A major QLearn cybersecurity incident has affected thousands of educational institutions globally, including Queensland state schools and universities, after a cyber breach involving third-party education technology provider Instructure exposed personal information linked to students and staff. Quee
Researchers at Kaspersky said attackers tampered with installers for Daemon Tools — a popular program used to mount disk images as virtual drives — and distributed them through the software’s official website.
The persistent, evasive implant provides remote access, surveillance, and credential exfiltration capabilities. The post Sophisticated Quasar Linux RAT Targets Software Developers appeared first on SecurityWeek.
Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, Gartner states that “enterprise adoption of AI agents is accelerating, outpacing maturity of govern
Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug Bridge (ADB) to enlist them in a network capable of carrying out distributed denial-of-service (DDoS) attacks. Hunt.io, which detailed the mal
A newly disclosed flaw exposes internet-facing MajorDoMo servers to unauthenticated remote code execution via a broken authentication flow and unsafe dynamic PHP evaluation. The vulnerability (CVE-2026-27174) stems from the /admin.php request flow, where improper handling of unauthorized access allo
A critical cybersecurity vulnerability has been uncovered in Argo CD, a widely used declarative GitOps continuous delivery tool for Kubernetes environments. Tracked as CVE-2026-43824, this high-severity flaw allows low-privileged users to extract plaintext Kubernetes Secrets directly from a cluster.
A new and previously undocumented Linux threat has emerged, targeting software developers in a way that could put entire supply chains at risk. Named Quasar Linux, or QLNX, this malware operates as a full-featured remote access trojan built specifically for Linux systems. It combines stealth techniq
The initiative, named CI Fortify, focuses on isolation and recovery efforts that would see critical infrastructure organizations proactively disconnect from third-party dependencies and find ways to operate without reliable telecommunications and internet.
Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems for recovery. [...]
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. [...]
Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said. The initiative
A critical security flaw has been discovered in Fanwei E-cology10, a widely used enterprise collaboration platform built for medium and large organizations. The vulnerability, tracked as QVD-2026-14149, allows attackers to remotely execute arbitrary code on the target server without needing any logi
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a "false flag" operation. The attack, observed by Rapid7 in early 2026, has been found to leverage social engineer
Security researcher notified US-CERT in 2024, but the exposed military data remained publicly accessible through April 2026. Leaked information ...
A severe zero-authorization vulnerability in Schemata’s API, an AI-powered virtual training platform holding active Department of Defense (DoD) contracts, recently exposed highly sensitive military training materials and U.S. service member records. Discovered by the open-source AI hacking agent Str
The agency has issued guidance to help critical infrastructure operators prepare for cyberattacks by foreign threat actors. The post CISA: Critical Infrastructure Must Master Isolation, Recovery appeared first on SecurityWeek.
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. [...]
Australia has announced the creation of a Cyber Incident Review Board, a move aimed at strengthening the country’s ability to respond to and learn from major cyberattacks. The initiative places Australia among a small group of jurisdictions globally that have formalised independent review mechanisms Source: The Cyber Express