Latest Internet & Cybersecurity News
Microsoft Exchange Server zero-day under active exploitation
Microsoft confirmed active exploitation of CVE-2026-42897 in Exchange Server and issued temporary mitigations while a permanent fix is still in progress. The issue has also been added to CISA’s Known Exploited Vulnerabilities catalog, underscoring the urgency for defenders to patch or harden exposed systems.
Cisco Catalyst SD-WAN flaw added to CISA’s exploited vulnerabilities list
Cisco fixed a vulnerability in Catalyst SD-WAN Controller that was reportedly exploited by a highly sophisticated threat actor before the patch. CISA’s inclusion of the flaw in its KEV catalog signals real-world abuse and increases pressure on organizations to apply updates quickly.
OpenAI affected by a supply-chain attack tied to malicious TanStack packages
A wave of malicious package activity targeted developers by abusing stolen credentials and self-propagating through open-source ecosystems. Reports say OpenAI was among the organizations affected, with two staffers impacted as part of the broader campaign.
Pwn2Own Berlin 2026 wraps up with more than $1.298 million awarded
Day three of Pwn2Own Berlin 2026 pushed the total prize pool above $1.298 million, with DEVCORE named Master of Pwn. The event highlighted multiple high-impact bugs across consumer, enterprise, and AI products, reinforcing how many popular technologies still hide serious security flaws.
Pwn2Own Berlin 2026 exposes more Microsoft Exchange and AI product weaknesses
On day one and day two, researchers demonstrated successful exploits against Microsoft Exchange and several AI products, driving payouts past $900,000 before the final day. The results show that even heavily used enterprise and emerging AI platforms remain fertile ground for offensive research and real-world attackers alike.
Russian APT Turla builds long-term access tool via Kazuar botnet evolution
Security researchers say the Russian-linked Turla group has evolved its Kazuar malware into a longer-term access tool aimed at maintaining persistence. The development suggests an ongoing effort to strengthen covert access and improve resilience against detection and takedown.
Ghostwriter resumes attacks on Ukrainian government targets
The Ghostwriter espionage group has returned to targeting Ukrainian government entities in a renewed campaign. The activity reflects the continued use of cyber operations in geopolitical conflicts, with government organizations remaining prime intelligence targets.
Researchers disclose YellowKey and GreenPlasma Windows zero-days
Security researchers uncovered two previously unknown Windows zero-days, dubbed YellowKey and GreenPlasma. While details are still emerging, the disclosure adds to the growing list of high-risk flaws affecting mainstream operating systems.
Linux kernel bug Fragnesia could allow local root compromise
A newly disclosed Linux kernel flaw known as Fragnesia was reported to allow local privilege escalation to root. Because Linux underpins servers, cloud workloads, and embedded systems, even local root bugs can have broad security impact if chained with other attacks.
Broadcom issues VMware Fusion update for root access bug
Broadcom released a security update for VMware Fusion after identifying a flaw that could lead to root access. Virtualization products are high-value targets because successful exploitation can provide powerful control over guest or host environments.
Attackers exploit cPanel CVE-2026-41940 to deploy Filemanager backdoor
Threat actors are actively abusing a cPanel vulnerability to install a backdoor referred to as Filemanager. The campaign highlights how attackers continue to weaponize exposed administrative software to gain persistent access to hosted environments.
Android banking Trojan TrickMo evolves with TON-based command and control
TrickMo, a mobile banking trojan, has evolved its infrastructure by using the TON network for command-and-control communications. This makes tracking and disruption more difficult, while showing how malware operators keep adapting to evade defenders.