Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-06 03:00 PDT
- Websites with an undefined trust level: avoiding the trap
Securelist • 2026-05-06 02:30 • securelist.com
We explain what suspicious websites are and how to distinguish a safe site from a fraudulent one. A new category in Kaspersky solutions: we’re sharing global statistics on untrusted site detection.
https://securelist.com/suspicious-websites-undefined-trust-level/119675/ - Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
BleepingComputer • 2026-05-06 02:18 • www.bleepingcomputer.com
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. […]
https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-actively-exploited-firewall-zero-day/ - Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
The Hacker News • 2026-05-06 02:13 • thehackernews.com
Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks.
“This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute,” Google’s product and security teams said.
The initiative builds upon the foundation of Pixel Binary Transparency, which Google introduced in October 2021
https://thehackernews.com/2026/05/android-apps-get-public-verification.html - Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
The Hacker News • 2026-05-06 01:34 • thehackernews.com
Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote access tool (RAT) and a previous undocumented plugin dubbed Pheno with the aim of facilitating credential theft.
“According to the functionalities of the CloudZ RAT and Pheno plugin, this was with the intention of stealing victims’ credentials and potentially one-time passwords (OTPs),”
https://thehackernews.com/2026/05/windows-phone-link-exploited-by-cloudz.html - Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
The Hacker News • 2026-05-05 23:14 • thehackernews.com
Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild.
The vulnerability, tracked as CVE-2026-0300, has been described as a case of unauthenticated remote code execution. It carries a CVSS score of 9.3 if the User-ID Authentication Portal is configured to enable access from the internet or any
https://thehackernews.com/2026/05/palo-alto-pan-os-flaw-under-active.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
