Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-28 17:00 PDT
- Broken VECT 2.0 ransomware acts as a data wiper for large files
BleepingComputer • 2026-04-28 14:25 • www.bleepingcomputer.com
Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files rather than encrypt them. […]
https://www.bleepingcomputer.com/news/security/broken-vect-20-ransomware-acts-as-a-data-wiper-for-large-files/ - Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
BleepingComputer • 2026-04-28 14:07 • www.bleepingcomputer.com
Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208. […]
https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-a-critical-litellm-pre-auth-sqli-flaw/ - Video service Vimeo confirms Anodot breach exposed user data
BleepingComputer • 2026-04-28 12:04 • www.bleepingcomputer.com
Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company. […]
https://www.bleepingcomputer.com/news/security/video-service-vimeo-confirms-anodot-breach-exposed-user-data/ - Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
The Hacker News • 2026-04-28 11:19 • thehackernews.com
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single “git push” command.
The flaw, tracked as CVE-2026-3854 (CVSS score: 8.7), is a case of command injection that could allow an attacker with push access to a repository to achieve
https://thehackernews.com/2026/04/researchers-discover-critical-github.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
