相關新聞
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [...]
Bleepingcomputer
2026年05月15日 137 觀看次數
Hackers abuse Google ads, Claude.ai chats to push Mac malware
Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign. Users searching for "Claude mac download" may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on...
Bleepingcomputer
2026年05月11日 157 觀看次數
New cPanel and WHM Flaws Enable Code Execution, DoS Attacks
cPanel has disclosed three critical security vulnerabilities tracked as CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 affecting its widely deployed cPanel & WHM web hosting control panel and WP Squared (WP2) platform. The flaws, patched...
Cyber Security News
2026年05月10日 145 觀看次數
Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information
Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge, all released on May 7, 2026, requiring no action from end users or administrators. Microsoft’s Security Response Center published advisories for CVE-...
Cyber Security News
2026年05月09日 178 觀看次數
Fake OpenAI repository on Hugging Face pushes infostealer malware
A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project to deliver information-stealing malware to Windows users. [...]
Bleepingcomputer
2026年05月09日 107 觀看次數
NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce Users
A data breach at GFN.AM, an authorized NVIDIA GeForce NOW cloud gaming service provider operating under “GFN CLOUD INTERNET SERVICES” LLC, has exposed personal information belonging to registered users. The company disclosed the incident on May 5, 2026, revealing that unauthorized...
Cyber Security News
2026年05月09日 227 觀看次數
Canvas login portals hacked in mass ShinyHunters extortion campaign
The ShinyHunters extortion gang has breached education technology giant Instructure again, this time exploiting another vulnerability to deface Canvas login portals for hundreds of colleges and universities. [...]
Bleepingcomputer
2026年05月08日 171 觀看次數
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input...
The Hacker News
2026年05月08日 102 觀看次數
New TCLBanker malware self-spreads over WhatsApp and Outlook
A new trojan named TCLBanker, which targets 59 banking, fintech, and cryptocurrency platforms, uses a trojanized MSI installer for Logitech AI Prompt Builder to infect systems. [...]
Bleepingcomputer
2026年05月08日 152 觀看次數
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug Bridge (ADB) to enlist them in a network capable of carrying out distributed denial-of-service (DDoS) attacks. ...
The Hacker News
2026年05月07日 117 觀看次數
