Secure Bulletin – Navigating the cyber sea with knowledge

Latest news

Phishing

Email Bombing and Fake IT Support on Microsoft Teams: How Attackers Are Stealing Remote Access

4 May 2026 dark6

Attackers are combining inbox-flooding email bombing with fake IT support personas on Microsoft Teams to trick employees into granting remote...

Read more 0

Vulnerability

FreeBSD DHCP Client Flaw CVE-2026-42511 Allows Root Code Execution via Rogue DHCP Server

4 May 2026 dark6

A critical vulnerability in the FreeBSD DHCP client, CVE-2026-42511, allows attackers on the same local network to execute arbitrary commands...

Read more 0

Spyware

KidsProtect: New Rebrandable Android Stalkerware Platform Lets Anyone Resell Covert Surveillance Malware

4 May 2026 dark6

A new Android spyware tool called KidsProtect is being sold on hacking forums with a white-label reseller model that lets...

Read more 0

Vulnerability

Exim 4.99.2 Patches Four Vulnerabilities Including Heap Corruption, DNS Crash, and Memory Leaks

4 May 2026 dark6

The Exim development team has released version 4.99.2 to fix four security vulnerabilities — including a DNS-triggered crash on musl...

Read more 0

Databreach

Trellix Source Code Breach: Hackers Gain Unauthorized Access to Internal Repository of Major XDR Vendor

3 May 2026 dark6

Cybersecurity vendor Trellix has confirmed unauthorized access to part of its internal source code repository. The company says no evidence...

Read more 0

Vulnerability

APT Campaign Exploits cPanel CVE-2026-41940 to Breach Government and Military Servers Across South-East Asia

3 May 2026 dark6

A sophisticated threat actor has exploited the critical cPanel authentication bypass CVE-2026-41940 to compromise government and military servers across South-East...

Read more 0

Malware

DEEP#DOOR: New Python Backdoor Silently Harvests Browser Passwords, Cloud Tokens, SSH Keys, and Wi-Fi Credentials

2 May 2026 dark6

Securonix researchers have documented DEEP#DOOR, a self-contained Python backdoor delivered via obfuscated batch files that systematically disables Windows defenses before...

Read more 0

Malware

China-Aligned SHADOW-EARTH Deploys ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign Across Asia

2 May 2026 dark6

A China-aligned threat group has conducted a prolonged espionage campaign against government agencies and critical infrastructure across eight Asian countries....

Read more 0

Vulnerability

cPanelSniper PoC Exploit Released for CVSS 9.8 Flaw CVE-2026-41940 — 44,000 Servers Already Compromised

2 May 2026 dark6

A public proof-of-concept exploit framework called cPanelSniper has been released for CVE-2026-41940, a CVSS 9.8 authentication bypass in cPanel and...

Read more 0

Phishing

CORDIAL SPIDER and SNARKY SPIDER Deploy AiTM Pages to Breach SharePoint, HubSpot, and Google Workspace

2 May 2026 dark6

Two threat groups are deploying adversary-in-the-middle phishing pages combined with voice phishing to bypass MFA and hijack enterprise SaaS sessions....

Read more 0

Ransomware

VECT 2.0 Ransomware Permanently Destroys Files Over 128 KB Due to Encryption Flaw

1 May 2026 dark6

A critical encryption bug in VECT 2.0 ransomware permanently destroys all files larger than 128 KB rather than encrypting them,...

Read more 0

Phishing

Phoenix PhaaS Platform Weaponizes SMS to Impersonate Banks, Telecoms, and Delivery Firms Worldwide

1 May 2026 dark6

A new Phishing-as-a-Service platform called Phoenix has been linked to over 1,500 phishing domains since early 2024, running large-scale smishing...

Read more 0