Cyber Security News

A threat actor infiltrated Grafana Labs’ GitHub environment, stealing a privileged token to download the company’s private codebase, and then attempted to extort the open-source observability giant with an unanswered ransom demand. Grafana Labs disclosed on May 16, 2026, that an unauthorized party obtained a token granting access to its GitHub environment, enabling the threat The post Grafana Labs Security Breach – Hackers Access GitHub and Download Codebase appeared first on Cyber Security News.

Apple’s M5 silicon has reportedly been exploited for the first time in a public macOS kernel memory corruption attack, successfully bypassing the company’s notable hardware-level memory protection. Researchers from Calif, Bruce Dang, Dion Blazakis, and Josh Maine, developed a working kernel local privilege escalation (LPE) exploit targeting macOS 26.4.1 (25E253) on bare-metal M5 hardware. The The post First Public macOS Kernel Exploit on Apple M5 Prepared Using Mythos Preview in Five Days appeared first on Cyber Security News.

Pwn2Own Berlin 2026 is rapidly escalating into one of the most intense offensive security contests in recent years, with Day Two delivering a fresh wave of critical zero-day exploits targeting enterprise software, AI tools, and operating systems. Security researchers demonstrated real-world attack scenarios against high-value targets, including Microsoft Exchange, Windows 11, and AI coding platforms, The post Microsoft Exchange, Windows 11, and Cursor Zero-Days Exploited on Pwn2Own Day 2 appeared first on Cyber Security News.

A widely used download manager trusted by millions has briefly turned into a malware delivery platform after attackers compromised the official JDownloader website, replacing legitimate installers with malicious versions targeting both Windows and Linux users. The incident, confirmed by developers and security researchers, occurred between May 6 and May 7, 2026. During this window, threat The post JDownloader Website Compromised to Distribute Malicious Windows and Linux Installers appeared first on Cyber Security News.

Two critical memory-safety vulnerabilities in PHP’s image-processing functions could allow attackers to leak sensitive heap memory or to execute denial-of-service attacks via specially crafted JPEG files. The flaws, discovered in PHP’s ext/standard extension by Positive Technologies researcher Nikita Sveshnikov, affect the widely-used getimagesize and iptcembed functions that process JPEG metadata and IPTC data. PHP Memory The post Malicious JPEG Images Could Trigger PHP Memory Safety Vulnerabilities appeared first on Cyber Security News.

A newly disclosed Linux kernel vulnerability is raising serious concerns across the security community, as it allows attackers to access highly sensitive data, including SSH private keys and password hashes, on affected systems. Tracked as CVE-2026-46333, the flaw has been nicknamed “ssh-keysign-pwn” and impacts a wide range of Linux distributions. Linux system hit with multiple vulnerabilities in 2026, The post Critical Linux Kernel Flaw ‘ssh-keysign-pwn’ Exposes SSH Keys and Shadow Passwords appeared first on Cyber Security News.

A newly disclosed zero-click exploit chain targeting Google Pixel 10 devices has raised fresh concerns about Android’s low-level security. Google Project Zero researchers demonstrated how attackers could silently compromise a device and escalate privileges to root without any user interaction by chaining just two vulnerabilities. The attack builds on earlier research targeting Pixel 9 devices, The post Google Project Zero Discloses Zero-Click Exploit Chain for Pixel 10 Devices appeared first on Cyber Security News.

A newly disclosed flaw in Android 16 is raising serious privacy concerns after researchers revealed that malicious apps can bypass VPN protections and expose a user’s real IP address even when strict security settings are enabled. The vulnerability, dubbed the “Tiny UDP Cannon,” allows any regular Android app with basic permissions to leak network traffic The post Android 16 VPN Bypass Lets Malicious Apps Reveal Users Real IP Address appeared first on Cyber Security News.

Gunra ransomware has quickly grown from a new threat into a serious global problem, hitting dozens of organizations in less than a year. The group behind it is not just encrypting data, but also running a business-like operation that sells access, leaks stolen files, and recruits partners to spread its malware. For defenders, this is The post Gunra Ransomware Expands RaaS Operations After Shifting From Conti-Based Locker appeared first on Cyber Security News.

A chain of four critical vulnerabilities discovered in OpenClaw, one of the fastest-growing open-source platforms for autonomous AI agents, has left an estimated 245,000 publicly accessible server instances exposed to remote exploitation, credential theft, and persistent backdoor installation. Originally launched as “Clawdbot” in late 2025, OpenClaw connects large language models directly to filesystems, SaaS applications, The post OpenClaw Chain Vulnerabilities Expose 245,000 Public AI Agent Servers to Attack appeared first on Cyber Security News.