Latest Internet & Cybersecurity News

馃搮May 6, 2026 at 1:00 PM
Critical Palo Alto firewall vulnerability actively exploited in the wild; multiple security breaches and threats across government, supply chains, and enterprises reported today.
1

Critical Palo Alto Firewalls Vulnerability CVE-2026-0300 Actively Exploited

Palo Alto Networks disclosed a critical buffer overflow vulnerability (CVE-2026-0300) with a CVSS score of 9.3 in PAN-OS software affecting PA-Series and VM-Series firewalls Source 1. The flaw allows unauthenticated attackers to execute arbitrary code with root privileges with no credentials required, and is already being exploited in the wild targeting internet-exposed Authentication Portals Source 1. Patches are rolling out between May 13-28, 2026, and administrators should immediately restrict Authentication Portal access or disable it entirely Source 1.

2

DAEMON Tools Trojanized in Supply-Chain Attack to Deploy Backdoor

Hackers trojanized installers for DAEMON Tools software and have been delivering a backdoor to thousands of systems since April 8 through downloads from the official website Source 2. This supply-chain attack represents a significant threat to organizations and individuals using the popular software utility. The exact scope of affected users is still being assessed Source 2.

3

FTC Bans Data Broker Kochava From Selling Location Data

The Federal Trade Commission will ban data broker Kochava and its subsidiary Collective Data Solutions (CDS) from selling location data without explicit consumer consent Source 2. This settlement addresses charges that the company sold precise geolocation data collected from hundreds of millions of mobile devices. The action represents a major privacy protection victory for consumers Source 2.

4

Google Increases Android Exploit Bounties Up to $1.5 Million

Google has overhauled its Android and Chrome vulnerability rewards programs, offering bounties up to $1.5 million for the most difficult exploits Source 2. The tech giant is scaling back payouts for flaws that artificial intelligence has made easier to discover. This strategic shift incentivizes researchers to focus on more sophisticated vulnerabilities Source 2.

5

CloudZ Malware Abuses Microsoft Phone Link to Steal SMS and OTPs

A new version of CloudZ remote access tool (RAT) deploys a malicious plugin called Pheno that hijacks Microsoft Phone Link connections to steal sensitive SMS messages and one-time passwords Source 2. This attack vector represents a novel threat to mobile security by leveraging legitimate Microsoft functionality. The compromise of OTPs enables attackers to bypass multi-factor authentication defenses Source 2.

6

Fujairah Port Suffers Massive Cybersecurity Data Breach

A significant data breach has been reported involving the Fujairah Port in the UAE, with reports suggesting Iranian-linked hackers may have stolen sensitive information Source 3. The incident follows recent missile attacks on regional infrastructure and represents escalating cyber threats to critical port infrastructure. Security implications for international shipping and trade are still being assessed Source 3.

7

Microsoft Flags Large-Scale Phishing Campaign Using Fake Compliance Emails

Microsoft researchers have identified a massive phishing campaign using fraudulent compliance emails that targeted 35,000 users across 13,000 organizations worldwide Source 6. The attack aimed to steal credentials by impersonating legitimate compliance communications. This widespread campaign demonstrates the continued sophistication of email-based social engineering attacks Source 6.

8

North Korean APT Targets Yanbian Gamers with Trojanized Platform

A North Korean advanced persistent threat group has been targeting gamers in the Yanbian region through a trojanized gaming platform Source 6. The attack represents the regime's ongoing efforts to compromise targets through popular consumer applications. This campaign highlights the intersection of gaming platforms and state-sponsored cyber operations Source 6.

9

Venomous#Helper Attackers Impersonate SSA to Deploy Signed RMM Software

Threat actors under the name Venomous#Helper are impersonating the US Social Security Administration to distribute signed remote monitoring and management (RMM) software Source 6. This sophisticated social engineering attack targets U.S. networks and maintains persistent access through legitimate-appearing software. The use of spoofed government credentials increases the effectiveness of the compromise Source 6.

10

Small US Defense Contractors Lack Network Data to Stop Nation-State Hackers

According to cybersecurity analyst Stephen Campbell from Team Cymru, small U.S. defense contractors are inadequately prepared to defend against cyber intrusions through edge devices Source 6. These companies lack sufficient network visibility and data collection capabilities to detect sophisticated nation-state attacks. The vulnerability of the defense supply chain to well-resourced adversaries represents a critical national security concern Source 6.

11

Utah Age Verification Law for VPN Users Takes Effect Today

Utah's first-of-its-kind age verification law targeting VPN use went into effect on May 6, 2026, creating new compliance challenges for websites Source 5. The law requires websites to verify the true location of VPN users, but enforcement mechanisms remain unclear. Businesses may face difficult choices between banning known VPN IPs globally or implementing comprehensive age verification for all visitors Source 5.

Back to News