| 1 | New CIFSwitch Linux flaw gives root on multiple distributions | May 30, 3:10 pm |
|---|
| 2 | PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation | May 30, 8:10 am |
|---|
| 3 | New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks | May 30, 7:10 am |
|---|
| 4 | ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface | May 29, 7:10 pm |
|---|
| 5 | ChatGPT share links abused to host fake outage pages to deliver malware | May 29, 7:10 pm |
|---|
| 6 | California AG sues 23andMe over 2023 breach exposing health data | May 29, 6:10 pm |
|---|
| 7 | Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit | May 29, 4:10 pm |
|---|
| 8 | Dutch govt disrupts malware botnet with 17 million infected devices | May 29, 3:10 pm |
|---|
| 9 | From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market | May 29, 3:10 pm |
|---|
| 10 | Google Chrome adds session cookie theft protection for all users | May 29, 1:10 pm |
|---|
| 11 | What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks | May 29, 12:10 pm |
|---|
| 12 | Man sent to prison for selling data of 7 millions elderly Americans | May 29, 12:10 pm |
|---|
| 13 | New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks | May 29, 12:10 pm |
|---|
| 14 | US charges Google security engineer with Polymarket insider trading | May 29, 11:10 am |
|---|
| 15 | Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets | May 29, 10:10 am |
|---|
| 16 | Charter Communications data breach affects 4.9 million accounts | May 29, 9:10 am |
|---|
| 17 | Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels | May 29, 7:10 am |
|---|
| 18 | ISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th) | May 29, 2:10 am |
|---|
| 19 | Anthropic confirms Claude Mythos-class models will roll out to the public | May 29, 1:10 am |
|---|
| 20 | GreyVibe hackers use ChatGPT, Gemini to power cyberattacks | May 28, 11:10 pm |
|---|
| 21 | BTMOB Android malware service generates custom phishing payloads | May 28, 10:10 pm |
|---|
| 22 | Analysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th) | May 28, 8:10 pm |
|---|
| 23 | FBI warns of fake FIFA websites running World Cup fraud schemes | May 28, 7:10 pm |
|---|
| 24 | Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code | May 28, 6:10 pm |
|---|
| 25 | Hackers exploit FortiClient EMS flaw to push infostealer malware | May 28, 6:10 pm |
|---|
| 26 | Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer | May 28, 5:10 pm |
|---|
| 27 | New Gogs zero-day flaw lets hackers get remote code execution | May 28, 3:10 pm |
|---|
| 28 | ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More | May 28, 2:10 pm |
|---|
| 29 | Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal | May 28, 2:10 pm |
|---|
| 30 | How SIEM helps MSPs reduce noise and stop threats faster | May 28, 2:10 pm |
|---|
| 31 | New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users" | May 28, 1:10 pm |
|---|
| 32 | Webinar: Why network incidents take too long to resolve | May 28, 1:10 pm |
|---|
| 33 | Romanian gets 5 years in prison for hacking Oregon govt network | May 28, 1:10 pm |
|---|
| 34 | Carnival Cruise confirms data breach affecting nearly 6 million people | May 28, 11:10 am |
|---|
| 35 | Sextortionist sentenced to 33 years for targeting 145 children | May 28, 10:10 am |
|---|
| 36 | JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware | May 28, 9:10 am |
|---|
| 37 | ISC Stormcast For Thursday, May 28th, 2026 https://isc.sans.edu/podcastdetail/9948, (Thu, May 28th) | May 28, 2:10 am |
|---|
| 38 | Reconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs, (Wed, May 27th) | May 27, 10:10 pm |
|---|
| 39 | GPU mining malware spreads via SEO poisoning, AI chatbots | May 27, 10:10 pm |
|---|
| 40 | Malicious npm Package Stole Files From Claude AI User Directory via GitHub | May 27, 5:10 pm |
|---|
| 41 | Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users | May 27, 5:10 pm |
|---|
| 42 | 3 SOC Steps that Shut Down Incident Risks Early | May 27, 3:10 pm |
|---|
| 43 | Glassworm botnet disrupted after resilient C2 infrastructure takedown | May 27, 2:10 pm |
|---|
| 44 | Can you enforce strong Active Directory password rules without frustrating users? | May 27, 2:10 pm |
|---|
| 45 | GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure | May 27, 1:10 pm |
|---|
| 46 | Gitea Vulnerability Exposes Private Container Images without Authentication | May 27, 12:10 pm |
|---|
| 47 | FBI warns of in-person data theft attacks from extortion gang | May 27, 12:10 pm |
|---|
| 48 | CISA gives feds 4 days to patch actively exploited cPanel plugin flaw | May 27, 10:10 am |
|---|
| 49 | Windows 11 KB5089573 update released with performance improvements | May 27, 9:10 am |
|---|
| 50 | Dutch police arrests suspect linked to Ajax football club hack | May 27, 9:10 am |
|---|
| 51 | AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites | May 27, 8:10 am |
|---|
| 52 | ISC Stormcast For Wednesday, May 27th, 2026 https://isc.sans.edu/podcastdetail/9946, (Wed, May 27th) | May 27, 2:10 am |
|---|
| 53 | Charter confirms data breach after ShinyHunters extortion threat | May 26, 8:10 pm |
|---|
| 54 | KnowledgeDeliver flaw exploited as a zero-day to install web shells | May 26, 8:10 pm |
|---|
| 55 | MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries | May 26, 5:10 pm |
|---|
| 56 | CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks | May 26, 2:10 pm |
|---|
| 57 | [THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back | May 26, 2:10 pm |
|---|
| 58 | How Varonis Atlas integrates Claude Compliance API for AI governance | May 26, 2:10 pm |
|---|
| 59 | Webinar: Too many tools are slowing network incident response | May 26, 1:10 pm |
|---|
| 60 | Microsoft Defender can now automatically isolate hacked endpoints | May 26, 1:10 pm |
|---|
| 61 | Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions | May 26, 12:10 pm |
|---|
| 62 | New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar | May 26, 12:10 pm |
|---|
| 63 | MFA Prompt Bombing: Why Your Second Factor Isn't Saving You | May 26, 11:10 am |
|---|
| 64 | CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks | May 26, 10:10 am |
|---|
| 65 | Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning | May 26, 9:10 am |
|---|
| 66 | CISA orders feds to patch actively exploited Drupal vulnerability | May 26, 9:10 am |
|---|
| 67 | Microsoft: Domain Controller lookup may fail on Windows Server 2016 | May 26, 8:10 am |
|---|
| 68 | 7-Eleven data breach exposes personal information of 185,000 people | May 26, 7:10 am |
|---|
| 69 | KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike | May 26, 6:10 am |
|---|
| 70 | ISC Stormcast For Tuesday, May 26th, 2026 https://isc.sans.edu/podcastdetail/9944, (Tue, May 26th) | May 26, 2:10 am |
|---|
| 71 | Possible ACR Stealer From Page Impersonating Claude, (Tue, May 26th) | May 26, 12:10 am |
|---|
| 72 | Anthropic’s restricted Claude Mythos model may be coming to Claude Code | May 25, 5:10 pm |
|---|
| 73 | ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos | May 25, 4:10 pm |
|---|
| 74 | Microsoft Access VBA, (Mon, May 25th) | May 25, 3:10 pm |
|---|
| 75 | Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks | May 25, 2:10 pm |
|---|
| 76 | TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th) | May 25, 2:10 pm |
|---|
| 77 | FBI warns of Kali365 phishing service targeting Microsoft 365 accounts | May 25, 1:10 pm |
|---|
| 78 | The Alert Firehose Finally Meets Its Match | May 25, 12:10 pm |
|---|
| 79 | Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks | May 25, 12:10 pm |
|---|
| 80 | Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms | May 25, 11:10 am |
|---|
| 81 | TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO | May 25, 7:10 am |
|---|
| 82 | Wireshark 4.6.6 Released, (Sun, May 24th) | May 24, 5:10 pm |
|---|
| 83 | Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign | May 24, 3:10 pm |
|---|
| 84 | Laravel Lang packages hijacked to deploy credential-stealing malware | May 23, 9:10 pm |
|---|
| 85 | Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware | May 23, 5:10 pm |
|---|
| 86 | npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks | May 23, 5:10 pm |
|---|
| 87 | Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes | May 23, 3:10 pm |
|---|
| 88 | Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software | May 23, 1:10 pm |
|---|
| 89 | Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer | May 23, 11:10 am |
|---|
| 90 | Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV | May 23, 8:10 am |
|---|
| 91 | LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root | May 23, 8:10 am |
|---|
| 92 | An Example of Stack String in High Level Language, (Sat, May 23rd) | May 23, 6:10 am |
|---|
| 93 | First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups | May 22, 7:10 pm |
|---|
| 94 | Netherlands seizes 800 servers of hosting firm enabling cyberattacks | May 22, 6:10 pm |
|---|
| 95 | Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware | May 22, 5:10 pm |
|---|
| 96 | Lawmakers Demand Answers as CISA Tries to Contain Data Leak | May 22, 5:10 pm |
|---|
| 97 | Former US execs plead guilty to aiding tech support scammers | May 22, 4:10 pm |
|---|
| 98 | Why Chargebacks are Just One Piece of the Fraud Puzzle | May 22, 2:10 pm |
|---|
| 99 | Drupal: Critical SQL injection flaw now targeted in attacks | May 22, 2:10 pm |
|---|
| 100 | Trend Micro warns of Apex One zero-day exploited in the wild | May 22, 2:10 pm |
|---|
| 101 | Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective | May 22, 1:10 pm |
|---|
| 102 | Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows | May 22, 1:10 pm |
|---|
| 103 | Ubiquiti patches three max severity UniFi OS vulnerabilities | May 22, 12:10 pm |
|---|
| 104 | Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks | May 22, 9:10 am |
|---|
| 105 | US and Canada arrest and charge suspected Kimwolf botnet admin | May 22, 9:10 am |
|---|
| 106 | CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV | May 22, 7:10 am |
|---|
| 107 | Cross-Platform NPM Stealer, (Fri, May 22nd) | May 22, 7:10 am |
|---|
| 108 | Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access | May 22, 6:10 am |
|---|
| 109 | ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd) | May 22, 2:10 am |
|---|
| 110 | Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada | May 21, 10:10 pm |
|---|
| 111 | Google accidentally exposed details of unfixed Chromium flaw | May 21, 7:10 pm |
|---|
| 112 | Apple blocked over $11 billion in App Store fraud in 6 years | May 21, 4:10 pm |
|---|
| 113 | Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor | May 21, 3:10 pm |
|---|
| 114 | ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories | May 21, 2:10 pm |
|---|
| 115 | Selective HTTP Proxying in Linux, (Thu, May 21st) | May 21, 2:10 pm |
|---|
| 116 | Max severity Cisco Secure Workload flaw gives Site Admin privileges | May 21, 2:10 pm |
|---|
| 117 | Chinese hackers target telcos with new Linux, Windows malware | May 21, 2:10 pm |
|---|
| 118 | Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet | May 21, 2:10 pm |
|---|
| 119 | Police seize “First VPN” service used in ransomware, data theft attacks | May 21, 1:10 pm |
|---|
| 120 | Microsoft Warns of Two Actively Exploited Defender Vulnerabilities | May 21, 12:10 pm |
|---|
| 121 | When Identity is the Attack Path | May 21, 11:10 am |
|---|
| 122 | Flipper One project needs community help to build open Linux platform | May 21, 11:10 am |
|---|
| 123 | 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros | May 21, 9:10 am |
|---|
| 124 | Microsoft warns of new Defender zero-days exploited in attacks | May 21, 8:10 am |
|---|
| 125 | GitHub links repo breach to TanStack npm supply-chain attack | May 21, 7:10 am |
|---|
| 126 | Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks | May 21, 5:10 am |
|---|
| 127 | GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension | May 21, 5:10 am |
|---|
| 128 | ISC Stormcast For Thursday, May 21st, 2026 https://isc.sans.edu/podcastdetail/9940, (Thu, May 21st) | May 21, 2:10 am |
|---|
| 129 | Hackers bypass SonicWall VPN MFA due to incomplete patching | May 20, 10:10 pm |
|---|
| 130 | Ukraine identifies infostealer operator tied to 28,000 stolen accounts | May 20, 10:10 pm |
|---|
| 131 | Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development | May 20, 5:10 pm |
|---|
| 132 | Grafana breach caused by missed token rotation after TanStack attack | May 20, 4:10 pm |
|---|
| 133 | Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks | May 20, 3:10 pm |
|---|
| 134 | Agent AI is Coming. Are You Ready? | May 20, 2:10 pm |
|---|
| 135 | Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API | May 20, 2:10 pm |
|---|
| 136 | Identity Alone Isn't Enough: Why Device Security Has to Share the Load | May 20, 2:10 pm |
|---|
| 137 | Drupal critical update to fix bug with high exploitation risk | May 20, 1:10 pm |
|---|
| 138 | Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem | May 20, 11:10 am |
|---|
| 139 | Exploit released for new PinTheft Arch Linux root escalation flaw | May 20, 11:10 am |
|---|
| 140 | GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos | May 20, 10:10 am |
|---|
| 141 | Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit | May 20, 10:10 am |
|---|
| 142 | GitHub confirms breach of 3,800 repos via malicious VSCode extension | May 20, 9:10 am |
|---|
| 143 | Microsoft shares mitigation for YellowKey Windows zero-day | May 20, 8:10 am |
|---|
| 144 | Grafana GitHub Breach Exposes Source Code via TanStack npm Attack | May 20, 6:10 am |
|---|
| 145 | GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories | May 20, 5:10 am |
|---|
| 146 | GitHub investigates internal repositories breach claimed by TeamPCP | May 20, 5:10 am |
|---|
| 147 | ISC Stormcast For Wednesday, May 20th, 2026 https://isc.sans.edu/podcastdetail/9938, (Wed, May 20th) | May 20, 2:10 am |
|---|
| 148 | Max-severity flaw in ChromaDB for AI apps allows server hijacking | May 20, 12:10 am |
|---|
| 149 | Cybercrime service disrupted for abusing Microsoft platform to sign malware | May 19, 10:10 pm |
|---|
| 150 | Discord rolls out end-to-end encryption on voice, video calls | May 19, 9:10 pm |
|---|
| 151 | Microsoft Self-Service Password Reset abused in Azure data theft attacks | May 19, 8:10 pm |
|---|
| 152 | FBI: Americans lost over $388 million to scams using crypto ATMs in 2025 | May 19, 8:10 pm |
|---|
| 153 | Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps | May 19, 6:10 pm |
|---|
| 154 | Microsoft blames macOS update for undismissible Teams location prompts | May 19, 5:10 pm |
|---|
| 155 | Microsoft plans to improve Windows 11 driver quality in 2026 | May 19, 5:10 pm |
|---|
| 156 | 7-Eleven confirms data breach claimed by the ShinyHunters gang | May 19, 3:10 pm |
|---|
| 157 | New Shai-Hulud malware wave compromises 600 npm packages | May 19, 3:10 pm |
|---|
| 158 | DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability | May 19, 3:10 pm |
|---|
| 159 | Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation | May 19, 2:10 pm |
|---|
| 160 | Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare | May 19, 1:10 pm |
|---|
| 161 | The New Phishing Click: How OAuth Consent Bypasses MFA | May 19, 1:10 pm |
|---|
| 162 | Webinar: The hidden bottlenecks in network incident response | May 19, 1:10 pm |
|---|
| 163 | Microsoft confirms patching issues in restricted Windows networks | May 19, 12:10 pm |
|---|
| 164 | SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access | May 19, 11:10 am |
|---|
| 165 | Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer | May 19, 9:10 am |
|---|
| 166 | Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials | May 19, 7:10 am |
|---|
| 167 | Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account | May 19, 6:10 am |
|---|
| 168 | GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials | May 19, 6:10 am |
|---|
| 169 | ISC Stormcast For Tuesday, May 19th, 2026 https://isc.sans.edu/podcastdetail/9936, (Tue, May 19th) | May 19, 2:10 am |
|---|
| 170 | INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers | May 18, 11:10 pm |
|---|
| 171 | SHub macOS infostealer variant spoofs Apple security updates | May 18, 10:10 pm |
|---|
| 172 | TeamPCP Supply Chain Campaign: Activity Through 2026-05-17, (Mon, May 18th) | May 18, 9:10 pm |
|---|
| 173 | CISA Admin Leaked AWS GovCloud Keys on Github | May 18, 9:10 pm |
|---|
| 174 | 5 Steps to Managing Shadow AI Tools Without Slowing Down Employees | May 18, 7:10 pm |
|---|
| 175 | INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests | May 18, 6:10 pm |
|---|
| 176 | Leaked Shai-Hulud malware fuels new npm infostealer campaign | May 18, 6:10 pm |
|---|
| 177 | ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More | May 18, 4:10 pm |
|---|
| 178 | How to Reduce Phishing Exposure Before It Turns into Business Disruption | May 18, 2:10 pm |
|---|
| 179 | Grafana says stolen GitHub token let hackers steal codebase | May 18, 2:10 pm |
|---|
| 180 | Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws | May 18, 12:10 pm |
|---|
| 181 | Microsoft testing adjustable taskbar, Start menu in Windows 11 | May 18, 12:10 pm |
|---|
| 182 | Developer Workstations Are Now Part of the Software Supply Chain | May 18, 12:10 pm |
|---|
| 183 | Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware | May 18, 11:10 am |
|---|
| 184 | MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems | May 18, 9:10 am |
|---|
| 185 | Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations | May 18, 9:10 am |
|---|
| 186 | Microsoft confirms Windows 11 security update install issues | May 18, 9:10 am |
|---|
| 187 | Exploit available for new DirtyDecrypt Linux root escalation flaw | May 18, 8:10 am |
|---|
| 188 | Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026 | May 18, 6:10 am |
|---|
| 189 | New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released | May 17, 11:10 pm |
|---|
| 190 | NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE | May 17, 3:10 pm |
|---|
| 191 | Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing | May 17, 3:10 pm |
|---|
| 192 | Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt | May 17, 8:10 am |
|---|
| 193 | Microsoft rejects critical Azure vulnerability report, no CVE issued | May 16, 9:10 pm |
|---|
| 194 | Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming | May 16, 5:10 pm |
|---|
| 195 | Russian hackers turn Kazuar backdoor into modular P2P botnet | May 16, 3:10 pm |
|---|
| 196 | Funnel Builder WordPress plugin bug exploited to steal credit cards | May 15, 8:10 pm |
|---|
| 197 | Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access | May 15, 6:10 pm |
|---|
| 198 | Popular node-ipc npm package compromised to steal credentials | May 15, 6:10 pm |
|---|
| 199 | Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own | May 15, 6:10 pm |
|---|
| 200 | Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence | May 15, 4:10 pm |
|---|
| 201 | Avada Builder WordPress plugin flaws allow site credential theft | May 15, 4:10 pm |
|---|
| 202 | Microsoft backpedals: Edge to stop loading passwords into memory | May 15, 3:10 pm |
|---|
| 203 | Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution | May 15, 2:10 pm |
|---|
| 204 | Microsoft to automatically roll back faulty Windows drivers | May 15, 1:10 pm |
|---|
| 205 | TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates | May 15, 12:10 pm |
|---|
| 206 | What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface | May 15, 12:10 pm |
|---|
| 207 | Microsoft warns of Exchange zero-day flaw exploited in attacks | May 15, 10:10 am |
|---|
| 208 | On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email | May 15, 7:10 am |
|---|
| 209 | [Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th) | May 15, 7:10 am |
|---|
| 210 | CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits | May 15, 6:10 am |
|---|
| 211 | ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th) | May 15, 5:10 am |
|---|
| 212 | TeamPCP hackers advertise Mistral AI code repos for sale | May 14, 11:10 pm |
|---|
| 213 | Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin | May 14, 9:10 pm |
|---|
| 214 | Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks | May 14, 8:10 pm |
|---|
| 215 | Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets | May 14, 7:10 pm |
|---|
| 216 | Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access | May 14, 7:10 pm |
|---|
| 217 | Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 | May 14, 7:10 pm |
|---|
| 218 | OpenAI confirms security breach in TanStack supply chain attack | May 14, 7:10 pm |
|---|
| 219 | ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories | May 14, 6:10 pm |
|---|
| 220 | Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight | May 14, 4:10 pm |
|---|
| 221 | 18-year-old NGINX vulnerability allows DoS, potential RCE | May 14, 4:10 pm |
|---|
| 222 | Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike | May 14, 3:10 pm |
|---|
| 223 | KongTuke hackers now use Microsoft Teams for corporate breaches | May 14, 1:10 pm |
|---|
| 224 | How AI Hallucinations Are Creating Real Security Risks | May 14, 12:10 pm |
|---|
| 225 | PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure | May 14, 12:10 pm |
|---|
| 226 | Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation | May 14, 10:10 am |
|---|
| 227 | Dell confirms its SupportAssist software causes Windows BSOD crashes | May 14, 10:10 am |
|---|
| 228 | US charges suspected Dream Market admin arrested in Germany | May 14, 9:10 am |
|---|
| 229 | New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption | May 14, 8:10 am |
|---|
| 230 | New Fragnesia Linux flaw lets attackers gain root privileges | May 14, 8:10 am |
|---|
| 231 | 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE | May 14, 7:10 am |
|---|
| 232 | Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th) | May 14, 7:10 am |
|---|
| 233 | ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th) | May 14, 5:10 am |
|---|
| 234 | West Pharmaceutical says hackers stole data, encrypted systems | May 13, 11:10 pm |
|---|
| 235 | Iranian hackers targeted major South Korean electronics maker | May 13, 10:10 pm |
|---|
| 236 | New critical Exim mailer flaw allows remote code execution | May 13, 9:10 pm |
|---|
| 237 | Windows BitLocker zero-day gives access to protected drives, PoC released | May 13, 5:10 pm |
|---|
| 238 | Microsoft fixes BitLocker recovery issue only for Windows 11 users | May 13, 4:10 pm |
|---|
| 239 | Webinar tomorrow: Why security alone won't stop modern attacks | May 13, 4:10 pm |
|---|
| 240 | [Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud | May 13, 3:10 pm |
|---|
| 241 | Microsoft fixes Windows Autopatch bug installing restricted drivers | May 13, 3:10 pm |
|---|
| 242 | Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation | May 13, 2:10 pm |
|---|
| 243 | Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday | May 13, 2:10 pm |
|---|
| 244 | Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws | May 13, 1:10 pm |
|---|
| 245 | Most Remediation Programs Never Confirm the Fix Actually Worked | May 13, 1:10 pm |
|---|
| 246 | [Webinar] Why Your AppSec Tools Miss the "Lethal Path" (and How to Fix It) | May 13, 1:10 pm |
|---|
| 247 | 73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation | May 13, 1:10 pm |
|---|
| 248 | Foxconn confirms cyberattack claimed by Nitrogen ransomware gang | May 13, 1:10 pm |
|---|
| 249 | Microsoft says some users can't install Office on Windows 365 devices | May 13, 12:10 pm |
|---|
| 250 | GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data | May 13, 10:10 am |
|---|
| 251 | Android Adds Intrusion Logging for Sophisticated Spyware Forensics | May 13, 8:10 am |
|---|
| 252 | [GUEST DIARY] Tearing apart website fraud to see how it works., (Wed, May 13th) | May 13, 7:10 am |
|---|
| 253 | ISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930, (Wed, May 13th) | May 13, 3:10 am |
|---|
| 254 | Proxying the Unproxyable? Sending EXE traffic to a Proxy, (Wed, May 13th) | May 13, 2:10 am |
|---|
| 255 | US govt seeks Instructure testimony on massive Canvas cyberattack | May 12, 11:10 pm |
|---|
| 256 | Patch Tuesday, May 2026 Edition | May 12, 10:10 pm |
|---|
| 257 | UK fines water supplier $1.3M for exposing data of 664k customers | May 12, 9:10 pm |
|---|
| 258 | Signal adds security warnings for social engineering, phishing attacks | May 12, 8:10 pm |
|---|
| 259 | Webinar: Fixing the gaps in network incident response | May 12, 8:10 pm |
|---|
| 260 | Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator | May 12, 7:10 pm |
|---|
| 261 | Microsoft May 2026 Patch Tuesday, (Tue, May 12th) | May 12, 7:10 pm |
|---|
| 262 | Microsoft releases Windows 10 KB5087544 extended security update | May 12, 7:10 pm |
|---|
| 263 | New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution | May 12, 6:10 pm |
|---|
| 264 | Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days | May 12, 6:10 pm |
|---|
| 265 | Windows 11 KB5089549 & KB5087420 cumulative updates released | May 12, 6:10 pm |
|---|
| 266 | RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded | May 12, 5:10 pm |
|---|
| 267 | Android 17 to expand banking scam call and privacy protections | May 12, 5:10 pm |
|---|
| 268 | Škoda warns of customer data breach after online shop hack | May 12, 5:10 pm |
|---|
| 269 | New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots | May 12, 2:10 pm |
|---|
| 270 | Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help | May 12, 1:10 pm |
|---|
| 271 | Why Agentic AI Is Security's Next Blind Spot | May 12, 12:10 pm |
|---|
| 272 | Shai Hulud attack ships signed malicious TanStack, Mistral npm packages | May 12, 12:10 pm |
|---|
| 273 | SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA | May 12, 11:10 am |
|---|
| 274 | Instructure reaches 'agreement' with ShinyHunters to stop data leak | May 12, 10:10 am |
|---|
| 275 | Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages | May 12, 9:10 am |
|---|
| 276 | OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation | May 12, 8:10 am |
|---|
| 277 | Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak | May 12, 8:10 am |
|---|
| 278 | iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android | May 12, 7:10 am |
|---|
| 279 | ISC Stormcast For Tuesday, May 12th, 2026 https://isc.sans.edu/podcastdetail/9928, (Tue, May 12th) | May 12, 4:10 am |
|---|
| 280 | Apple Patches Everything, (Mon, May 11th) | May 11, 11:10 pm |
|---|
| 281 | GM agrees to $12.75M California settlement over sale of drivers’ data | May 11, 11:10 pm |
|---|
| 282 | New GhostLock tool abuses Windows API to block file access | May 11, 10:10 pm |
|---|
| 283 | Official CheckMarx Jenkins package compromised with infostealer | May 11, 10:10 pm |
|---|
| 284 | TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack | May 11, 8:10 pm |
|---|
| 285 | cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor | May 11, 6:10 pm |
|---|
| 286 | Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation | May 11, 5:10 pm |
|---|
| 287 | Instructure confirms hackers used Canvas flaw to deface portals | May 11, 4:10 pm |
|---|
| 288 | Why we use CAPTCHAs, (Mon, May 11th) | May 11, 3:10 pm |
|---|
| 289 | ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More | May 11, 2:10 pm |
|---|
| 290 | Why Changing Passwords Doesn’t End an Active Directory Breach | May 11, 2:10 pm |
|---|
| 291 | Webinar this week: Prevention alone is not enough against modern attacks | May 11, 1:10 pm |
|---|
| 292 | Google: Hackers used AI to develop zero-day exploit for web admin tool | May 11, 1:10 pm |
|---|
| 293 | Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room | May 11, 12:10 pm |
|---|
| 294 | Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads | May 11, 9:10 am |
|---|
| 295 | TrickMo Android banker adopts TON blockchain for covert comms | May 11, 9:10 am |
|---|
| 296 | ISC Stormcast For Monday, May 11th, 2026 https://isc.sans.edu/podcastdetail/9926, (Mon, May 11th) | May 11, 3:10 am |
|---|
| 297 | YARA-X 1.16.0 Release, (Sun, May 10th) | May 10, 11:10 pm |
|---|
| 298 | Hackers abuse Google ads, Claude.ai chats to push Mac malware | May 10, 6:10 pm |
|---|
| 299 | Police shut down reboot of Crimenetwork marketplace, arrest admin | May 10, 3:10 pm |
|---|
| 300 | Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak | May 10, 1:10 pm |
|---|
| 301 | JDownloader site hacked to replace installers with Python RAT malware | May 9, 8:10 pm |
|---|
| 302 | Fake OpenAI repository on Hugging Face pushes infostealer malware | May 9, 3:10 pm |
|---|
| 303 | cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now | May 9, 8:10 am |
|---|
| 304 | TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms | May 8, 7:10 pm |
|---|
| 305 | Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads | May 8, 5:10 pm |
|---|
| 306 | NVIDIA confirms GeForce NOW data breach affecting Armenian users | May 8, 5:10 pm |
|---|
| 307 | Trellix source code breach claimed by RansomHouse hackers | May 8, 2:10 pm |
|---|
| 308 | Why More Analysts Won’t Solve Your SOC’s Alert Problem | May 8, 2:10 pm |
|---|
| 309 | CISA gives feds four days to patch Ivanti flaw exploited as zero-day | May 8, 1:10 pm |
|---|
| 310 | Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise | May 8, 12:10 pm |
|---|
| 311 | New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials | May 8, 11:10 am |
|---|
| 312 | One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk | May 8, 11:10 am |
|---|
| 313 | Zara data breach exposed personal information of 197,000 people | May 8, 11:10 am |
|---|
| 314 | Former govt contractor convicted for wiping dozens of federal databases | May 8, 9:10 am |
|---|
| 315 | Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions | May 8, 8:10 am |
|---|
| 316 | New Linux 'Dirty Frag' zero-day gives root on all major distros | May 8, 8:10 am |
|---|
| 317 | Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th) | May 8, 8:10 am |
|---|
| 318 | Canvas Breach Disrupts Schools & Colleges Nationwide | May 8, 3:10 am |
|---|
| 319 | ISC Stormcast For Friday, May 8th, 2026 https://isc.sans.edu/podcastdetail/9924, (Fri, May 8th) | May 8, 2:10 am |
|---|
| 320 | Canvas login portals hacked in mass ShinyHunters extortion campaign | May 7, 11:10 pm |
|---|
| 321 | New TCLBanker malware self-spreads over WhatsApp and Outlook | May 7, 10:10 pm |
|---|
| 322 | PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems | May 7, 7:10 pm |
|---|
| 323 | Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access | May 7, 7:10 pm |
|---|
| 324 | New PCPJack worm steals credentials, cleans TeamPCP infections | May 7, 7:10 pm |
|---|
| 325 | Australia warns of ClickFix attacks pushing Vidar Stealer malware | May 7, 6:10 pm |
|---|
| 326 | Ivanti warns of new EPMM flaw exploited in zero-day attacks | May 7, 4:10 pm |
|---|
| 327 | One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth Breaches | May 7, 3:10 pm |
|---|
| 328 | PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage | May 7, 2:10 pm |
|---|
| 329 | Americans sentenced for running 'laptop farms' for North Korea | May 7, 2:10 pm |
|---|
| 330 | The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls | May 7, 2:10 pm |
|---|
| 331 | Crypto gang member gets 6.5 years for role in $230 million heist | May 7, 1:10 pm |
|---|
| 332 | Day Zero Readiness: The Operational Gaps That Break Incident Response | May 7, 12:10 pm |
|---|
| 333 | ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories | May 7, 12:10 pm |
|---|
| 334 | Webinar: Why modern attacks require both security and recovery | May 7, 12:10 pm |
|---|
| 335 | Palo Alto Networks firewall zero-day exploited for nearly a month | May 7, 11:10 am |
|---|
| 336 | PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux | May 7, 10:10 am |
|---|
| 337 | Fake Claude AI website delivers new 'Beagle' Windows malware | May 7, 10:10 am |
|---|
| 338 | vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution | May 7, 5:10 am |
|---|
| 339 | An Adaptive Cyber Analytics UI for Web Honeypot Logs [Guest Diary], (Wed, May 6th) | May 7, 2:10 am |
|---|
| 340 | ISC Stormcast For Thursday, May 7th, 2026 https://isc.sans.edu/podcastdetail/9922, (Thu, May 7th) | May 7, 2:10 am |
|---|
| 341 | Hackers abuse Google ads for GoDaddy ManageWP login phishing | May 6, 10:10 pm |
|---|
| 342 | Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks | May 6, 9:10 pm |
|---|
| 343 | Critical vm2 sandbox bug lets attackers execute code on hosts | May 6, 7:10 pm |
|---|
| 344 | New Cisco DoS flaw requires manual reboot to revive devices | May 6, 6:10 pm |
|---|
| 345 | DAEMON Tools devs confirm breach, release malware-free version | May 6, 5:10 pm |
|---|
| 346 | MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack | May 6, 3:10 pm |
|---|
| 347 | Why ransomware attacks succeed even when backups exist | May 6, 2:10 pm |
|---|
| 348 | Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing? | May 6, 1:10 pm |
|---|
| 349 | The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open | May 6, 1:10 pm |
|---|
| 350 | Webinar: Why network incidents escalate and how to fix response gaps | May 6, 1:10 pm |
|---|
| 351 | MuddyWater hackers use Chaos ransomware as a decoy in attacks | May 6, 1:10 pm |
|---|
| 352 | Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs | May 6, 10:10 am |
|---|
| 353 | Google's Android Apps Get Public Verification to Stop Supply Chain Attacks | May 6, 10:10 am |
|---|
| 354 | Palo Alto Networks warns of firewall RCE zero-day exploited in attacks | May 6, 10:10 am |
|---|
| 355 | Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution | May 6, 8:10 am |
|---|
| 356 | ISC Stormcast For Wednesday, May 6th, 2026 https://isc.sans.edu/podcastdetail/9920, (Wed, May 6th) | May 6, 2:10 am |
|---|
| 357 | Instructure hacker claims data theft from 8,800 schools, universities | May 5, 10:10 pm |
|---|
| 358 | New stealthy Quasar Linux malware targets software developers | May 5, 10:10 pm |
|---|
| 359 | DAEMON Tools trojanized in supply-chain attack to deploy backdoor | May 5, 8:10 pm |
|---|
| 360 | The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss | May 5, 7:10 pm |
|---|
| 361 | Student hacked Taiwan high-speed rail to trigger emergency brakes | May 5, 6:10 pm |
|---|
| 362 | DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware | May 5, 5:10 pm |
|---|
| 363 | Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE | May 5, 5:10 pm |
|---|
| 364 | China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions | May 5, 4:10 pm |
|---|
| 365 | FTC to ban data broker Kochava from selling Americans’ location data | May 5, 3:10 pm |
|---|
| 366 | The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check. | May 5, 2:10 pm |
|---|
| 367 | MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks | May 5, 1:10 pm |
|---|
| 368 | The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed | May 5, 1:10 pm |
|---|
| 369 | Vimeo data breach exposes personal information of 119,000 people | May 5, 1:10 pm |
|---|
| 370 | Google now offers up to $1.5 million for some Android exploits | May 5, 12:10 pm |
|---|
| 371 | Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th) | May 5, 12:10 pm |
|---|
| 372 | SSL.com rotates their root certificate today, (Tue, May 5th) | May 5, 12:10 pm |
|---|
| 373 | Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison | May 5, 11:10 am |
|---|
| 374 | We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is | May 5, 11:10 am |
|---|
| 375 | ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows | May 5, 10:10 am |
|---|
| 376 | CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs | May 5, 10:10 am |
|---|
| 377 | ScarCruft hackers push BirdCall Android malware via game platform | May 5, 9:10 am |
|---|
| 378 | Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries | May 5, 8:10 am |
|---|
| 379 | Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API | May 5, 8:10 am |
|---|
| 380 | ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th) | May 5, 2:10 am |
|---|
| 381 | Weaver E-cology critical bug exploited in attacks since March | May 4, 11:10 pm |
|---|
| 382 | Amazon SES increasingly abused in phishing to evade detection | May 4, 8:10 pm |
|---|
| 383 | Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools | May 4, 7:10 pm |
|---|
| 384 | Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass | May 4, 6:10 pm |
|---|
| 385 | TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03), (Mon, May 4th) | May 4, 6:10 pm |
|---|
| 386 | Backdoored PyTorch Lightning package drops credential stealer | May 4, 6:10 pm |
|---|
| 387 | Trellix discloses data breach after source code repository hack | May 4, 5:10 pm |
|---|
| 388 | ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More | May 4, 4:10 pm |
|---|
| 389 | DShield Honeypot Update, (Mon, May 4th) | May 4, 3:10 pm |
|---|
| 390 | They don’t hack, they borrow: How fraudsters target credit unions | May 4, 2:10 pm |
|---|
| 391 | Webinar: Why MSPs must rethink security and backup strategies | May 4, 1:10 pm |
|---|
| 392 | Progress warns of critical MOVEit Automation auth bypass flaw | May 4, 1:10 pm |
|---|
| 393 | CISA says ‘Copy Fail’ flaw now exploited to root Linux systems | May 4, 12:10 pm |
|---|
| 394 | Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia | May 4, 12:10 pm |
|---|
| 395 | 2026: The Year of AI-Assisted Attacks | May 4, 12:10 pm |
|---|
| 396 | Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks | May 4, 11:10 am |
|---|
| 397 | Microsoft confirms April Windows updates cause backup failures | May 4, 11:10 am |
|---|
| 398 | Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M | May 4, 7:10 am |
|---|
| 399 | ISC Stormcast For Monday, May 4th, 2026 https://isc.sans.edu/podcastdetail/9916, (Mon, May 4th) | May 4, 2:10 am |
|---|
| 400 | Instructure confirms data breach, ShinyHunters claims attack | May 3, 11:10 pm |
|---|
| 401 | Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha | May 3, 7:10 pm |
|---|
| 402 | Wireshark 4.6.5 Released, (Sun, May 3rd) | May 3, 5:10 pm |
|---|
| 403 | Telegram Mini Apps abused for crypto scams, Android malware delivery | May 3, 3:10 pm |
|---|
| 404 | CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV | May 3, 7:10 am |
|---|
| 405 | Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks | May 2, 10:10 pm |
|---|
| 406 | ConsentFix v3 attacks target Azure with automated OAuth abuse | May 2, 3:10 pm |
|---|
| 407 | Trellix Confirms Source Code Breach With Unauthorized Repository Access | May 2, 7:10 am |
|---|
| 408 | Microsoft tests modern Windows Run, says it's faster than legacy dialog | May 2, 1:10 am |
|---|
| 409 | Edu tech firm Instructure discloses cyber incident, probes impact | May 2, 12:10 am |
|---|
| 410 | 30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign | May 1, 8:10 pm |
|---|
| 411 | Malicious Ad for Homebrew Leads to MacSync Stealer, (Fri, May 1st) | May 1, 7:10 pm |
|---|
| 412 | 15-year-old detained over French govt agency data breach | May 1, 6:10 pm |
|---|
| 413 | Story retracted | May 1, 5:10 pm |
|---|
| 414 | China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists | May 1, 3:10 pm |
|---|
| 415 | Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations | May 1, 3:10 pm |
|---|
| 416 | Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks | May 1, 3:10 pm |
|---|
| 417 | Microsoft fixes Remote Desktop warnings displaying incorrectly | May 1, 1:10 pm |
|---|
| 418 | Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks | May 1, 12:10 pm |
|---|
| 419 | Top Five Sales Challenges Costing MSPs Cybersecurity Revenue | May 1, 12:10 pm |
|---|
| 420 | Microsoft now lets admins choose pre-installed Store apps to uninstall | May 1, 12:10 pm |
|---|
| 421 | Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft | May 1, 10:10 am |
|---|
| 422 | Windows 11 KB5083631 update released with 34 changes and fixes | May 1, 10:10 am |
|---|
| 423 | US ransomware negotiators get 4 years in prison over BlackCat attacks | May 1, 8:10 am |
|---|
| 424 | ISC Stormcast For Friday, May 1st, 2026 https://isc.sans.edu/podcastdetail/9914, (Fri, May 1st) | May 1, 2:10 am |
|---|
| 425 | PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials | Apr 30, 7:10 pm |
|---|
| 426 | New Bluekit phishing service includes an AI assistant, 40 templates | Apr 30, 7:10 pm |
|---|
| 427 | Romanian leader of online swatting ring gets 4 years in prison | Apr 30, 6:10 pm |
|---|
| 428 | PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials | Apr 30, 5:10 pm |
|---|
| 429 | FBI links cybercriminals to sharp surge in cargo theft attacks | Apr 30, 5:10 pm |
|---|
| 430 | April KB5083769 Windows 11 update causes backup software failures | Apr 30, 4:10 pm |
|---|
| 431 | New Linux ‘Copy Fail’ flaw gives hackers root on major distros | Apr 30, 2:10 pm |
|---|
| 432 | ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories | Apr 30, 2:10 pm |
|---|
| 433 | What Happens in the First 24 Hours After a New Asset Goes Live | Apr 30, 2:10 pm |
|---|
| 434 | Anti-DDoS Firm Heaped Attacks on Brazilian ISPs | Apr 30, 2:10 pm |
|---|
| 435 | EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades | Apr 30, 1:10 pm |
|---|
| 436 | New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials | Apr 30, 1:10 pm |
|---|
| 437 | Police dismantles 9 crypto scam centers, arrests 276 suspects | Apr 30, 12:10 pm |
|---|
| 438 | Critical cPanel and WHM bug exploited as a zero-day, PoC now available | Apr 30, 12:10 pm |
|---|
| 439 | New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions | Apr 30, 10:10 am |
|---|
| 440 | Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution | Apr 30, 7:10 am |
|---|
| 441 | ISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912, (Thu, Apr 30th) | Apr 30, 2:10 am |
|---|
| 442 | Danger of Libredtail [Guest Diary], (Wed, Apr 29th) | Apr 30, 12:10 am |
|---|
| 443 | Popular WordPress redirect plugin hid dormant backdoor for years | Apr 29, 11:10 pm |
|---|
| 444 | Official SAP npm packages compromised to steal credentials | Apr 29, 11:10 pm |
|---|
| 445 | Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining | Apr 29, 9:10 pm |
|---|
| 446 | Hackers arrested for hijacking and selling 610,000 Roblox accounts | Apr 29, 7:10 pm |
|---|
| 447 | SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack | Apr 29, 6:10 pm |
|---|
| 448 | SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware | Apr 29, 5:10 pm |
|---|
| 449 | New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs | Apr 29, 4:10 pm |
|---|
| 450 | cPanel, WHM emergency update fixes critical auth bypass bug | Apr 29, 4:10 pm |
|---|
| 451 | European police dismantles €50 million crypto investment fraud ring | Apr 29, 3:10 pm |
|---|
| 452 | Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks | Apr 29, 2:10 pm |
|---|
| 453 | Learning from the Vercel breach: Shadow AI & OAuth sprawl | Apr 29, 2:10 pm |
|---|
| 454 | Today's Odd Web Requests, (Wed, Apr 29th) | Apr 29, 2:10 pm |
|---|
| 455 | GitHub fixes RCE flaw that gave access to millions of private repos | Apr 29, 1:10 pm |
|---|
| 456 | What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong) | Apr 29, 12:10 pm |
|---|
| 457 | Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately | Apr 29, 11:10 am |
|---|
| 458 | CISA orders feds to patch Windows flaw exploited as zero-day | Apr 29, 11:10 am |
|---|
| 459 | Microsoft says backend change broke Teams Free chat and calls | Apr 29, 9:10 am |
|---|
| 460 | CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV | Apr 29, 9:10 am |
|---|
| 461 | LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure | Apr 29, 6:10 am |
|---|
| 462 | ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th) | Apr 29, 2:10 am |
|---|
| 463 | Broken VECT 2.0 ransomware acts as a data wiper for large files | Apr 28, 10:10 pm |
|---|
| 464 | Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw | Apr 28, 9:10 pm |
|---|
| 465 | Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push | Apr 28, 7:10 pm |
|---|
| 466 | Video service Vimeo confirms Anodot breach exposed user data | Apr 28, 7:10 pm |
|---|
| 467 | Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign | Apr 28, 6:10 pm |
|---|
| 468 | US reportedly charges Scattered Spider hacker arrested in Finland | Apr 28, 4:10 pm |
|---|
| 469 | VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi | Apr 28, 3:10 pm |
|---|
| 470 | Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data | Apr 28, 3:10 pm |
|---|
| 471 | Microsoft to deprecate legacy TLS in Exchange Online starting July | Apr 28, 2:10 pm |
|---|
| 472 | HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th) | Apr 28, 2:10 pm |
|---|
| 473 | Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About | Apr 28, 1:10 pm |
|---|
| 474 | Inside an OPSEC Playbook: How Threat Actors Evade Detection | Apr 28, 1:10 pm |
|---|
| 475 | Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE | Apr 28, 12:10 pm |
|---|
| 476 | After Mythos: New Playbooks For a Zero-Window Era | Apr 28, 11:10 am |
|---|
| 477 | Microsoft: New Remote Desktop warnings may display incorrectly | Apr 28, 10:10 am |
|---|
| 478 | Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks | Apr 28, 9:10 am |
|---|
| 479 | Microsoft asks iPhone users to reauthenticate after Outlook outage | Apr 28, 9:10 am |
|---|
| 480 | Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 | Apr 28, 7:10 am |
|---|
| 481 | Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover | Apr 28, 7:10 am |
|---|
| 482 | ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th) | Apr 28, 2:10 am |
|---|
| 483 | Robinhood account creation flaw abused to send phishing emails | Apr 28, 12:10 am |
|---|
| 484 | GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions | Apr 27, 10:10 pm |
|---|
| 485 | Alleged Silk Typhoon hacker extradited to US for cyberespionage | Apr 27, 8:10 pm |
|---|
| 486 | Canada arrests three for operating “SMS blaster” device in Toronto | Apr 27, 8:10 pm |
|---|
| 487 | FTC: Americans lost over $2.1 billion to social media scams in 2025 | Apr 27, 5:10 pm |
|---|
| 488 | ⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More | Apr 27, 4:10 pm |
|---|
| 489 | Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack | Apr 27, 4:10 pm |
|---|
| 490 | PyPI package with 1.1M monthly downloads hacked to push infostealer | Apr 27, 4:10 pm |
|---|
| 491 | Webinar: Spotting cyberattacks before they begin | Apr 27, 3:10 pm |
|---|
| 492 | Home security giant ADT data breach affects 5.5 million people | Apr 27, 3:10 pm |
|---|
| 493 | Medtronic confirms breach after hackers claim 9 million records theft | Apr 27, 2:10 pm |
|---|
| 494 | TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th) | Apr 27, 2:10 pm |
|---|
| 495 | Deepfake Voice Attacks are Outpacing Defenses: What Security Leaders Should Know | Apr 27, 1:10 pm |
|---|
| 496 | Money launderer linked to $230M crypto heist gets 70 months in prison | Apr 27, 1:10 pm |
|---|
| 497 | Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware | Apr 27, 12:10 pm |
|---|
| 498 | PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks | Apr 27, 12:10 pm |
|---|
| 499 | Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side | Apr 27, 12:10 pm |
|---|
| 500 | Microsoft says Outlook.com outage is causing sign‑in failures | Apr 27, 12:10 pm |
|---|
