Help Net Security

Critical MOVEit Automation auth bypass vulnerability fixed (CVE-2026-4670)

Zeljka Zorz — Mon, 04 May 2026 14:58:24 +0000

Progress Software has fixed a critical authentication bypass (CVE-2026-4670) and a privilege escalation (CVE-2026-5174) vulnerability in MOVEit Automation, exploitation of which “may lead to unauthorized access, administrative control, and data exposure.” The vulnerabilities were reported privately by Airbus researchers and there’s no mention of them being leveraged by attackers in the wild. Still, performing an upgrade to a fixed version is “strongly” advised. CVE-2026-4670 and CVE-2026-5174 Progress Software’s MOVEit Transfer, an enterprise managed file transfer … More →

The post Critical MOVEit Automation auth bypass vulnerability fixed (CVE-2026-4670) appeared first on Help Net Security.

Penske Logistics launches platform for real-time supply chain visibility

Industry News — Mon, 04 May 2026 13:49:57 +0000

Penske Logistics has announced the launch of Supply Chain Insight, a secure technology platform and mobile application that provides customers with a real-time view of their supply chain operations across transportation and warehousing. Supply chain leaders are under increased pressure to drive greater operational efficiency in the face of rising fuel costs, evolving regulations and economic challenges. Organizations are looking for a competitive edge to navigate uncertain times and achieve measurable cost savings and efficiencies. … More →

The post Penske Logistics launches platform for real-time supply chain visibility appeared first on Help Net Security.

DigiCert breached via malicious screensaver file

Sinisa Markovic — Mon, 04 May 2026 13:46:15 +0000

A targeted social engineering attack against DigiCert’s support channel led to the compromise of internal systems and the unauthorized issuance of EV Code Signing certificates. DigiCert is a global Certificate Authority (CA) providing digital trust services, specializing in TLS/SSL certificates, PKI management, and IoT security. According to DigiCert’s incident report, a threat actor contacted the support team via a customer chat channel and delivered a malicious ZIP file disguised as a customer screenshot, which contained … More →

The post DigiCert breached via malicious screensaver file appeared first on Help Net Security.

Operant AI Endpoint Protector secures AI agents and MCP tools

Industry News — Mon, 04 May 2026 13:34:04 +0000

Operant AI has launched Operant Endpoint Protector, a new addition to its AI Defense Platform that enables enterprise IT and security teams to discover, detect, and defend against threats across every AI tool, coding agent, and Model Context Protocol (MCP)-connected workflow used by employees, directly at the endpoint where most consequential AI activity takes place. Securing the endpoint Across every enterprise, employees in HR, finance, legal, customer service, engineering, and operations are interacting with AI … More →

The post Operant AI Endpoint Protector secures AI agents and MCP tools appeared first on Help Net Security.

Owl IRD enables one-way forensic data transfer for incident response teams

Industry News — Mon, 04 May 2026 13:22:27 +0000

Owl Cyber Defense has announced the launch of its Incident Response Diode (IRD), a pocket-sized protocol filtering diode (PFD) designed for incident response and forensics teams. The Owl IRD was developed to help users securely move evidence from compromised endpoints into trusted analysis environments without adding risk. The Owl IRD will be made available to select customers for field testing. When an endpoint is compromised, responders must race against the clock to pull critical data … More →

The post Owl IRD enables one-way forensic data transfer for incident response teams appeared first on Help Net Security.

Multiple threat actors actively exploit cPanel vulnerability (CVE-2026-41940)

Zeljka Zorz — Mon, 04 May 2026 13:02:54 +0000

The situation around the critical cPanel authentication bypass vulnerability (CVE-2026-41940) has deteriorated significantly since our initial coverage. Exploratory probing has evolved into multi-actor exploitation, leading to disrupted websites, ransomware and malware deployment, and targeted attacks. “Sorry” ransomware Attackers have taken advantage of CVE-2026-41940 to mass-exploit vulnerable internet-facing cPanel instances to breach servers, deface websites and encrypt data. The ransomware used in some of the attacks is a Go(Lang)-based Linux encryptor that encrypts files and appends … More →

The post Multiple threat actors actively exploit cPanel vulnerability (CVE-2026-41940) appeared first on Help Net Security.

Blend Autopilot MCP brings AI agent orchestration to lending platforms

Industry News — Mon, 04 May 2026 12:50:25 +0000

Blend Labs has announced the launch of Autopilot MCP, a server built on the Model Context Protocol, an emerging open standard for AI agent connectivity, that gives authorized agents secure, programmatic access to the Blend platform. For lenders and partners, Autopilot MCP introduces a new category of capability: the ability to build and deploy AI agents tailored to their workflows, guidelines, and borrower experiences without rebuilding underlying infrastructure. Solving the orchestration problem in lending Before … More →

The post Blend Autopilot MCP brings AI agent orchestration to lending platforms appeared first on Help Net Security.

Two cybersecurity pros get prison time for helping ransomware gang

Anamarija Pogorelec — Mon, 04 May 2026 11:08:44 +0000

Two American cybersecurity professionals were sentenced to four years in prison for facilitating BlackCat ransomware attacks in 2023. They pleaded guilty in December 2025 to one count of conspiracy to obstruct, delay, or affect commerce, or the movement of any article or commodity in commerce, by extortion. According to court documents, Ryan Goldberg, Kevin Martin, and their co-conspirator Angelo Martino deployed ALPHV/BlackCat ransomware between April and December 2023 against multiple victims across the United States. … More →

The post Two cybersecurity pros get prison time for helping ransomware gang appeared first on Help Net Security.

Claude Security enters public beta with Opus 4.7 vulnerability scanning and patching

Anamarija Pogorelec — Mon, 04 May 2026 09:30:49 +0000

Claude Security, previously called Claude Code Security, is in public beta for Claude Enterprise customers. Available in Claude.ai, the capability scans codebases for security vulnerabilities and suggests targeted patches for review, helping teams identify and fix issues that might otherwise be missed. Admins can enable it in the admin console. Access for Claude Team and Max customers is expected to follow. Organizations can use the Claude Opus 4.7 model across their codebases to detect vulnerabilities … More →

The post Claude Security enters public beta with Opus 4.7 vulnerability scanning and patching appeared first on Help Net Security.

15-year-old detained over massive data breach at French government agency

Sinisa Markovic — Mon, 04 May 2026 08:31:20 +0000

French authorities have detained a 15-year-old suspected of involvement in a data breach at France Titres, the government agency responsible for issuing official documents. “Between 12 and 18 million data records were reportedly being offered for sale on cybercriminal forums by a hacker known as “breach3d,“ the Paris Prosecutor’s Office said in a press release. ANTS detected suspicious activity on its network on April 13 and confirmed the authenticity of the data being sold. The … More →

The post 15-year-old detained over massive data breach at French government agency appeared first on Help Net Security.