SecureBulletin
GhostLock: New Attack Technique Locks Enterprise Files Like Ransomware — Without Any Encryption
12/05/2026 07:30
GhostLock is a newly disclosed attack technique that uses standard Windows file-locking behavior to paralyze enterprise SMB file shares without encryp...
SecureBulletin
ShinyHunters Breaches Canvas LMS: Student Data from 9,000 Schools Exposed in Extortion Campaign
12/05/2026 07:29
ShinyHunters has breached Instructure's Canvas LMS by exploiting the Free-For-Teacher account program, exposing data from an estimated 285 million use...
SecureBulletin
Operation SilentCanvas: Hackers Hide PowerShell Malware in Fake JPEG to Deploy Trojanized ScreenConnect Backdoor
12/05/2026 07:14
Operation SilentCanvas is a new Windows attack campaign that hides a PowerShell script inside a fake JPEG file to deploy a trojanized ScreenConnect ba...
SecureBulletin
Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report
12/05/2026 07:14
Google's Threat Intelligence Group reveals that cybercriminals have used AI to develop a working zero-day exploit targeting a web administration platf...
SecureBulletin
Let’s Encrypt Halts All Certificate Issuance After Cross-Signed Root Certificate Incident
11/05/2026 12:10
Let's Encrypt temporarily suspended all certificate issuance on May 8, 2026, after engineers identified a critical issue with a cross-signed certifica...
SecureBulletin
Microsoft Patches Three Critical Information Disclosure Vulnerabilities in Microsoft 365 Copilot and Edge
11/05/2026 12:10
Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities — CVE-2026-26129, CVE-2026-26164, and CVE-2026-33...
SecureBulletin
TCLBANKER Banking Trojan Spreads Through Self-Replicating WhatsApp and Outlook Worm Modules
11/05/2026 12:09
A highly sophisticated Brazilian banking trojan called TCLBANKER (campaign REF3076) has been uncovered by Elastic Security Labs. The malware uses a le...
SecureBulletin
Three Critical cPanel and WHM Vulnerabilities Enable Code Execution, File Reads, and DoS Attacks
11/05/2026 12:09
cPanel has disclosed three critical security vulnerabilities — CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 — affecting its widely deployed ...
SecureBulletin
InstallFix: Hackers Use Fake Claude AI Installer Pages and Google Ads to Deploy RedLine Stealer Malware
10/05/2026 09:57
A malware campaign called InstallFix is using paid Google Ads to push fake Claude AI installation pages to the top of search results, tricking users i...
SecureBulletin
CallPhantom: 28 Fake Android Apps with 7.3 Million Downloads Sold Fabricated Call History Data on Google Play
10/05/2026 09:57
Security researchers at ESET uncovered the CallPhantom campaign — 28 fraudulent Android apps on Google Play that accumulated over 7.3 million downlo...