The Hacker News

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

CISA added two actively exploited CVEs to KEV after confirmed attacks, mandating FCEB patching by May 12, 2026.

CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog

The Cybersecurity and Infrastructure Security Agency added two major software flaws to its Known Exploited Vulnerabilities ...
CSO Online

Top techniques attackers use to infiltrate your systems today

Popular tool abuse, ClickFix, and identity-based attacks are among the most prevalent techniques bad actors are deploying ...

Guardz Report: 9 Out Of 10 SMBs Have Compromised Users as AI-Driven Attacks Reshape the MSP Threat Landscape

Guardz, the cybersecurity company empowering Managed Service Providers (MSPs) to protect small and medium-sized businesses (SMBs), today released its 2026 State of MSP Threat Report, revealing how AI ...
SecurityWeek

Hackers Abuse QEMU for Defense Evasion

Threat actors are abusing the QEMU machine emulator to hide their malicious activity within virtualized environments.

Payouts King ransomware uses QEMU VMs to bypass endpoint security

The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on ...

CISA Warning: Attacks on ConnectWise ScreenConnect and Windows Shell

The US cybersecurity agency CISA warns of observed attacks on the Windows Shell and ConnectWise ScreenConnect.

Microsoft flags China-based hackers using vicious new 'rapid attack' zero-days

Microsoft warns the window to patch known flaws is shrinking, while the window to abuse zero-days grows.
Arabian Post

Fake TestDisk lure opens remote access

The fake site reportedly offers free downloads for TestDisk 7.2 and 7.3, echoing the real project’s language about open-source partition and data recovery. Yet the authentic TestDisk site states ...