相關新聞
Leaked Shai-Hulud malware fuels new npm infostealer campaign
The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend. [...]
Bleepingcomputer
2026年05月19日 141 觀看次數

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts. [...]
Bleepingcomputer
2026年05月17日 161 觀看次數

Android 16 VPN Bypass Lets Malicious Apps Reveal Users Real IP Address
A newly disclosed flaw in Android 16 is raising serious privacy concerns after researchers revealed that malicious apps can bypass VPN protections and expose a user’s real IP address even when strict security settings are enabled. The vulnerability, dubbed the “Tiny UDP Cannon,” allows...
Cyber Security News
2026年05月16日 203 觀看次數

Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [...]
Bleepingcomputer
2026年05月15日 182 觀看次數

Hackers abuse Google ads, Claude.ai chats to push Mac malware
Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign. Users searching for "Claude mac download" may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on...
Bleepingcomputer
2026年05月11日 239 觀看次數

New cPanel and WHM Flaws Enable Code Execution, DoS Attacks
cPanel has disclosed three critical security vulnerabilities tracked as CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 affecting its widely deployed cPanel & WHM web hosting control panel and WP Squared (WP2) platform. The flaws, patched...
Cyber Security News
2026年05月10日 191 觀看次數

Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information
Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge, all released on May 7, 2026, requiring no action from end users or administrators. Microsoft’s Security Response Center published advisories for CVE-...
Cyber Security News
2026年05月09日 234 觀看次數

Fake OpenAI repository on Hugging Face pushes infostealer malware
A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project to deliver information-stealing malware to Windows users. [...]
Bleepingcomputer
2026年05月09日 139 觀看次數

NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce Users
A data breach at GFN.AM, an authorized NVIDIA GeForce NOW cloud gaming service provider operating under “GFN CLOUD INTERNET SERVICES” LLC, has exposed personal information belonging to registered users. The company disclosed the incident on May 5, 2026, revealing that unauthorized...
Cyber Security News
2026年05月09日 273 觀看次數

Canvas login portals hacked in mass ShinyHunters extortion campaign
The ShinyHunters extortion gang has breached education technology giant Instructure again, this time exploiting another vulnerability to deface Canvas login portals for hundreds of colleges and universities. [...]
Bleepingcomputer
2026年05月08日 229 觀看次數

