ZCyberNews — Cybersecurity & Tech Intelligence
ModeloRAT Campaign Abuses Microsoft Teams for Enterprise Intrusion
Rapid7 dissects an April 2026 intrusion where a fake IT Support Teams message delivered ModeloRAT via Dropbox, leading to privilege escalation, credential theft, and lateral...
See more updates →4 min read
CVE-2026-41089: Windows Netlogon RCE Exploited in Wild
CVE-2026-41089 is a critical Windows Netlogon RCE now reported as exploited in the wild, with Microsoft CNA scoring it CVSS 9.8.
CVE-2024-55591
The Gentlemen RaaS Internal Leak Exposes Admin, Affiliates, Tactics
A leaked backend database from The Gentlemen RaaS operation reveals 9 accounts, admin TOX ID, initial access via Fortinet/Cisco edge flaws, and a 190,000 USD ransom payout.
Read →More from today
See all →- 1wVulnerabilitiesCVE-2026-9082: Drupal Core SQL Injection Bug Added to CISA KEV
- 2wVulnerabilitiesCVE-2026-20223 (CVSS 10): Unauthenticated API Access in Cisco Secure
- 2wVulnerabilitiesCVE-2026-2586: Authenticated RCE in GlassFish Admin Console
- 2wVulnerabilitiesCVE-2026-8957: Mozilla Patches Privilege Escalation in Enterprise
- 2wVulnerabilitiesCVE-2026-8959: Firefox Sandbox Escape via Win32 Boundary Flaw
Threat Intel
ModeloRAT Campaign Abuses Microsoft Teams for Enterprise Intrusion
Rapid7 dissects an April 2026 intrusion where a fake IT Support Teams message delivered ModeloRAT via Dropbox, leading to privilege escalation, credential theft, and lateral...
The Gentlemen RaaS Internal Leak Exposes Admin, Affiliates, Tactics
A leaked backend database from The Gentlemen RaaS operation reveals 9 accounts, admin TOX ID, initial access via Fortinet/Cisco edge flaws, and a 190,000 USD ransom payout.
TeamPCP Hijacks TanStack CI/CD, Poisons 170+ NPM/PyPI Packages
TeamPCP chained three GitHub Actions flaws to hijack TanStack's CI/CD, publishing 84 malicious artifacts across 42 packages.
Vulnerabilities
9.8
critical
CVE-2026-41089: Windows Netlogon RCE Exploited in Wild
CVE-2026-41089
6.5
medium
CVE-2026-9082: Drupal Core SQL Injection Bug Added to CISA KEV
CVE-2026-9082
10.0
critical
CVE-2026-20223 (CVSS 10): Unauthenticated API Access in Cisco Secure
CVE-2026-20223
Malware
Secret Blizzard
BOTNET
Secret Blizzard Upgrades Kazuar Backdoor Into P2P Botnet
May 16 · HIGH
Gremlin Stealer
STEALER
Gremlin Stealer Evolves: Crypto Clipping, Session Hijacking, Packed
May 15 · HIGH
TrickMo
TROJAN
TrickMo Android Trojan Uses TON Blockchain for C2, SOCKS5 Pivots
May 12 · HIGH
Industry News
Grafana GitHub Token
GRAFANA
Grafana GitHub Token Breach Lets Attacker Download Full Codebase
May 17 · HIGH
AI Agents Automate
AI SECURITY
AI Agents Automate Exploitation of Obscure Vulnerabilities
May 16 · HIGH
AI Hallucinations Exploit
AI SECURITY
AI Hallucinations Exploit Human Trust in Critical Infrastructure
May 14 · HIGH
Tools & Techniques
Metasploit Adds Vim Plugin Persistence, Exploits for Three CVEs
Rapid7's Metasploit Framework adds Vim plugin persistence, exploits for CVE-2025-6793 (Marvell QConvergeConsole), CVE-2024-48760 (GestioIP), and CVE-2023-30253 (Dolibarr).
Signal Adds In-App Warnings to Block Russian-Linked Phishing Attacks
Signal introduced new in-app confirmations and warnings to counter phishing attacks linked to Russian state hackers who abused the Linked Device feature to hijack high-profile...
Anthropic Launches Claude Security for AI-Driven Exploit Defense
Anthropic released Claude Security, a defensive AI suite to counter autonomous exploit tools like Mythos that weaponize zero-days in minutes. Targets enterprise SOCs.
AI Security
Anthropic
AI SECURITY
Mythos AI Excels at Code Audits but Struggles With Exploit Validation
May 14 · INFORMATIONAL
Anthropic
AI SECURITY
Mythos AI Finds Bugs Faster Than Teams Can Patch
Apr 27 · HIGH
Agentic AI
ATTACK VECTOR
Agentic AI Systems Introduce Novel Enterprise Security Risks
Apr 22 · HIGH
Stay Updated
Get the latest cybersecurity news delivered to your inbox.