'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.
The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.
Romanian national Gavril Sandu faces up to 30 years in a US prison after extradition over a VOIP vishing and fake debit card fraud scheme.
Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. [...]
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks.
Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago — the same old holes, same lazy access paths, same “how the hell is this still op…
The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks.
Uma nova campanha de infostealer está usando um falso instalador do OpenClaw para roubar credenciais de carteiras de criptomoedas, gerenciadores de senhas e extensões de autenticação instaladas em navegadores. O OpenClaw é apresentado como um assistente pessoal de IA de código ab…
A Microsoft corrigiu três vulnerabilidades críticas que afetavam o Microsoft 365 Copilot e o Copilot Chat integrado ao Microsoft Edge, com risco de exposição de informações sensíveis em ambientes corporativos. As falhas foram divulgadas em 7 de maio de 2026 e são rastreadas como …
Hackers are abusing Vercel GenAI to create convincing phishing sites that mimic major brands, including Microsoft, Adidas, and Nike, making scams harder to detect.
A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy command-and-control communications. [...]
A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users. The project, named Open-OSS/privacy-filter, masqueraded as its legit…
Matthew Knoot and Erick Prince have been jailed for 18 months each for helping North Korean hackers infiltrate US firms through remote laptop farms.
O Centro Nacional de Segurança Cibernética (NCSC) prevê a exploração generalizada de novas vulnerabilidades da Ivanti. A agência cibernética americana CISA instruiu as agências governamentais a instalarem as correções disponíveis em até três dias. Ontem, a Ivanti emitiu um alerta…
A cPanel publicou, na última sexta-feira, dia 8 de maio, o segundo pacote emergencial de correções em menos de duas semanas, após um ataque de ransomware que comprometeu aproximadamente 44 mil servidores que utilizavam o software de gerenciamento de hospedagem. As informações con…
Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign. Users searching for "Claude mac download" may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware o…
A Agência de Segurança Interna da Polônia (ABW)publicou na semana passada seu novo relatório de atividades, documentando ataques cibernéticos direcionados a sistemas de controle industrial de estações de tratamento de água em pelo menos cinco municípios poloneses durante 2025. O …
German authorities have shut down a relaunch version of the criminal marketplace 'Crimenetwork' that generated more than 3.6 million euros, and arrested its operator. [...]
Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could allow a remote, unauthenticated attacker to leak its entire process memory. The out-of-bounds read flaw, which likely impacts over 300,000 servers globally,…
JDownloader confirms a security breach where hackers manipulated official download links to distribute malicious files between 6 and 7 May 2026.
The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan. [...]