VECT 2.0 Ransomware Flaw Wipes Data; DAEMON Tools Hit by Supply Chain Attack; Critical Linux Flaw Grants Root Access

DAEMON Tools Installers Compromised in Ongoing Supply-Chain Attack

An ongoing supply chain attack, active since April 8, 2026, has been compromising the official installers for DAEMON Tools, a popular disk emulation utility. Researchers at Kaspersky discovered that installers downloaded from the company's legitimate website w...

New 'CloudZ' Malware Abuses Microsoft Phone Link to Steal Mobile Data

A novel malware campaign is leveraging a remote access trojan (RAT) named CloudZ and a custom plugin, Pheno, to abuse the Microsoft Phone Link feature in Windows. This attack, identified by Cisco Talos, allows threat actors to steal sensitive data from a user'...

Critical MetInfo CMS Vulnerability Under Active Exploitation

A critical unauthenticated remote code execution (RCE) vulnerability in the MetInfo Content Management System, tracked as CVE-2026-29014, is being actively exploited in the wild. The flaw, which carries a CVSS score of 9.8, allows attackers to inject and execu...

SANS and SERC Partner to Bolster Grid Cybersecurity Training

The SANS Institute and the SERC Reliability Corporation have formed a strategic partnership to deliver advanced cybersecurity training to electric utilities across the United States. This initiative aims to strengthen the reliability of the bulk electric syste...

CISA Launches 'CI Fortify' to Bolster Critical Infrastructure Resilience

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has launched a new initiative, 'CI Fortify,' to help critical infrastructure (CI) entities enhance their resilience against cyberattacks. The guidance focuses on preparing organizations to mainta...

CISA Warns of 'ShadowProxy' Phishing-as-a-Service that Bypasses MFA

Update:Microsoft Threat Intelligence has reported on a significant AiTM phishing campaign active from April 14-16, 2026, impacting 35,000 users across 13,000 organizations, primarily in the US healthcare, financial, and professional services sectors. The attackers us...

Instructure Confirms Massive Breach; ShinyHunters Claims 275 Million User Records from Canvas LMS

Update:Further details reveal the Instructure data breach, previously reported as a data exfiltration and extortion event, is now confirmed to be a ransomware attack by ShinyHunters. This indicates a double extortion tactic, where systems were likely encrypted for im...

Critical cPanel Zero-Day (CVE-2026-41940) Actively Exploited, Over 40,000 Servers Compromised

Update:Attackers have quickly reverse-engineered the CVE-2026-41940 patch, leading to escalated mass exploitation. The 'Sorry' ransomware, a key payload, is now confirmed to wipe backups, significantly increasing its destructive potential. New intelligence indicates...

Cybersecurity Vendor Trellix Confirms Breach of Source Code Repository

Update:New details confirm Trellix serves over 50,000 customers and highlights similar breaches at Checkmarx and Cisco. The report also provides 'Cyber Observables - Hunting Hints' for customers, advising enhanced monitoring of Trellix ePO/XDR console logs, outbound...

Vimeo Data Exposed in Supply-Chain Attack on Vendor Anodot; ShinyHunters Implicated

Update:This update provides a refined technical analysis of the Vimeo data breach, incorporating updated MITRE ATT&CK mappings such as T1078.004 (Valid Accounts: Cloud Accounts), T1539 (Steal Web Session Cookie), and T1580 (Cloud Infrastructure Discovery). Additional...