Security – Page 7 – TheCyberThrone

CISA adds cPanel and Linux Kernel to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog — a critical authentication bypass in cPanel & WHM…

PravinKarthik May 4, 2026

PyTorch Lightning Poisoned — Mini Shai-Hulud Worm Crosses Into the AI/ML Supply Chain

The lightning package on PyPI — the high-level PyTorch framework powering ML training pipelines across the globe — was compromised in an active supply chain attack on April 30, 2026.…

PravinKarthik May 1, 2026

Mini Shai-Hulud: SAP’s npm Pipeline Poisoned to Drain Enterprise Secrets

April 29, 2026 | TeamPCP Attribution | Active Exfiltration Confirmed What Hit Four packages from SAP's Cloud Application Programming Model (CAP) toolchain were poisoned: @cap-js/sqlite, @cap-js/postgres, @cap-js/db-service, and mbt —…

PravinKarthik April 30, 2026

CISA adds Two vulnerabilities to KEV catalog

CISA has added two vulnerabilities to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation — CVE-2024-1708, a ConnectWise ScreenConnect path traversal vulnerability, and CVE-2026-32202, a Microsoft Windows…

PravinKarthik April 29, 2026

FIRESTARTER: Cisco ASA Backdoor

The Advisory That Changes Everything On April 23, 2026, CISA and the United Kingdom National Cyber Security Centre jointly assessed that FIRESTARTER — a backdoor that allows remote access and…

PravinKarthik April 28, 2026

Itron Discloses Corporate Network Breach

What Happened According to an 8-K filing with the U.S. Securities and Exchange Commission, Itron, Inc. was notified on April 13, 2026, that an unauthorized third party had gained access…

PravinKarthik April 27, 2026

IRDAI 2026: India’s Insurance Sector Has Run Out of Excuses on Cybersecurity

India's insurance regulator has drawn a hard line. On April 6, 2026, the Insurance Regulatory and Development Authority of India (IRDAI) issued revised Information and Cybersecurity Guidelines that go beyond…

PravinKarthik April 26, 2026

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog with four new entries, citing confirmed evidence of active exploitation across remote support infrastructure,…

PravinKarthik April 26, 2026