12 Jul, 2026

Critrical cPanel flaw mass-exploited in “Sorry” ransomware attacks

A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in “Sorry” ransomware attacks. This week, an emergency update for WHM and cPanel was released to fix a critical authentication bypass flaw that allows attackers to access control panels. WHM and cPanel are Linux-based web hosting control panels for server […]

2 mins read

ConsentFix v3 attacks target Azure with automated OAuth abuse

A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums as an improved technique that automates attacks against Microsoft Azure. The first version of ConsentFix was presented by Push Security last December as a variation of ClickFix for OAuth phishing attacks, which tricks victims into completing a legitimate Microsoft login flow via the Azure […]

3 mins read

Edu tech firm Instructure discloses cyber incident, probes impact

Instructure, the company behind the widely used Canvas learning platform, has disclosed that it recently suffered a cybersecurity incident and is now investigating its impact. The U.S.-based education technology company is best known for developing Canvas, a widely used learning management system that helps schools, universities, and organizations manage coursework, assignments, and online learning. “Instructure […]

2 mins read

15-year-old detained over French govt agency data breach

French authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the country’s agency for issuing and managing administrative documents. The government agency confirmed the breach and the authenticity of the data offered for sale on a cybercriminal forum by someone using the alias ‘breach3d’. ​On April 13, ANTS detected […]

2 mins read

Microsoft fixes Remote Desktop warnings displaying incorrectly

Microsoft has fixed a known issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. This known issue affects all supported Windows versions, including Windows 11 (KB5083768 & KB5083769), Windows 10 (KB5082200), and Windows Server (KB5082063), on devices with multiple monitors and different display scaling settings. Microsoft addressed the bug in the optional KB5083631 preview […]

2 mins read

US ransomware negotiators get 4 years in prison over BlackCat attacks

Two former employees of cybersecurity incident response companies Sygnia and DigitalMint were sentenced to four years in prison each for targeting U.S. companies in BlackCat (ALPHV) ransomware attacks. 40-year-old Ryan Clifford Goldberg (a former Sygnia incident response manager) and 36-year-old Kevin Tyler Martin (a DigitalMint ransomware negotiator) were charged in November and pleaded guilty in December to conspiracy to […]

2 mins read

New Bluekit phishing service includes an AI assistant, 40 templates

A new phishing kit named Bluekit offers more than 40 templates targeting popular services and includes basic AI features for generating campaign drafts. Available templates can be used to target email accounts (Outlook, Hotmail, Gmail, Yahoo, ProtonMail), cloud services (iCloud), developer platforms (GitHub), and cryptocurrency services (Ledger). What makes the kit stand out is the […]

2 mins read

Romanian leader of online swatting ring gets 4 years in prison

A Romanian national who led an online swatting ring that targeted more than 75 public officials, multiple journalists, and four religious institutions was sentenced to 4 years in federal prison. Swatting is a dangerous criminal harassment tactic involving making false reports to emergency responders of an ongoing violent threat at a target’s address to provoke an […]

3 mins read

FBI links cybercriminals to sharp surge in cargo theft attacks

The U.S. Federal Bureau of Investigation (FBI) warned the transportation and logistics industry of a sharp rise in cyber-enabled cargo theft, with estimated losses in the United States and Canada reaching nearly $725 million in 2025. This represents a 60% surge in losses compared to the previous year, fueled by criminals increasingly using hacking and […]

3 mins read

April KB5083769 Windows 11 update causes backup software failures

The April 2026 KB5083769 security update breaks third-party backup applications from multiple vendors on systems running Windows 11 24H2 and 25H2. According to user reports, first spotted by Microsoft MVP Susan Bradley, this issue affects software using VSS (Volume Shadow Copy Service) snapshots and causes failures due to a VSS service timeout. Microsoft VSS was introduced in Windows […]

2 mins read