Latest news as of 5/14/2026, 6:03:26 PM
Bleeping Computer
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. [...]
The Register
Cuts appear to hit sales, product, and marketing, accounting for under 10% of staff
Bleeping Computer
Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems for recovery. [...]
The Register
13% say they’ve sold logins or know someone who has, survey suggests
Bleeping Computer
Disc Soft Limited, the maker of DAEMON Tools Lite, confirmed that the software had been trojanized in a supply chain attack and released a new, malware-free version. [...]
The Register
MOIS-linked cyber outfit puts on a ransomware show to disguise the wide-open backdoor behind the scenes
Dark Reading
In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plugin, Pheno, to hijack the Windows-based bridge between PCs and smartphones.
The Hacker News
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a "false flag" operation. The attack, observed by Rapid7 in early 2026, has been found to leverage social engineering techniques via Microsoft Teams to initiate the infection sequence. Although the incident
Bleeping Computer
Backups don't fail because they're missing, they fail because attackers destroy them first. Acronis explains how ransomware targets backup systems before encryption, leaving no path to recovery. [...]
The Register
Activists say ministers are targeting access rather than Big Tech's data-hungry business models