Trellix Source Code Breach: Unauthorized Access Confirmed — The Hacker News

Trellix has confirmed a significant security breach involving unauthorized access to its source code repository. This breach could potentially expose sensitive information and tools used by the cybersecurity firm. Security teams should be vigilant for any unusual activity or tools that could emerge from this breach, as attackers may leverage the exposed code to develop new exploits or attacks.

Critical cPanel Flaw CVE-2026-41940 Mass-Exploited in Ransomware Attacks — BleepingComputer

A critical vulnerability in cPanel, tracked as CVE-2026-41940, is being actively exploited in the wild, leading to widespread 'Sorry' ransomware attacks. This flaw allows attackers to breach websites, potentially compromising sensitive data and systems. Security teams should prioritize patching affected cPanel installations and monitor for indicators of compromise (IOCs) related to this vulnerability to prevent ransomware deployment.

• CISA、KEVカタログにScreenConnectとWindowsの脆弱性2件を追加 悪用を確認済：セキュリティニュースアラート - ITmedia [Google News Security (JP)]
• ConsentFix v3 attacks target Azure with automated OAuth abuse [BleepingComputer]
• ADT Confirms Data Breach Potentially Exposing Customer Information Nationwide - strategicrevenue.com [Google News Security]
• 微软与CISA警告影响几乎所有主流Linux系统的严重漏洞- Linux - cnBeta.COM [Google News Security (CN)]
• Vimeo confirms data breach affecting users - Escudo Digital [Google News Security]