New xlabs_v1 Botnet Targets IoT Devices via Exposed ADB Services, Offers DDoS-for-Hire Attacks Against Servers

250/69 Friday, May 8, 2026 Cybersecurity researchers from Hunt.io have disclosed the discovery of a new Mirai-based botnet named “xlabs_v1,” which specifically targets devices exposing Android Debug Bridge (ADB) services over TCP port 5555. The botnet primarily focuses on Android TV boxes, smart TVs, set-top boxes, home routers, and various IoT devices supporting ARM, MIPS, […]

sittisak mintaboon

May 8, 2026

Critical Vulnerability in Ollama May Expose Over 300,000 Publicly Accessible Instances

249/69 Thursday, May 7, 2026 Security researchers from Cyera have warned about a critical vulnerability in Ollama tracked as CVE-2026-7482, also referred to as “Bleeding Llama,” which could place more than 300,000 internet-exposed Ollama instances at risk of sensitive data theft. The vulnerability is a heap out-of-bounds read issue within the GGUF model loader and […]

sittisak mintaboon

May 7, 2026

Microsoft Warns of Global Phishing Campaign Stealing Authentication Tokens, Affecting Over 35,000 Users

248/69 Thursday, May 7, 2026 Microsoft has disclosed a large-scale phishing campaign targeting more than 35,000 users across 26 countries during mid-April 2026. The attackers used fraudulent emails themed around “Code of Conduct” violations, delivered through legitimate email services, to lure victims into visiting fake websites designed to steal authentication tokens and login credentials. Microsoft […]

sittisak mintaboon

May 7, 2026

Vimeo Confirms Data Breach Affecting 119,000 Users After ShinyHunters Exploited Third-Party Vendor Vulnerability

247/69 Thursday, May 7, 2026 Vimeo has confirmed a data breach incident affecting approximately 119,000 users during April 2026. The company stated that the breach did not originate from a direct compromise of Vimeo’s own systems, but was instead linked to a vulnerability involving Anodot, a third-party analytics service provider. Through this connection, the ShinyHunters […]

sittisak mintaboon

May 7, 2026

Palo Alto Networks prepares emergency patches for a zero-day vulnerability after active exploitation against real-world firewalls was detected.

246/69 Wednesday, May 6, 2026 Palo Alto Networks has confirmed the discovery of a critical zero-day vulnerability, tracked as CVE-2026-0300, affecting PAN-OS. The flaw is a Buffer Overflow vulnerability in the User-ID Authentication Portal (Captive Portal) service and impacts PA-Series and VM-Series firewalls with the feature enabled. The vulnerability could allow unauthenticated remote attackers to […]

sittisak mintaboon

May 6, 2026

National Cyber Security Centre warns that AI is accelerating vulnerability discovery, raising concerns over a global “Patch Wave.”

245/69 Wednesday, May 6, 2026 The National Cyber Security Centre (NCSC) has warned that artificial intelligence (AI) is significantly accelerating the discovery of software vulnerabilities, increasing the global risk of cyberattacks. According to the agency, highly skilled threat actors can now leverage AI to identify hidden vulnerabilities much faster than before, potentially leading to the […]

sittisak mintaboon

May 6, 2026

Hackers increasingly abuse Amazon SES services to deliver phishing emails and bypass security systems.

244/69 Wednesday, May 6, 2026 Researchers from Kaspersky have reported a significant rise in cyberattack campaigns where threat actors abuse Amazon Web Services Simple Email Service (SES), a legitimate and trusted email delivery platform, to distribute large-scale phishing emails targeting organizations. The primary cause is the exposure of AWS IAM Access Keys through public sources […]

sittisak mintaboon

May 6, 2026

Microsoft Confirms April Windows Update Affects Some Backup Systems

243/69 Tuesday, May 5, 2026 Microsoft has confirmed that its April 2026 Windows security updates may cause certain backup applications to malfunction. The issue primarily affects software that relies on the psmounterex.sys driver for mounting or managing backup image files. It may impact some devices running Windows 10, Windows 11, and Windows Server, resulting in […]

sittisak mintaboon

May 5, 2026

Cyberattack on Sistemi Informativi Highlights Risks to Europe’s Digital Infrastructure

242/69 Tuesday, May 5, 2026 In late April 2026, a cybersecurity incident targeted Sistemi Informativi, an IBM subsidiary responsible for managing critical IT infrastructure for government and industrial sectors in Italy. The incident raised concerns among security agencies and critical infrastructure providers, as the company’s systems are interconnected with multiple sectors across the country. IBM […]

sittisak mintaboon

May 5, 2026

Google Revamps Bug Bounty Strategy, Raises Android Rewards to $1.5 Million to Counter AI-Era Cyber Threats

241/69 Tuesday, May 5, 2026 Google has announced a major overhaul of its Vulnerability Reward Programs (VRP) for both Android and Chrome, adapting to a new era where artificial intelligence plays a significant role in bug discovery. Reports indicate that advanced AI tools-such as GPT-5.4 Cyber-can rapidly analyze code and help generate attack models, leading […]

sittisak mintaboon

May 5, 2026
1 11 12 13 100