ZCyberNews — Cybersecurity & Tech Intelligence
ModeloRAT Campaign Abuses Microsoft Teams for Enterprise Intrusion
Rapid7 dissects an April 2026 intrusion where a fake IT Support Teams message delivered ModeloRAT via Dropbox, leading to privilege escalation, credential theft, and lateral...
See more updates →4 min read
British High School Sends Students Home After Cyberattack
Great Marlow School in Buckinghamshire sent 1,428 pupils home for a second day after a cybersecurity incident; only GCSE and A-Level exam takers attended.
CVE-2026-42271
CVE-2026-42271: LiteLLM Flaw Exploited in the Wild, CISA Adds to KEV
CVSS 8.7 · technology, enterprise software
CISA added CVE-2026-42271 (CVSS 8.7) to its Known Exploited Vulnerabilities catalog after evidence of active exploitation against BerriAI LiteLLM deployments.
Read →More from today
See all →- 2dIndustry NewsCyberattack shuts down major Australian sugar mills, disrupting
- 2dMalwareTrust No Skill: BIV Audit Finds 80% of AI Agent Skills Misbehave
- 3dIndustry NewsUK Weakens Telecom Security Rules After Industry Lobbying on Salt
- 1wVulnerabilitiesCVE-2026-41089: Windows Netlogon RCE Exploited in Wild
- 3wVulnerabilitiesCVE-2026-9082: Drupal Core SQL Injection Bug Added to CISA KEV
Threat Intel
ModeloRAT Campaign Abuses Microsoft Teams for Enterprise Intrusion
Rapid7 dissects an April 2026 intrusion where a fake IT Support Teams message delivered ModeloRAT via Dropbox, leading to privilege escalation, credential theft, and lateral...
The Gentlemen RaaS Internal Leak Exposes Admin, Affiliates, Tactics
A leaked backend database from The Gentlemen RaaS operation reveals 9 accounts, admin TOX ID, initial access via Fortinet/Cisco edge flaws, and a 190,000 USD ransom payout.
TeamPCP Hijacks TanStack CI/CD, Poisons 170+ NPM/PyPI Packages
TeamPCP chained three GitHub Actions flaws to hijack TanStack's CI/CD, publishing 84 malicious artifacts across 42 packages.
Vulnerabilities
8.7
high
CVE-2026-42271: LiteLLM Flaw Exploited in the Wild, CISA Adds to KEV
CVE-2026-42271
9.8
critical
CVE-2026-41089: Windows Netlogon RCE Exploited in Wild
CVE-2026-41089
6.5
medium
CVE-2026-9082: Drupal Core SQL Injection Bug Added to CISA KEV
CVE-2026-9082
Malware
Ai Agents
MALWARE
Trust No Skill: BIV Audit Finds 80% of AI Agent Skills Misbehave
Jun 11 · HIGH
Secret Blizzard
BOTNET
Secret Blizzard Upgrades Kazuar Backdoor Into P2P Botnet
May 16 · HIGH
Gremlin Stealer
STEALER
Gremlin Stealer Evolves: Crypto Clipping, Session Hijacking, Packed
May 15 · HIGH
Industry News
British High School
SCHOOL CYBERATTACK
British High School Sends Students Home After Cyberattack
Jun 12 · INFO
Cyberattack
MACKAY SUGAR
Cyberattack shuts down major Australian sugar mills, disrupting
Jun 11 · INFO
UK Weakens Telecom
SALT TYPHOON
UK Weakens Telecom Security Rules After Industry Lobbying on Salt
Jun 10 · INFO
Tools & Techniques
Metasploit Adds Vim Plugin Persistence, Exploits for Three CVEs
Rapid7's Metasploit Framework adds Vim plugin persistence, exploits for CVE-2025-6793 (Marvell QConvergeConsole), CVE-2024-48760 (GestioIP), and CVE-2023-30253 (Dolibarr).
Signal Adds In-App Warnings to Block Russian-Linked Phishing Attacks
Signal introduced new in-app confirmations and warnings to counter phishing attacks linked to Russian state hackers who abused the Linked Device feature to hijack high-profile...
Anthropic Launches Claude Security for AI-Driven Exploit Defense
Anthropic released Claude Security, a defensive AI suite to counter autonomous exploit tools like Mythos that weaponize zero-days in minutes. Targets enterprise SOCs.
AI Security
Anthropic
AI SECURITY
Mythos AI Excels at Code Audits but Struggles With Exploit Validation
May 14 · INFORMATIONAL
Anthropic
AI SECURITY
Mythos AI Finds Bugs Faster Than Teams Can Patch
Apr 27 · HIGH
Agentic AI
ATTACK VECTOR
Agentic AI Systems Introduce Novel Enterprise Security Risks
Apr 22 · HIGH
Stay Updated
Get the latest cybersecurity news delivered to your inbox.