Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver. Zimbra is a popular email and collaboration software suite used by hundreds of millions of people worldwide, including hundreds of government agencies and thousands of businesses. The vulnerability (tracked as CVE-2025-48700) affects ZCS 8.8.15, 9.0, 10.0, and 10.1 and can allow unauthenticated attackers to access sensitive information after executing arbitrary JavaScript within the user’s session. Synacor released security patches to address the flaw in June 2025, when it warned that CVE-2025-48700 exploits require no user…
Author: admin
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelinesBoost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an attacker would do in their specific environment. NGate NFC malware targets Android users through trojanized payment appNFC-based payment fraud is expanding geographically and operationally. A campaign active since November 2025 is targeting Android users in Brazil using a new variant of the NGate malware family, this time embedded in a trojanized version…
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions. The flaw is identified as CVE-2026-41651 and received a high-severity rating of 8.8 out of 10. It has persisted for almost 12 years in the PackageKit daemon, a background service that manages software installation, updates, and removal across Linux systems. Earlier this week, some information about the vulnerability has been published, along with PackageKit version 1.3.5 that addresses the issue. However, technical details and a demo exploit have been not been disclosed to allow the patches to propagate. An investigation…
Israel-based Copperhelm on Thursday emerged from stealth mode, having raised $7 million in seed funding for its agentic cloud security platform. The funding round was led by TLV Partners, with participation from ToDay Ventures, Icon, SaaS Ventures Israel, and several angel investors. The investment will be used for product development, go-to-market efforts, and engineering team growth. Copperhelm was founded by Shimon Tolts, Eyar Zilberman, and Roman Labunsky, who previously held leadership and senior technical roles at Unity, McAfee, and RSA. Copperhelm has built an agentic platform where AI agents autonomously monitor cloud environments, investigate threats, and execute remediation in real…
Brand-cited AI Overview CTR fell 61% from Q3 to Q4, according to a new report from Seer Interactive, but the clicks on those pages barely moved. The drop looks alarming on a dashboard, though it isn’t quite what it seems. Seer’s analysis of 5.47 million queries across 53 brands clearly shows what’s happening What Happened In Q4 In September, brand-cited pages in AI Overviews received 15.8 million impressions and 398,798 clicks, with a CTR of 2.52%. In October, impressions doubled to 33.1 million, and clicks increased slightly to 400,271, but CTR dropped to 1.21% as rapid impression growth outpaced clicks.…
In this Help Net Security interview, Kaja Ciglic, Senior Director, Cybersecurity Policy and Diplomacy at Microsoft, discusses how nation-state cyber programs have changed over three years. Cyber has become a core instrument of state power, integrated with military, economic, and diplomatic tools. Ciglic argues that responses like sanctions and indictments need broader strategies, including conditional economic pressure and state accountability for ransomware havens. She addresses NATO’s Article 5 ambiguity around cyber attacks and calls for standing coordination between governments and private sector partners before crises occur. Which nation‑state cyber program has evolved most surprisingly over the past three years, and…
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April. The feature is expected to reach general availability by mid-June 2026 and will also extend passwordless sign-in to unmanaged Windows devices. Microsoft says that Entra passkeys on Windows will support corporate, personal, and shared devices, with admin controls via Conditional Access and Authentication Methods policies. “Users can create device‑bound passkeys stored in the Windows Hello container and authenticate using Windows Hello methods (face, fingerprint, or PIN),” Microsoft said in a message center update. “This expands passwordless authentication support to Windows…
The Bitwarden command-line interface (CLI) NPM package was compromised in a supply chain attack that appears tied to previous campaigns against the open source software (OSS) ecosystem. One of the most popular open source password management platforms, with over 250,000 monthly downloads, Bitwarden allows enterprises to secure authentication with zero-knowledge encryption, password sharing, and policy and credential management. On Thursday, multiple security firms warned that version 2026.4.0 of the Bitwarden CLI’s NPM package contained malicious code to fetch a JavaScript payload designed to steal credentials and secrets from victim machines. The malicious package contained an altered execution path to run…
The Hacker NewsApr 23, 2026Artificial Intelligence / Enterprise Security Imagine a world where hackers don’t sleep, don’t take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerability before it gets attacked is shrinking to zero. We call this the Collapsing Exploit Window, and it means your standard patching routine is officially too slow. If you are fighting AI-speed attacks with manual-speed defenses, your systems are at a breaking point. It’s time to…
Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, codenamed Resolute Raccoon, pulls most of those threads together into a single release that will receive standard security support until April 2031. Rust moves into the system layer One of the more consequential changes in this release is the expansion of memory-safe components at the OS level. Ubuntu 26.04 LTS ships with new kernel drivers and subsystems written in Rust, alongside sudo-rs and uutils coreutils, which are Rust reimplementations of foundational tools including sudo, ls, cp, and…