soc

Threat actors are relying on social engineering to lure users into downloading files containing malicious instructions. The post Hugging Face, ClawHub Abused for Malware Distribution appeared first on SecurityWeek.

A new alert from the FBI says criminal enterprises are hacking both brokers and carriers to steal cargo for resale. The post FBI Warns of Surge in Hacker-Enabled Cargo Theft appeared first on SecurityWeek.

The compromised Lightning and Intercom packages have a combined monthly download count of nearly 10 million. The post 1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom appeared first on SecurityWeek.

With Mythos signaling a new era of near-instant exploitation, Anthropic positions Claude Security to help defenders keep pace. The post Anthropic Unveils Claude Security to Counter AI-Powered Exploit Surge appeared first on SecurityWeek.

Industrialized cybercrime delivers attacks with greater scale, speed and success. Defenders must match this with use of AI and automation. The post AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours appeared first on SecurityWeek.

The bugs could be exploited to bypass security controls, access restricted services, and crash firewalls. The post SonicWall Urges Immediate Patching of Firewall Vulnerabilities appeared first on SecurityWeek.

The Mini Shai-Hulud attack introduced a preinstall hook to fetch and execute a Bun binary and bypass security monitoring. The post SAP NPM Packages Targeted in Supply Chain Attack appeared first on SecurityWeek.

March 2026: Wiper Attack Paralyzes Stryker as BPO Breaches & Data Thefts Sweep the Month March 2026 brought a heavy concentration of significant cyber incidents across healthcare, outsourcing, software supply chains, and the entertainment sector. A politically motivated wiper attack against a major medical device manufacturer drew particular attention, while a sprawling supply chain campaign […]

CVE-2026-31431: “Copy Fail,” the Nine-Year-Old Linux Bug Introduced in 2017 A vulnerability hiding in plain sight for nearly a decade, capable of granting full root access to almost any Linux server with just a 732-byte Python script. Meet “Copy Fail” (CVE-2026-31431), a critical local privilege escalation flaw in the Linux kernel that affects virtually every […]

A newly disclosed CVE-2026-Adresse geschuetzt& WHM has put internet-facing hosting infrastructure under urgent scrutiny. The flaw carries a CVSS score of 9.8 and can let an unauthenticated remote attacker bypass authentication and gain administrative access, while cPanel’s advisory says the issue affects cPanel software, including DNSOnly, across all versions after 11.40. For […] The post […]