Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-07 13:00 PDT
- New PCPJack worm steals credentials, cleans TeamPCP infections
BleepingComputer • 2026-05-07 11:35 • www.bleepingcomputer.com
A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing TeamPCP’s access to the systems. […]
https://www.bleepingcomputer.com/news/security/new-pcpjack-worm-steals-credentials-cleans-teampcp-infections/ - Australia warns of ClickFix attacks pushing Vidar Stealer malware
BleepingComputer • 2026-05-07 11:00 • www.bleepingcomputer.com
The Australian Cyber Security Center (ACSC) is warning organizations of an ongoing malware campaign using the ClickFix social engineering technique to distribute the Vidar Stealer info-stealing malware. […]
https://www.bleepingcomputer.com/news/security/australia-warns-of-clickfix-attacks-pushing-vidar-stealer-malware/ - Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
The Hacker News • 2026-05-07 10:55 • thehackernews.com
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.
The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1.
It allows “a remotely authenticated user with administrative access to achieve remote code
https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html - PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
The Hacker News • 2026-05-07 10:45 • thehackernews.com
Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments.
“The toolset harvests credentials from cloud, container, developer, productivity, and financial services, then exfiltrates the data through attacker-controlled infrastructure while attempting
https://thehackernews.com/2026/05/pcpjack-credential-stealer-exploits-5.html - Ivanti warns of new EPMM flaw exploited in zero-day attacks
BleepingComputer • 2026-05-07 08:20 • www.bleepingcomputer.com
Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. […]
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks/ - The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls
BleepingComputer • 2026-05-07 07:01 • www.bleepingcomputer.com
Your security controls aren’t failing, they’re missing where most of today’s work actually happens. Keep Aware shows how browser activity like copy/paste and AI prompts bypass traditional protections. […]
https://www.bleepingcomputer.com/news/security/the-browser-is-breaking-your-dlp-how-data-slips-past-modern-controls/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
