12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of May 8, 2026.
-
Canvas login portals hacked in mass ShinyHunters extortion campaign
— Bleeping Computer
The ShinyHunters extortion gang has breached education technology giant Instructure again, this time exploiting another vulnerability to def… -
New TCLBanker malware self-spreads over WhatsApp and Outlook
— Bleeping Computer
A new trojan named TCLBanker, which targets 59 banking, fintech, and cryptocurrency platforms, uses a trojanized MSI installer for Logitech … -
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
— Dark Reading
PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud environments. -
Has CISA Finally Found Its New Leader in Tom Parker?
— Dark Reading
Dark Reading investigates rumors that Tom Parker, a board room "operator" and longtime cyber exec, could be next in line to take over CISA. -
New PCPJack worm steals credentials, cleans TeamPCP infections
— Bleeping Computer
A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing TeamPCP's access to… -
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
— The Hacker News
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The hi… -
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
— The Hacker News
Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructur… -
One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth Breaches
— The Hacker News
The hardest part of cybersecurity isn't the technology, it’s the people. Every major breach you’ve read about lately usually starts the … -
'TrustFall' Convention Exposes Claude Code Execution Risk
— Dark Reading
Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no user interactio… -
ISC Stormcast For Thursday, May 7th, 2026 https://isc.sans.edu/podcastdetail/9922, (Thu, May 7th)
— SANS ISC
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. -
An Adaptive Cyber Analytics UI for Web Honeypot Logs [Guest Diary], (Wed, May 6th)
— SANS ISC
[This is a Guest Diary by Eric Roldan, an ISC intern as part of the SANS.edu BACS program] -
Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
— Unit 42
Unit 42 details CVE-2026-0300, a buffer overflow vulnerability in the PAN-OS User-ID Authentication Portal. Read now for details. The post T…
🪲 NVD — Last 20 Scored Vulnerabilities
Latest scored CVEs from the National Vulnerability Database (5908 in last 30 days).
Critical: 5 · High: 6 · Medium: 9 · Low: 0. View full dashboard →
-
CVE-2026-8117
— CVSS 4.3 (MEDIUM)
A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects some unknown processing of the file /admin/index.php. Such manipulation of the argument page leads to cross si⦠-
CVE-2026-8116
— CVSS 6.3 (MEDIUM)
A weakness has been identified in huangjunsen0406 xiaozhi-mcphub up to 1.0.3. This vulnerability affects unknown code of the file src/controllers/dxtController.ts. This manipulation of the argument manifest.name causes p⦠-
CVE-2026-8115
— CVSS 5.3 (MEDIUM)
A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.⦠-
CVE-2026-6411
— CVSS 7.3 (HIGH)
This vulnerability, in the MAXHUB Pivot client application versions
prior to v1.36.2, may allow an attacker to obtain encrypted tenant email
addresses and related metadata from any tenant. Due to the presence of a
har⦠-
CVE-2026-42880
— CVSS 9.6 (CRITICAL)
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff ⦠-
CVE-2026-8114
— CVSS 6.3 (MEDIUM)
A vulnerability was identified in JeecgBoot up to 3.9.1. Affected by this issue is some unknown functionality of the file /sys/dict/loadTreeData of the component JSON Object Handler. The manipulation of the argument cond⦠-
CVE-2026-8113
— CVSS 4.3 (MEDIUM)
A vulnerability was determined in 8421bit MiniClaw up to 43905b934cf76489ab28e4d17da28ee97970f91f. Affected by this vulnerability is the function isPathInside of the file src/kernel.ts of the component executeSkillScript⦠-
CVE-2026-8112
— CVSS 6.3 (MEDIUM)
A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os command inje⦠-
CVE-2026-42826
— CVSS 10.0 (CRITICAL)
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network. -
CVE-2026-41929
— CVSS 6.1 (MEDIUM)
Vvveb before 1.0.8.2 contains an unauthenticated reflected cross-site scripting vulnerability in the visual editor preview renderer that allows attackers to execute arbitrary JavaScript by manipulating the r query parame⦠-
CVE-2026-41928
— CVSS 5.3 (MEDIUM)
Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access the cron controller w⦠-
CVE-2026-41105
— CVSS 8.1 (HIGH)
Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network. -
CVE-2026-40214
— CVSS 6.3 (MEDIUM)
In OpenStack Cyborg before 16.0.1, the Accelerator Request (ARQ) API does not enforce project ownership at any layer. The project_id column in the database is never populated (NULL for every ARQ), database queries have n⦠-
CVE-2026-40213
— CVSS 7.4 (HIGH)
OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project me⦠-
CVE-2026-35435
— CVSS 8.6 (HIGH)
Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network. -
CVE-2026-35428
— CVSS 9.6 (CRITICAL)
Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network. -
CVE-2026-34327
— CVSS 8.2 (HIGH)
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network. -
CVE-2026-33844
— CVSS 9.0 (CRITICAL)
Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network. -
CVE-2026-33823
— CVSS 9.6 (CRITICAL)
Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network. -
CVE-2026-33111
— CVSS 7.5 (HIGH)
Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.
Source: NVD CVE API 2.0
Generated by CryptXNet.ai Threat Intelligence Platform · May 8, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com
Leave a Comment