cyberattacks on its Canvas platform, executed by the ShinyHunters extortion group. These attacks compromised sensitive student data and caused disruptions in schools, particularly during critical final exam periods. The incidents raised alarms about the security measures in place to protect educational institutions, as they directly affect students' academic performance and privacy. The committee's inquiry highlights the growing concern over cyber threats targeting educational technology, emphasizing the need for stronger safeguards against such breaches. As schools increasingly rely on digital platforms, the implications of these attacks could lead to calls for more stringent regulations and practices to protect student information.

Read Original

Fortinet has issued urgent security patches to address two serious vulnerabilities in its FortiSandbox and FortiAuthenticator products. These flaws could allow attackers to execute commands or arbitrary code, posing a significant risk to organizations using these systems. The vulnerabilities affect both security and authentication processes, making them critical to address promptly. Users and administrators are advised to apply the patches immediately to protect their environments from potential exploitation. This situation underscores the need for ongoing vigilance in managing software security and ensuring systems are updated.

Read Original

Sasha Levin, a co-maintainer of the Linux kernel, has introduced a proposal for a runtime killswitch designed to disable vulnerable kernel functions temporarily. This mechanism would be accessible through securityfs, allowing system administrators to quickly mitigate risks associated with known vulnerabilities. The proposal aims to provide a practical solution for managing vulnerabilities in the Linux kernel, which is critical given the widespread use of Linux in servers and devices. By enabling a quick response to potential exploits, this initiative could help enhance the security posture of systems utilizing the Linux kernel. The implementation of such a killswitch is especially relevant as cyber threats continue to evolve, targeting vulnerabilities in operating systems.

Read Original

A newly discovered vulnerability, identified as CVE-2026-41940, is affecting cPanel and WebHost Manager, allowing attackers to exploit it shortly after it was made public. The threat actor known as Mr_Rot13 has been observed using this flaw to deploy a backdoor known as Filemanager, which can grant unauthorized access to compromised systems. This situation poses serious risks to web hosting providers and their customers, as it could lead to data breaches and unauthorized control over hosted websites. Companies using affected versions of cPanel and WebHost Manager need to take immediate action to secure their systems and protect sensitive data from being exploited. The urgency of addressing this vulnerability cannot be overstated, given the potential for widespread impact on affected users.

Read Original

In May 2026, a significant update was released, addressing 130 Common Vulnerabilities and Exposures (CVEs), including 30 classified as critical. These vulnerabilities impact various software and systems, potentially affecting millions of users and organizations. Notably, the update includes patches for several widely-used products, emphasizing the urgent need for companies to apply these updates to protect their systems from potential exploitation. Researchers warn that failure to address these vulnerabilities could lead to serious security breaches, as attackers often target systems that have not been updated. Users and IT departments should prioritize these patches to enhance their cybersecurity posture and mitigate risks associated with the newly disclosed vulnerabilities.

Read Original
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

The Hacker News

Actively Exploited

A serious security vulnerability in cPanel, identified as CVE-2026-41940, is currently being exploited by a threat actor known as Mr_Rot13. This flaw allows attackers to bypass authentication and gain elevated control over cPanel and WebHost Manager (WHM) environments. The exploitation of this vulnerability has led to the deployment of a backdoor named Filemanager on compromised systems. This incident is particularly concerning because it puts web hosting environments at risk, potentially allowing unauthorized access to sensitive data and control over web applications. Users and administrators of affected cPanel and WHM versions need to be vigilant and take immediate action to secure their systems.

Read Original

Poland's Internal Security Agency has successfully prevented several cyberattacks aimed at water treatment facilities and military sites, which are believed to be linked to Russian intelligence efforts. These attacks targeted both critical infrastructure and civilian areas, raising concerns about the security of essential services in the country. The agency's actions reflect the ongoing risks posed by state-sponsored cyber threats, particularly in regions with geopolitical tensions. The successful thwarting of these attempts not only protects public safety but also highlights the importance of vigilance in cybersecurity practices. As nations face heightened cyber risks, the situation in Poland serves as a reminder of the need for robust defenses against potential sabotage.

Read Original

A significant security incident has emerged involving U.S. military data exposed through a vulnerability in an open directory belonging to CMI Management Inc., a government contractor. This exposure was discovered following a tip-off to Cybernews, raising concerns about the potential accessibility of sensitive information. The data breach could have serious implications for national security, as it may include critical military-related information that should be kept confidential. Despite notifications from the Cybersecurity and Infrastructure Security Agency (CISA), the vulnerability remained unaddressed, highlighting lapses in data protection practices. The incident serves as a reminder for contractors handling government data to prioritize robust security measures and for agencies to ensure that vulnerabilities are promptly resolved.

Read Original

Poland's Internal Security Agency (ABW) has reported that hackers have successfully breached industrial control systems at five water treatment plants across the country. The attackers, believed to be linked to Russian advanced persistent threat (APT) groups, managed to gain access to systems that control vital equipment. This incident is part of a broader campaign that raises concerns about cybersecurity in critical infrastructure. The ability to alter equipment settings poses significant risks not only to the water supply but also to public safety. As these types of cyberattacks become more common, it is crucial for nations to bolster their defenses against potential hybrid warfare tactics.

Read Original

Apache has addressed a serious vulnerability in its HTTP/2 implementation, identified as CVE-2026-23918, which has a CVSS score of 8.8. This vulnerability is a double-free error that could allow attackers to execute arbitrary code remotely. Any systems using the affected version of Apache's HTTP server could be at risk, which includes a wide range of web applications and services relying on this technology. It's crucial for organizations using Apache to apply the latest updates to prevent potential exploitation of this flaw. Users are advised to check their current versions and ensure they are running the patched releases to mitigate this risk effectively.

Read Original

A data breach affecting nearly 197,000 Zara customers has been linked to a cyberattack on a former technology provider, ShinyHunters. The breach exposed sensitive customer information, including emails, purchase history, and support data. This incident raises concerns about the security measures in place at third-party vendors that companies rely on. Customers whose data was compromised may face increased risks of phishing attempts and identity theft. As major retailers like Zara continue to rely on external partners, ensuring robust security practices across their supply chain becomes increasingly critical.

Read Original

The Polish Security Agency has reported that hackers breached the industrial control systems (ICS) at five water treatment plants. These intrusions allowed attackers to modify the operational parameters of critical equipment, posing a direct threat to the safety of the public water supply. This situation raises serious concerns about the security of essential infrastructure and the potential for public health risks. Authorities are likely to investigate further to understand the extent of the breaches and to implement stronger security measures. The incident emphasizes the need for improved cybersecurity protocols in vital services that impact daily life.

Read Original

A recent report analyzing over 25 million security alerts from enterprise environments reveals a troubling trend: organizations are overlooking many low-severity threats. These findings indicate that defenders may be institutionalizing a practice of ignoring less critical alerts, which could leave them vulnerable to potential attacks. The dataset included 10 million monitored alerts, suggesting a significant gap in how companies assess and respond to security risks. This lack of attention to low-severity alerts could lead to missed opportunities for early threat detection and response. As organizations increasingly rely on automated systems for security monitoring, it’s crucial they maintain vigilance over all threat levels to protect their networks effectively.

Read Original
PreviousPage 16 of 60Next