12.05.2026

The Hacker News 11.05.2026 17:54
A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments.
The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager (WHM) that could result in an authentication bypass and allow remote attackers to gain elevated control of the control

CSO Online 11.05.2026 13:00
The Google Threat Intelligence Group (GTIG) today released evidence of a zero-day exploit developed by a cybercriminal group with the help of AI. It marks the first time the security research group has identified what it believes to be an AI-crafted zero-day exploit in the wild.
While evidence of threat actors using AI models for vulnerability research and discovery has existed for some time, instances of AI-generated zero-day exploits have proved rare or difficult to confirm.

CSO Online 11.05.2026 12:14
A malicious Hugging Face repository posing as an OpenAI release delivered infostealer malware to Windows systems and logged 244,000 downloads before being removed, raising fresh concerns about how enterprises source and validate AI models from public repositories.
The repository, named Open-OSS/privacy-filter, impersonated OpenAI’s legitimate Privacy Filter release, copied its model card almost word-for-word, and included a malicious loader.py file that fetched and executed credential-stealing malware on Windows hosts, AI security firm HiddenLayer said in a research advisory.

Heise Security 11.05.2026 10:07
Neue Erkenntnisse im Fall des unbefugten Zugriffs auf Trellix-Quellcodes: Die kriminelle Bande RansomHouse bekennt sich zum Datenklau.

Heise Security 11.05.2026 07:40
Angreifer können IBM App Connect Enterprise und IBM Integration Bus for z/OS attackieren. Updates lösen das Sicherheitsproblem.

Heise Security 11.05.2026 07:15
Angreifer können cPanel und WebHost Manager unter anderem mit Schadcode attackieren. Sicherheitspatches sind verfügbar.