May 30, 2026

Palo Alto PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Actively Exploited

Cybersecurity teams around the world are being urged to take immediate action following the discovery of a critical vulnerability in Palo Alto Networks’ PAN-OS software. The flaw, identified as CVE-2026-0257 and assigned a CVSS score of 7.8, is already being actively exploited in the wild. The vulnerability affects the GlobalProtect portal and gateway and allows attackers to establish unauthorized VPN […]
May 23, 2026

Anthropic’s AI Finds Thousands of Security Flaws in Major Software Systems

Anthropic made headlines after introducing Claude Mythos Preview, a new AI model designed to assist security researchers in finding previously unknown software vulnerabilities. Unlike traditional security tools, the model can analyze large amounts of code, identify potential weaknesses, and help researchers understand how those flaws might be exploited.At the same time, Anthropic launched Project Glasswing, a cybersecurity initiative that brought […]
May 20, 2026

GitHub Breached Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub has confirmed a security breach that resulted in unauthorized access to nearly 3,800 internal repositories after a malicious Visual Studio Code extension was installed on an employee’s device. According to the company’s investigation, the incident was traced to Nx Console version 18.95.0, a compromised extension that was published to the Visual Studio Code Marketplace on May 18, 2026. The […]
May 15, 2026

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

One of the largest cybersecurity incidents to impact the education sector came to light in May 2026 after learning platform Canvas LMS confirmed that it had suffered a significant data breach. According to Instructure, the company behind Canvas, unauthorized access to its systems occurred on April 25. The intrusion was detected several days later, and the company publicly disclosed the […]
May 10, 2026

CallPhantom Fraud: 28 Fake Android Apps on Google Play Scam 7.3 Million Users

Cybersecurity researchers have uncovered a large-scale scam involving 28 fraudulent Android applications that were available on the Google Play Store. These apps falsely claimed to provide users with access to call histories, SMS records, and even WhatsApp call logs for any phone number. According to security researchers, the apps were downloaded more than 7.3 million times before Google removed them […]
May 1, 2026

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

In a case that has shocked the cybersecurity community, two former cybersecurity professionals have been sentenced to four years in federal prison after helping the notorious ALPHV/BlackCat ransomware group carry out cyber extortion attacks.Ryan Goldberg, an incident response manager at Sygnia, and Kevin Martin, a ransomware negotiator at DigitalMint, used their industry knowledge to assist cybercriminals rather than protect organizations […]