Cyber News
Stay informed on the latest cybersecurity threats, incidents and regulatory updates across Sweden, the Nordics, and Europe.
Critical n8n Sandbox Escape Exposes 100,000 Automation Instances to Remote Takeover
May 20, 2026 IMF Warns AI Could Trigger Systemic Financial Crisis, Cites Anthropic Model
The International Monetary Fund has warned that AI-powered cyberattacks could trigger systemic disruption across global financial markets. In a blog published on 7 May, the…
G7 Nations Release AI SBOM Framework to Map Supply Chain Dependencies
CISA and its Group of Seven partners released guidance this week outlining minimum elements for artificial intelligence software bills of materials, a framework that could…
Fortinet and Ivanti Close Critical Security Holes: Two Still Await AI-Driven Discovery
May 14, 2026 Microsoft 365 Copilot Zero-Click Flaw Let Attackers Steal Data Via Email
Microsoft 365 Copilot contained a critical zero-click vulnerability that allowed attackers to exfiltrate sensitive company data simply by sending a malicious email. The flaw, discovered…
South Staffordshire Water Fined £964,000 After Hackers Lurked Undetected for Two Years
The Information Commissioner's Office fined South Staffordshire Water £963,900 on Monday after the Cl0p ransomware group remained inside its network for nearly two years, exposing…
DigiCert Breach Via Screensaver Enables Malware Signing, Microsoft Defender Chaos
May 11, 2026 Polish Water Systems Hit by 20 Attacks as Russia Escalates Infrastructure War
May 8, 2026 Daemon Tools Hackers Used Valid Certificates to Hide Backdoor for Month
Chinese-speaking attackers compromised Daemon Tools software installers and went undetected for nearly a month. The supply chain attack began on April 8, 2026, with trojanized…
Salt Typhoon Hits IBM Italy Subsidiary in Silent Two-Week Espionage Campaign
May 5, 2026 cPanel Zero-Day Exploited for Months Before Patch 44,000 Servers Hit
A critical authentication bypass vulnerability in cPanel has been under active exploitation since February, two months before the vendor issued a patch. CVE-2026-41940 carries a…
Region Sörmland IT Disruption Grounds Mammography Services for Hours
May 5, 2026 CISA Fast-Tracks Nine-Year-Old Linux Root Bug to Known Exploited List
CISA added CVE-2026-31431 to its Known Exploited Vulnerabilities catalogue on Friday, confirming that a nine-year-old Linux kernel flaw is being exploited in live attacks. The…
Bluekit Phishing Kit Turns Session Hijacking into a Point-and-Click Operation
May 4, 2026 Single Git Push Could Have Compromised Millions of GitHub Repositories
April 30, 2026 ShinyHunters Claims Udemy, Zara and 7-Eleven in Latest Extortion Wave
ShinyHunters claimed to have stolen 1.4 million records from online learning platform Udemy and has threatened to release the data alongside stolen information from Zara…
Trigona Ransomware Builds Custom Data Theft Tool to Evade Security
Trigona ransomware affiliates have abandoned off-the-shelf data exfiltration tools in favour of custom-built malware that steals files faster and evades security detection. The move marks…
CrowdStrike LogScale Critical Path Traversal Flaw Exposes Files to Unauthenticated Attackers
CrowdStrike has disclosed a critical vulnerability, tracked as CVE-2026-40050, affecting its LogScale self-hosted product. The flaw enables unauthenticated path traversal, which could allow a remote…
CrowdStrike Patches Critical LogScale Vulnerability Exposing Server Files Without Authentication
CrowdStrike disclosed a critical unauthenticated path-traversal vulnerability in its LogScale platform on 21 April 2026. CVE-2026-40050 carries a CVSS v3.1 score of 9.8 and was…