Microsoft has quietly extended its consumer Extended Security Updates (ESU) program for Windows 10, pushing the cutoff for critical security patches out another year to October 12, 2027. The move gives millions of users who have not yet migrated to Windows 11 additional time to receive important and critical security fixes, while Microsoft continues to encourage upgrades to the newer
Category: Cybersecurity
Zero-Day, APT, Exfiltration, Lateral-Movement, Privilege-Escalation, Botnet, Rootkit, Backdoor, Keylogger, Smishing, Vishing, Spear-Phishing, Social-Engineering, MITM, SQL-Injection, XSS, CSRF, Path-Traversal, Buffer-Overflow, Honeypot, CVE, CVSS, Red-Team, Blue-Team, Threat-Hunting, Malware-Analysis, MITRE-ATT&CK, Insider-Threat, Jailbreak, Shellcode, Exploit-Kit, LFI, RFI, Obfuscation, Payload, security advisory, vulnerability disclosure, CWE, OWASP, cybersecurity news, threat intelligence, SOC, SIEM, cryptotheft, evasion, CVE Security
Photo ZIP Campaign Targets Hospitality Industry with Node.js Implant for Persistent Access
Microsoft Threat Intelligence has identified an active, multi-stage intrusion campaign that has targeted organizations in the hospitality and hotel industry since April 2026. Attackers delivered browser-downloaded photo-themed ZIP archives that contained executable shortcut files disguised as images. When opened, these shortcuts kicked off an obfuscated PowerShell chain that fetched a Node.js–based implant, established dual registry persistence, and initiated command-and-control (C2)
Palo Alto GlobalProtect CVE-2026-0257: Active Exploitation and Urgent Steps for Defenders
Palo Alto Networks has warned that a recently patched authentication bypass in PAN-OS GlobalProtect, tracked as CVE-2026-0257, is now being actively exploited in the wild. The vulnerability allows attackers to bypass authentication controls and establish unauthorized VPN connections when devices are configured with specific authentication override cookie and certificate settings. Organizations running GlobalProtect should treat this as urgent: apply vendor
Project Glasswing and Mythos Preview: What 10,000+ AI-Found Vulnerabilities Mean for Software Security
In the weeks since Anthropic unveiled Project Glasswing and the Mythos Preview model, a startling new reality has emerged: AI can now find critical flaws across the software stack at an unprecedented scale. Early collaborators and independent testers report thousands of high- and critical-severity findings across essential infrastructure and widely used open-source projects. That rapid discovery is a boon for
cPanel compromise: CVE-2026-41940 and the Filemanager backdoor
A critical cPanel/WebHost Manager flaw tracked as CVE-2026-41940 is being actively exploited to deploy a cross-platform backdoor known as Filemanager. Security researchers tied the activity to a threat actor using the handle Mr_Rot13, and observed rapid, automated scanning and exploitation from thousands of attacker IPs worldwide. The attacks move quickly from an initial authentication bypass to persistent access via injected
Hackers Used AI to Build First Known Zero-Day 2FA Bypass, Google Warns
Google’s threat hunters have flagged a troubling milestone: the first known instance of a zero-day exploit likely discovered and weaponized using an artificial intelligence model. What began as an obscure Python script has been linked to a coordinated effort by cybercriminals to develop a two-factor authentication (2FA) bypass that could be scaled for mass exploitation. The disclosure underscores how AI