A critical cPanel/WebHost Manager flaw tracked as CVE-2026-41940 is being actively exploited to deploy a cross-platform backdoor known as Filemanager. Security researchers tied the activity to a threat actor using the handle Mr_Rot13, and observed rapid, automated scanning and exploitation from thousands of attacker IPs worldwide. The attacks move quickly from an initial authentication bypass to persistent access via injected
Category: Cybersecurity
Zero-Day, APT, Exfiltration, Lateral-Movement, Privilege-Escalation, Botnet, Rootkit, Backdoor, Keylogger, Smishing, Vishing, Spear-Phishing, Social-Engineering, MITM, SQL-Injection, XSS, CSRF, Path-Traversal, Buffer-Overflow, Honeypot, CVE, CVSS, Red-Team, Blue-Team, Threat-Hunting, Malware-Analysis, MITRE-ATT&CK, Insider-Threat, Jailbreak, Shellcode, Exploit-Kit, LFI, RFI, Obfuscation, Payload, security advisory, vulnerability disclosure, CWE, OWASP, cybersecurity news, threat intelligence, SOC, SIEM, cryptotheft, evasion, CVE Security
Hackers Used AI to Build First Known Zero-Day 2FA Bypass, Google Warns
Google’s threat hunters have flagged a troubling milestone: the first known instance of a zero-day exploit likely discovered and weaponized using an artificial intelligence model. What began as an obscure Python script has been linked to a coordinated effort by cybercriminals to develop a two-factor authentication (2FA) bypass that could be scaled for mass exploitation. The disclosure underscores how AI
Breaking the code: how a multi-stage “code of conduct” phishing campaign led to AiTM token compromise
Phishing has evolved from crude scams to carefully engineered deceptions that mimic trusted internal processes. In mid‑April 2026, Microsoft Defender Research observed a large, multi‑stage campaign that did exactly that: it masqueraded as internal “code of conduct” notifications, used polished templates and legitimate delivery services, and funneled victims through a sequence of CAPTCHA and staging pages that ultimately proxied real
Let’s Encrypt Temporarily Halts Certificate Issuance Following Root Incident
On May 8, 2026, Let’s Encrypt, the widely used non-profit certificate authority, took the drastic step of temporarily suspending all certificate issuance. The move came after engineers discovered a critical issue involving a cross-signed certificate that linked the organization’s current Generation X root to its upcoming Generation Y root infrastructure. This preventive measure resulted in a complete shutdown of services
Critical Microsoft 365 Copilot Flaws: What Organizations Need to Know
Microsoft has disclosed and silently remediated three critical information-disclosure vulnerabilities in Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. The flaws—CVE-2026-26129, CVE-2026-26164, and CVE-2026-33111—were published on May 7, 2026, and Microsoft reports that mitigations were deployed on the cloud side so that no customer action or patch installation is required. While that immediate remediation reduces near-term risk, the underlying
How Mozilla Used Mythos to Find 271 Firefox Vulnerabilities — and What It Means
Mozilla says it used Anthropic’s Mythos model, together with a custom agent harness, to uncover 271 security issues in Firefox over roughly two months. The disclosure, supported by a small set of public Bugzilla reports, highlights a workflow that pairs large language models with deterministic tooling and verification to reduce hallucinations and produce actionable test cases — but it has