Latest news

Critical Exim Vulnerability (EXIM-Security-2026-05-01.1): Remote Code Execution via GnuTLS BDAT Flaw — Patch Now
Vulnerability

Critical Exim Vulnerability (EXIM-Security-2026-05-01.1): Remote Code Execution via GnuTLS BDAT Flaw — Patch Now

14 May 2026 dark6

A critical use-after-free vulnerability in Exim mail servers (versions 4.97–4.99.2 with GnuTLS) allows unauthenticated remote attackers to corrupt heap memory...
Read more 0
Foxconn Confirms Cyberattack: Nitrogen Ransomware Gang Claims 8TB Stolen From North American Plants
Ransomware

Foxconn Confirms Cyberattack: Nitrogen Ransomware Gang Claims 8TB Stolen From North American Plants

14 May 2026 dark6

Foxconn has confirmed a ransomware attack on its North American factories after the Nitrogen gang claimed to have stolen 8TB...
Read more 0
CISA Adds CVE-2026-32202 to KEV Catalog as APT28 Actively Exploits Zero-Click Windows Shell Flaw
Vulnerability

CISA Adds CVE-2026-32202 to KEV Catalog as APT28 Actively Exploits Zero-Click Windows Shell Flaw

13 May 2026 dark6

CISA has added CVE-2026-32202, a zero-click Windows Shell authentication coercion flaw, to its KEV catalog following confirmed active exploitation by...
Read more 0
PoC Exploit Released for Android Zero-Click CVE-2026-0073 — Silent ADB Shell Access on Android 14–16
Vulnerability

PoC Exploit Released for Android Zero-Click CVE-2026-0073 — Silent ADB Shell Access on Android 14–16

13 May 2026 dark6

A public PoC exploit for CVE-2026-0073 enables any network-local attacker to gain a full ADB shell on unpatched Android 14–16...
Read more 0
Critical Palo Alto PAN-OS Vulnerability CVE-2026-0300 Actively Exploited — Unauthenticated Root RCE on Firewalls
Vulnerability

Critical Palo Alto PAN-OS Vulnerability CVE-2026-0300 Actively Exploited — Unauthenticated Root RCE on Firewalls

13 May 2026 dark6

Palo Alto Networks is warning of a critical CVE-2026-0300 buffer overflow in PAN-OS Captive Portal that enables unauthenticated root-level remote...
Read more 0
Microsoft Patch Tuesday May 2026: 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws
Vulnerability

Microsoft Patch Tuesday May 2026: 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws

13 May 2026 dark6

Microsoft's May 2026 Patch Tuesday delivers fixes for 120 vulnerabilities including 29 Critical-rated remote code execution flaws across Windows, SharePoint,...
Read more 0
GhostLock: New Attack Technique Locks Enterprise Files Like Ransomware — Without Any Encryption
Malware

GhostLock: New Attack Technique Locks Enterprise Files Like Ransomware — Without Any Encryption

12 May 2026 dark6

GhostLock is a newly disclosed attack technique that uses standard Windows file-locking behavior to paralyze enterprise SMB file shares without...
Read more 0
ShinyHunters Breaches Canvas LMS: Student Data from 9,000 Schools Exposed in Extortion Campaign
Databreach

ShinyHunters Breaches Canvas LMS: Student Data from 9,000 Schools Exposed in Extortion Campaign

12 May 2026 dark6

ShinyHunters has breached Instructure's Canvas LMS by exploiting the Free-For-Teacher account program, exposing data from an estimated 285 million users...
Read more 0
Operation SilentCanvas: Hackers Hide PowerShell Malware in Fake JPEG to Deploy Trojanized ScreenConnect Backdoor
Malware

Operation SilentCanvas: Hackers Hide PowerShell Malware in Fake JPEG to Deploy Trojanized ScreenConnect Backdoor

12 May 2026 dark6

Operation SilentCanvas is a new Windows attack campaign that hides a PowerShell script inside a fake JPEG file to deploy...
Read more 0
Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report
Vulnerability

Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report

12 May 2026 dark6

Google's Threat Intelligence Group reveals that cybercriminals have used AI to develop a working zero-day exploit targeting a web administration...
Read more 0
Let’s Encrypt Halts All Certificate Issuance After Cross-Signed Root Certificate Incident
Vulnerability

Let’s Encrypt Halts All Certificate Issuance After Cross-Signed Root Certificate Incident

11 May 2026 dark6

Let's Encrypt temporarily suspended all certificate issuance on May 8, 2026, after engineers identified a critical issue with a cross-signed...
Read more 0
Microsoft Patches Three Critical Information Disclosure Vulnerabilities in Microsoft 365 Copilot and Edge
Vulnerability

Microsoft Patches Three Critical Information Disclosure Vulnerabilities in Microsoft 365 Copilot and Edge

11 May 2026 dark6

Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities — CVE-2026-26129, CVE-2026-26164, and CVE-2026-33111 — affecting Microsoft 365...
Read more 0