List cybersec
Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Exchange, Windows 11", "threat_actor": "N/A", "patch_ready": false, "insight": "Multiple zero-day vulnerabilities exploited in ..
6:10 pm, May 15, 2026 Cybersecurity
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
{ "priority": "HIGH", "cve": "N/A", "target": "OpenClaw", "threat_actor": "N/A", "patch_ready": false, "insight": "Four security flaws in OpenClaw can be chained for data theft, privilege ..
4:10 pm, May 15, 2026 Cybersecurity
Avada Builder WordPress plugin flaws allow site credential theft
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the data..
4:10 pm, May 15, 2026 Cybersecurity
Microsoft backpedals: Edge to stop loading passwords into memory
{ "priority": "MEDIUM", "cve": "N/A", "target": "Microsoft Edge", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft Edge update will prevent loading of saved passwords into..
3:10 pm, May 15, 2026 Cybersecurity
Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The REMUS infostealer has evolved to focus on session theft and operational sc..
2:10 pm, May 15, 2026 Cybersecurity
Microsoft to automatically roll back faulty Windows drivers
{ "priority": "INFO", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft introduces a feature to remotely roll back faulty Windows driver..
1:10 pm, May 15, 2026 Cybersecurity
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
{ "priority": "MEDIUM", "cve": "N/A", "target": "OpenAI", "threat_actor": "N/A", "patch_ready": false, "insight": "Two OpenAI employee devices were impacted by the TanStack supply chain at..
12:10 pm, May 15, 2026 Cybersecurity
What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The biggest security risk in organizations often comes from trusted utilities ..
12:10 pm, May 15, 2026 Cybersecurity
Microsoft warns of Exchange zero-day flaw exploited in attacks
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while..
10:10 am, May 15, 2026 Cybersecurity
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
{ "priority": "HIGH", "cve": "CVE-2026-42897", "target": "Microsoft Exchange Server", "threat_actor": "N/A", "patch_ready": false, "insight": "CVE-2026-42897 is an actively exploited spoof..
7:10 am, May 15, 2026 Cybersecurity
[Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "New malware libraries require new signatures." }
7:10 am, May 15, 2026 Cybersecurity
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
{"priority": "CRITICAL", "cve": "CVE-2026-20182", "target": "Cisco SD-WAN", "threat_actor": "N/A", "patch_ready": false, "insight": "CISA added CVE-2026-20182 to KEV catalog due to admin access exploi..
6:10 am, May 15, 2026 Cybersecurity
ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
5:10 am, May 15, 2026 Cybersecurity
TeamPCP hackers advertise Mistral AI code repos for sale
The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. [...]
11:10 pm, May 14, 2026 Cybersecurity
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
{ "priority": "HIGH", "cve": "N/A", "target": "Burst Statistics WordPress plugin", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers are exploiting a critical authentication..
9:10 pm, May 14, 2026 Cybersecurity
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
{ "priority": "CRITICAL", "cve": "CVE-2026-20182", "target": "Cisco Catalyst SD-WAN Controller", "threat_actor": "N/A", "patch_ready": false, "insight": "Cisco warns of critical SD-WAN fla..
8:10 pm, May 14, 2026 Cybersecurity
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different ve..
7:10 pm, May 14, 2026 Cybersecurity
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
{"priority": "CRITICAL", "cve": "CVE-2026-20182", "target": "Cisco Catalyst SD-WAN Controller", "threat_actor": "N/A", "patch_ready": true, "insight": "Cisco Catalyst SD-WAN Controller Auth Bypass Act..
7:10 pm, May 14, 2026 Cybersecurity
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. [...]
7:10 pm, May 14, 2026 Cybersecurity
OpenAI confirms security breach in TanStack supply chain attack
OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for..
7:10 pm, May 14, 2026 Cybersecurity
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Weekly threat bulletin covering various cybersecurity issues." }
6:10 pm, May 14, 2026 Cybersecurity
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Cargo theft now involves cybercrime tactics like phishing emails and stolen cr..
4:10 pm, May 14, 2026 Cybersecurity
18-year-old NGINX vulnerability allows DoS, potential RCE
``` { "priority": "HIGH", "cve": "N/A", "target": "NGINX", "threat_actor": "N/A", "patch_ready": false, "insight": "An 18-year-old NGINX vulnerability can be exploited for denial of servic..
4:10 pm, May 14, 2026 Cybersecurity
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
{ "priority": "HIGH", "cve": "N/A", "target": "Ukrainian Government", "threat_actor": "Ghostwriter", "patch_ready": false, "insight": "Ghostwriter targets Ukrainian government with geofenc..
3:10 pm, May 14, 2026 Cybersecurity
KongTuke hackers now use Microsoft Teams for corporate breaches
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Teams", "threat_actor": "KongTuke", "patch_ready": false, "insight": "KongTuke hackers now use Microsoft Teams for social engineeri..
1:10 pm, May 14, 2026 Cybersecurity
How AI Hallucinations Are Creating Real Security Risks
{ "priority": "MEDIUM", "cve": "N/A", "target": "AI models", "threat_actor": "N/A", "patch_ready": false, "insight": "AI hallucinations introduce security risks by generating inaccurate ye..
12:10 pm, May 14, 2026 Cybersecurity
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
{ "priority": "HIGH", "cve": "CVE-2026-44338", "target": "PraisonAI", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors are exploiting CVE-2026-44338, an auth bypass v..
12:10 pm, May 14, 2026 Cybersecurity
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
{"priority": "CRITICAL", "cve": "N/A", "target": "Windows", "threat_actor": "Chaotic Eclipse", "patch_ready": false, "insight": "Two new zero-days in Windows, YellowKey and GreenPlasma, allow BitLocke..
10:10 am, May 14, 2026 Cybersecurity
Dell confirms its SupportAssist software causes Windows BSOD crashes
Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots affecting Dell devices since Friday. [...]
10:10 am, May 14, 2026 Cybersecurity
US charges suspected Dream Market admin arrested in Germany
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "US charges alleged admin of Dream Market with money laundering." }
9:10 am, May 14, 2026 Cybersecurity
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
{ "priority": "HIGH", "cve": "CVE-2026-46300", "target": "Linux Kernel", "threat_actor": "N/A", "patch_ready": false, "insight": "New Fragnesia Linux Kernel LPE vulnerability CVE-2026-4630..
8:10 am, May 14, 2026 Cybersecurity
New Fragnesia Linux flaw lets attackers gain root privileges
{ "priority": "HIGH", "cve": "CVE-2026-46300", "target": "Linux", "threat_actor": "N/A", "patch_ready": true, "insight": "New Fragnasia Linux flaw lets attackers gain root privileges" }
8:10 am, May 14, 2026 Cybersecurity
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
{ "priority": "CRITICAL", "cve": "CVE-2026-42945", "target": "NGINX Plus and NGINX Open", "threat_actor": "N/A", "patch_ready": false, "insight": "An 18-year-old heap buffer overflow flaw ..
7:10 am, May 14, 2026 Cybersecurity
Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th)
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Outlook", "threat_actor": "N/A", "patch_ready": false, "insight": "A method to bypass the link preview function in Outlook's Junk f..
7:10 am, May 14, 2026 Cybersecurity
ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast for Thursday, May 14th, 2026, discussing various cyberse..
5:10 am, May 14, 2026 Cybersecurity
West Pharmaceutical says hackers stole data, encrypted systems
West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. [...]
11:10 pm, May 13, 2026 Cybersecurity
Iranian hackers targeted major South Korean electronics maker
{ "priority": "HIGH", "cve": "N/A", "target": "Major South Korean electronics maker", "threat_actor": "MuddyWater (a.k.a. Seedworm, Static Kitten)", "patch_ready": false, "insight": "Iran-..
10:10 pm, May 13, 2026 Cybersecurity
New critical Exim mailer flaw allows remote code execution
{ "priority": "CRITICAL", "cve": "N/A", "target": "Exim mailer", "threat_actor": "N/A", "patch_ready": true, "insight": "A critical vulnerability in Exim mailer allows unauthenticated remo..
9:10 pm, May 13, 2026 Cybersecurity
Windows BitLocker zero-day gives access to protected drives, PoC released
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Windows BitLocker", "threat_actor": "N/A", "patch_ready": false, "insight": "A cybersecurity researcher published PoC exploits ..
5:10 pm, May 13, 2026 Cybersecurity
Microsoft fixes BitLocker recovery issue only for Windows 11 users
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft fixes BitLocker recovery issue for Windows 11 users" }
4:10 pm, May 13, 2026 Cybersecurity
Webinar tomorrow: Why security alone won't stop modern attacks
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A webinar discusses the importance of combining security, backups, and recover..
4:10 pm, May 13, 2026 Cybersecurity
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "This is a webinar about modern attack paths and how to protect against them." ..
3:10 pm, May 13, 2026 Cybersecurity
Microsoft fixes Windows Autopatch bug installing restricted drivers
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows Autopatch", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft fixed a bug in Windows Autopatch that caused restrict..
3:10 pm, May 13, 2026 Cybersecurity
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Exchange", "threat_actor": "FamousSparrow (aka UAT-9244)", "patch_ready": false, "insight": "A threat actor affiliated with China, ..
2:10 pm, May 13, 2026 Cybersecurity
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
``` { "priority": "INFO", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft's MDASH AI system discovered 16 Windows flaws fixed in Patch ..
2:10 pm, May 13, 2026 Cybersecurity
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft patches 138 vulnerabilities, including DNS and Netlogon RCE..
1:10 pm, May 13, 2026 Cybersecurity
Most Remediation Programs Never Confirm the Fix Actually Worked
Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean time to exploit at a..
1:10 pm, May 13, 2026 Cybersecurity
[Webinar] Why Your AppSec Tools Miss the "Lethal Path" (and How to Fix It)
TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz and Okta/GitLab to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register fo..
1:10 pm, May 13, 2026 Cybersecurity
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Autonomous validation is becoming critical for modern defense strategies due t..
1:10 pm, May 13, 2026 Cybersecurity
Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
Foxconn, the world's largest electronics manufacturer, says some of its North American factories are now working to resume normal operations after a cyberattack. [...]
1:10 pm, May 13, 2026 Cybersecurity
AI Testing
