List cybersec
Trend Micro warns of Apex One zero-day exploited in the wild
{ "priority": "CRITICAL", "cve": "N/A", "target": "Trend Micro Apex One", "threat_actor": "N/A", "patch_ready": true, "insight": "Trend Micro warns of Apex One zero-day exploited in the wi..
2:10 pm, May 22, 2026 Cybersecurity
Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective
{ "priority": "INFO", "cve": "N/A", "target": "Windows kernel mode drivers", "threat_actor": "N/A", "patch_ready": false, "insight": "Research analyzes exploitability of Windows kernel mod..
1:10 pm, May 22, 2026 Cybersecurity
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "Megalodon", "patch_ready": false, "insight": "Megalodon campaign injects malicious GitHub Actions workflows into 5,..
1:10 pm, May 22, 2026 Cybersecurity
Ubiquiti patches three max severity UniFi OS vulnerabilities
{ "priority": "CRITICAL", "cve": "N/A", "target": "UniFi OS", "threat_actor": "N/A", "patch_ready": true, "insight": "Ubiquiti patches three maximum severity vulnerabilities in UniFi OS th..
12:10 pm, May 22, 2026 Cybersecurity
Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "Kimwolf", "patch_ready": false, "insight": "A Canadian man, Jacob Butler, was arrested for operating the Kimwolf DDoS b..
9:10 am, May 22, 2026 Cybersecurity
US and Canada arrest and charge suspected Kimwolf botnet admin
{ "priority": "HIGH", "cve": "N/A", "target": "Kimwolf botnet", "threat_actor": "Kimwolf", "patch_ready": false, "insight": "US and Canadian authorities arrested a Canadian man suspected o..
9:10 am, May 22, 2026 Cybersecurity
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
{ "priority": "CRITICAL", "cve": "CVE-2025-34291", "target": "Langflow and Trend Micro Apex One", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA added exploited Langflow and ..
7:10 am, May 22, 2026 Cybersecurity
Cross-Platform NPM Stealer, (Fri, May 22nd)
{ "priority": "INFO", "cve": "N/A", "target": "Node.js", "threat_actor": "N/A", "patch_ready": false, "insight": "A Node.js stealer with obfuscated code was analyzed statically, with a SHA..
7:10 am, May 22, 2026 Cybersecurity
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
{"priority": "CRITICAL", "cve": "CVE-2026-20223", "target": "Cisco Secure Workload", "threat_actor": "N/A", "patch_ready": true, "insight": "Cisco patches a CVSS 10.0 flaw in Secure Workload REST API ..
6:10 am, May 22, 2026 Cybersecurity
ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, May 22, 2026 Cybersecurity
Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "Kimwolf", "patch_ready": false, "insight": "Canadian authorities arrested a 23-year-old man suspected of building and o..
10:10 pm, May 21, 2026 Cybersecurity
Google accidentally exposed details of unfixed Chromium flaw
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device...
7:10 pm, May 21, 2026 Cybersecurity
Apple blocked over $11 billion in App Store fraud in 6 years
{ "priority": "INFO", "cve": "N/A", "target": "Apple App Store", "threat_actor": "N/A", "patch_ready": false, "insight": "Apple blocked over $11 billion in App Store fraud in 6 years." }
4:10 pm, May 21, 2026 Cybersecurity
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
{ "priority": "HIGH", "cve": "N/A", "target": "Linux", "threat_actor": "Showboat", "patch_ready": false, "insight": "New Linux malware Showboat targets Middle East telecom with SOCKS5 prox..
3:10 pm, May 21, 2026 Cybersecurity
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The bulletin highlights a worrying trend where attackers are exploiting truste..
2:10 pm, May 21, 2026 Cybersecurity
Selective HTTP Proxying in Linux, (Thu, May 21st)
{"priority":"INFO","cve":"N/A","target":"Linux","threat_actor":"N/A","patch_ready":false,"insight":"A technical discussion on selective HTTP proxying in Linux, highlighting the utility of tools like P..
2:10 pm, May 21, 2026 Cybersecurity
Max severity Cisco Secure Workload flaw gives Site Admin privileges
{ "priority": "CRITICAL", "cve": "N/A", "target": "Cisco Secure Workload", "threat_actor": "N/A", "patch_ready": true, "insight": "Cisco Secure Workload vulnerability allows attackers to g..
2:10 pm, May 21, 2026 Cybersecurity
Chinese hackers target telcos with new Linux, Windows malware
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]
2:10 pm, May 21, 2026 Cybersecurity
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how modern crypto drainers use phishing and automation t..
2:10 pm, May 21, 2026 Cybersecurity
Police seize “First VPN” service used in ransomware, data theft attacks
{"priority": "INFO", "cve": "N/A", "target": "First VPN", "threat_actor": "N/A", "patch_ready": false, "insight": "Police seized 'First VPN' service used in ransomware and data theft attacks."}
1:10 pm, May 21, 2026 Cybersecurity
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091, is rated 7.8 on the..
12:10 pm, May 21, 2026 Cybersecurity
When Identity is the Attack Path
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one mis..
11:10 am, May 21, 2026 Cybersecurity
Flipper One project needs community help to build open Linux platform
Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. [...]
11:10 am, May 21, 2026 Cybersecurity
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
{ "priority": "CRITICAL", "cve": "CVE-2026-46333", "target": "Linux kernel", "threat_actor": "N/A", "patch_ready": false, "insight": "A 9-year-old Linux kernel flaw enables root command ex..
9:10 am, May 21, 2026 Cybersecurity
Microsoft warns of new Defender zero-days exploited in attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Defender", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft warns of new Defender zero-days exploited in attac..
8:10 am, May 21, 2026 Cybersecurity
GitHub links repo breach to TanStack npm supply-chain attack
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "N/A", "patch_ready": false, "insight": "GitHub repository breach linked to TanStack npm supply-chain attack via mal..
7:10 am, May 21, 2026 Cybersecurity
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
{"priority":"CRITICAL","cve":"CVE-2026-9082","target":"Drupal Core","threat_actor":"N/A","patch_ready":true,"insight":"A highly critical Drupal Core flaw exposes PostgreSQL sites to RCE attacks"}
5:10 am, May 21, 2026 Cybersecurity
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
``` { "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "Nx Console", "patch_ready": false, "insight": "GitHub's internal repositories were breached through a malicious..
5:10 am, May 21, 2026 Cybersecurity
ISC Stormcast For Thursday, May 21st, 2026 https://isc.sans.edu/podcastdetail/9940, (Thu, May 21st)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast details for Thursday, May 21st, 2026." }
2:10 am, May 21, 2026 Cybersecurity
Hackers bypass SonicWall VPN MFA due to incomplete patching
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. [...]
10:10 pm, May 20, 2026 Cybersecurity
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
{ "priority": "HIGH", "cve": "N/A", "target": "Online store in California", "threat_actor": "18-year-old man from Odesa", "patch_ready": false, "insight": "Ukrainian cyberpolice identified..
10:10 pm, May 20, 2026 Cybersecurity
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
{ "priority": "INFO", "cve": "N/A", "target": "AI agents", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft releases open-source tools RAMPART and Clarity to enhance secu..
5:10 pm, May 20, 2026 Cybersecurity
Grafana breach caused by missed token rotation after TanStack attack
{"priority":"MEDIUM","cve":"N/A","target":"Grafana","threat_actor":"N/A","patch_ready":false,"insight":"A Grafana data breach occurred due to a missed token rotation following the TanStack npm supply-..
4:10 pm, May 20, 2026 Cybersecurity
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Artifact Signing system", "threat_actor": "Fox Tempest", "patch_ready": false, "insight": "Microsoft disrupted a malware-signing-as..
3:10 pm, May 20, 2026 Cybersecurity
Agent AI is Coming. Are You Ready?
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the release of Orchid Security's Identity Gap: Snapshot ..
2:10 pm, May 20, 2026 Cybersecurity
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
{ "priority": "HIGH", "cve": "N/A", "target": "N/A", "threat_actor": "Webworm", "patch_ready": false, "insight": "Webworm deploys custom backdoors EchoCreep and GraphWorm using Discord and..
2:10 pm, May 20, 2026 Cybersecurity
Identity Alone Isn't Enough: Why Device Security Has to Share the Load
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Device security is crucial in addition to identity checks to prevent attackers..
2:10 pm, May 20, 2026 Cybersecurity
Drupal critical update to fix bug with high exploitation risk
{"priority": "CRITICAL", "cve": "N/A", "target": "Drupal", "threat_actor": "N/A", "patch_ready": true, "insight": "Drupal announces a core security release to fix a bug with high exploitation risk, wa..
1:10 pm, May 20, 2026 Cybersecurity
Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Typosquatting now involves AI-generated lookalike domains embedded in third-pa..
11:10 am, May 20, 2026 Cybersecurity
Exploit released for new PinTheft Arch Linux root escalation flaw
{"priority": "HIGH", "cve": "N/A", "target": "Arch Linux", "threat_actor": "N/A", "patch_ready": false, "insight": "Public exploit released for PinTheft Linux privilege escalation flaw allowing root a..
11:10 am, May 20, 2026 Cybersecurity
GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos
{"priority":"HIGH","cve":"N/A","target":"GitHub","threat_actor":"TeamPCP","patch_ready":false,"insight":"GitHub experienced a breach due to an employee device hack, leading to the exfiltration of over..
10:10 am, May 20, 2026 Cybersecurity
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
{ "priority": "HIGH", "cve": "CVE-2026-45585", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft released mitigation for YellowKey BitLocker bypass vu..
10:10 am, May 20, 2026 Cybersecurity
GitHub confirms breach of 3,800 repos via malicious VSCode extension
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "N/A", "patch_ready": false, "insight": "GitHub confirmed a breach of 3,800 internal repositories due to a malicious..
9:10 am, May 20, 2026 Cybersecurity
Microsoft shares mitigation for YellowKey Windows zero-day
{ "priority": "CRITICAL", "cve": "N/A", "target": "Windows BitLocker", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft shared mitigations for a YellowKey Windows zero-da..
8:10 am, May 20, 2026 Cybersecurity
Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
{ "priority": "INFO", "cve": "N/A", "target": "Grafana Labs GitHub", "threat_actor": "N/A", "patch_ready": false, "insight": "Grafana Labs reported a breach in its GitHub environment, expo..
6:10 am, May 20, 2026 Cybersecurity
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "TeamPCP", "patch_ready": false, "insight": "GitHub investigating unauthorized access to internal repositories after..
5:10 am, May 20, 2026 Cybersecurity
GitHub investigates internal repositories breach claimed by TeamPCP
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "TeamPCP", "patch_ready": false, "insight": "GitHub investigates breach of internal repositories claimed by TeamPCP ..
5:10 am, May 20, 2026 Cybersecurity
ISC Stormcast For Wednesday, May 20th, 2026 https://isc.sans.edu/podcastdetail/9938, (Wed, May 20th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast for Wednesday, May 20th, 2026, providing cybersecurity u..
2:10 am, May 20, 2026 Cybersecurity
Max-severity flaw in ChromaDB for AI apps allows server hijacking
{ "priority": "CRITICAL", "cve": "N/A", "target": "ChromaDB", "threat_actor": "N/A", "patch_ready": false, "insight": "Unauthenticated attackers can run arbitrary code on exposed ChromaDB ..
12:10 am, May 20, 2026 Cybersecurity
Cybercrime service disrupted for abusing Microsoft platform to sign malware
{"priority":"HIGH","cve":"N/A","target":"Microsoft Artifact Signing service","threat_actor":"Malware gangs","patch_ready":true,"insight":"Microsoft disrupted a malware-signing-as-a-service operation t..
10:10 pm, May 19, 2026 Cybersecurity
AI Testing
