Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Add as a preferred source on Google
Posts
Palo Alto PAN-OS Zero-Day Under Active Attack — No Patch Available Yet

Palo Alto PAN-OS Zero-Day Under Active Attack — No Patch Available Yet

Attackers are already exploiting a critical zero-day vulnerability in Palo Alto Networks' PAN-OS, the operating system powering the company's…
Apache HTTP Server's HTTP/2 Module Has a Memory Bug That Can Crash or Compromise Your Server

Apache HTTP Server's HTTP/2 Module Has a Memory Bug That Can Crash or Compromise Your Server

A memory management flaw buried inside Apache HTTP Server's HTTP/2 module is giving attackers two options: crash your web server with a two-frame…
Google Chrome Is Silently Pushing a 4 GB AI Model to Your Device — And Reinstalls It If You Delete It

Google Chrome Is Silently Pushing a 4 GB AI Model to Your Device — And Reinstalls It If You Delete It

Hundreds of millions of Chrome users have a 4 GB AI model sitting on their hard drives right now — and most of them never agreed to it. Security and …
WhatsApp Quietly Fixed Two Flaws That Could Make Malware Look Like a PDF

WhatsApp Quietly Fixed Two Flaws That Could Make Malware Look Like a PDF

If you use WhatsApp on Windows, here is something worth knowing: until recently, an attacker could send you what looked like a harmless document — a …
Top 11 AI-Powered GRC Platforms to Watch Out For in 2026

Top 11 AI-Powered GRC Platforms to Watch Out For in 2026

Organizations face mounting pressure to demonstrate compliance across multiple frameworks while quantifying cyber risk in terms that boards understan…
A 21-Year-Old PHP Vulnerability That Opens the Door to Remote Code Execution

A 21-Year-Old PHP Vulnerability That Opens the Door to Remote Code Execution

A security vulnerability that has been hiding inside PHP since 2005 — quietly surviving two decades of audits, engine rewrites, and dozens of related…
Anthropic's Claude Security Is Now Open to All Enterprise Users — AI Catches Bugs

Anthropic's Claude Security Is Now Open to All Enterprise Users — AI Catches Bugs

Anthropic has opened Claude Security to all Claude Enterprise customers in public beta, marking a significant shift in how organisations can defend t…
Lightning PyPI Package Compromised in Supply Chain Attack

Lightning PyPI Package Compromised in Supply Chain Attack

If you're building, training, or shipping AI models with PyTorch Lightning, check your installed version immediately — two freshly published rele…
Copy Fail - A 732-Byte Python Script Can Get Root on Every Major Linux Distro

Copy Fail - A 732-Byte Python Script Can Get Root on Every Major Linux Distro

A newly disclosed vulnerability in the Linux kernel gives any unprivileged local user a reliable, one-shot path to root — and it has been sitting und…
CVE-2026-41940: cPanel Authentication Bypass Was Already Being Exploited Before the Patch Even Dropped

CVE-2026-41940: cPanel Authentication Bypass Was Already Being Exploited Before the Patch Even Dropped

On April 28, 2026, cPanel pushed an emergency security update for what it described as a vulnerability affecting "various authentication paths&…
SAP CAP npm Packages Backdoored in "Mini Shai-Hulud" Attack — Rotate Your Tokens Now

SAP CAP npm Packages Backdoored in "Mini Shai-Hulud" Attack — Rotate Your Tokens Now

Four npm packages at the heart of SAP's enterprise development ecosystem were quietly backdoored on Tuesday, April 29, 2026 — weaponizing the rou…
A Single Git Push Was All It Took to Compromise GitHub — Millions of Repos Were Exposed

A Single Git Push Was All It Took to Compromise GitHub — Millions of Repos Were Exposed

A critical vulnerability in GitHub's internal infrastructure allowed any authenticated user to execute arbitrary commands on GitHub's backend…
Google Wallet Now Stores Your Aadhaar ID in India — and Expands Digital IDs to Three More Countries

Google Wallet Now Stores Your Aadhaar ID in India — and Expands Digital IDs to Three More Countries

Google just made carrying a physical ID one step closer to optional. Starting today, Indian users can save their Aadhaar Verifiable Credential direct…
Hackers Targeted LiteLLM's AI Gateway Just 36 Hours After Critical SQL Injection Flaw Went Public

Hackers Targeted LiteLLM's AI Gateway Just 36 Hours After Critical SQL Injection Flaw Went Public

A critical, unauthenticated SQL injection vulnerability in LiteLLM — the open-source gateway that tens of thousands of organisations use to manage AP…
LAPSUS$ Dumps Checkmarx Data on Dark Web — Source Code, API Keys, and Credentials Exposed

LAPSUS$ Dumps Checkmarx Data on Dark Web — Source Code, API Keys, and Credentials Exposed

The Checkmarx supply chain nightmare just got worse. The LAPSUS$ cybercrime group has publicly dumped data stolen from the Israeli application securi…
AI Agent Wiped a Startup's Entire Database in 9 Seconds — Then Confessed Every Rule It Broke

AI Agent Wiped a Startup's Entire Database in 9 Seconds — Then Confessed Every Rule It Broke

When Jer Crane sat down to run a routine infrastructure task on a Friday afternoon, he had no idea he was about to spend the entire weekend manually …
Why Some MacBook Features Break after macOS Updates

Why Some MacBook Features Break after macOS Updates

No Mac user can deny that macOS updates are necessary. They improve the system’s entire performance and keep it stable over time. Apple’s updates usu…
The Rise of Autonomous Cyber Attacks: Risks, Examples & Defense

The Rise of Autonomous Cyber Attacks: Risks, Examples & Defense

Last month, a mid-size financial services company ran a routine penetration test. The testers used an AI-assisted reconnaissance tool to map the netw…