List cybersec
YARA-X 1.16.0 Release, (Sun, May 10th)
{ "priority": "INFO", "cve": "N/A", "target": "YARA-X", "threat_actor": "N/A", "patch_ready": false, "insight": "YARA-X version 1.16.0 has been released with 4 improvements and 4 bugfixes...
11:10 pm, May 10, 2026 Cybersecurity
Hackers abuse Google ads, Claude.ai chats to push Mac malware
{ "priority": "HIGH", "cve": "N/A", "target": "Mac users", "threat_actor": "N/A", "patch_ready": false, "insight": "Attackers are abusing Google Ads and Claude.ai shared chats to push Mac ..
6:10 pm, May 10, 2026 Cybersecurity
Police shut down reboot of Crimenetwork marketplace, arrest admin
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "German authorities shut down a relaunched version of the Crimenetwork marketpl..
3:10 pm, May 10, 2026 Cybersecurity
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
{ "priority": "CRITICAL", "cve": "CVE-2026-7482", "target": "Ollama", "threat_actor": "N/A", "patch_ready": true, "insight": "A critical out-of-bounds read vulnerability in Ollama allows r..
1:10 pm, May 10, 2026 Cybersecurity
JDownloader site hacked to replace installers with Python RAT malware
The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-base..
8:10 pm, May 9, 2026 Cybersecurity
Fake OpenAI repository on Hugging Face pushes infostealer malware
{"priority":"HIGH","cve":"N/A","target":"Hugging Face","threat_actor":"Unknown","patch_ready":false,"insight":"Malicious Hugging Face repository impersonates OpenAI's Privacy Filter project to deliver..
3:10 pm, May 9, 2026 Cybersecurity
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The li..
8:10 am, May 9, 2026 Cybersecurity
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tra..
7:10 pm, May 8, 2026 Cybersecurity
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
{ "priority": "HIGH", "cve": "N/A", "target": "Google Play Store", "threat_actor": "Fraudsters", "patch_ready": false, "insight": "Fraudulent apps on Google Play Store tricked users into f..
5:10 pm, May 8, 2026 Cybersecurity
NVIDIA confirms GeForce NOW data breach affecting Armenian users
{"priority":"MEDIUM","cve":"N/A","target":"GeForce NOW","threat_actor":"N/A","patch_ready":false,"insight":"NVIDIA confirmed a data breach affecting GeForce NOW users, exposing user information."}
5:10 pm, May 8, 2026 Cybersecurity
Trellix source code breach claimed by RansomHouse hackers
{"priority": "HIGH", "cve": "N/A", "target": "Trellix source code", "threat_actor": "RansomHouse", "patch_ready": false, "insight": "RansomHouse hackers claim breach of Trellix source code repository,..
2:10 pm, May 8, 2026 Cybersecurity
Why More Analysts Won’t Solve Your SOC’s Alert Problem
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how AI can help analysts investigate alerts faster and f..
2:10 pm, May 8, 2026 Cybersecurity
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
{ "priority": "CRITICAL", "cve": "N/A", "target": "Ivanti Endpoint Manager Mobile (EPMM)", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA mandates federal agencies to patch I..
1:10 pm, May 8, 2026 Cybersecurity
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
{ "priority": "HIGH", "cve": "N/A", "target": "Linux", "threat_actor": "N/A", "patch_ready": false, "insight": "Quasar Linux RAT (QLNX) targets developers' systems to steal credentials and..
12:10 pm, May 8, 2026 Cybersecurity
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
{ "priority": "HIGH", "cve": "N/A", "target": "Linux", "threat_actor": "darkworm", "patch_ready": false, "insight": "A new Linux backdoor named PamDOORa is being sold on a Russian cybercri..
11:10 am, May 8, 2026 Cybersecurity
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A recent report analyzing 25M security alerts across enterprise environments reveals that d..
11:10 am, May 8, 2026 Cybersecurity
Zara data breach exposed personal information of 197,000 people
{ "priority": "HIGH", "cve": "N/A", "target": "Zara", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers stole personal data of 197,000 Zara customers." }
11:10 am, May 8, 2026 Cybersecurity
Former govt contractor convicted for wiping dozens of federal databases
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A former government contractor was convicted for conspiring to destroy dozens o..
9:10 am, May 8, 2026 Cybersecurity
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
{"priority": "HIGH", "cve": "N/A", "target": "Linux Kernel", "threat_actor": "N/A", "patch_ready": false, "insight": "New unpatched LPE vulnerability 'Dirty Frag' in Linux kernel enables root access a..
8:10 am, May 8, 2026 Cybersecurity
New Linux 'Dirty Frag' zero-day gives root on all major distros
A new Linux zero-day vulnerability, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command. [...]
8:10 am, May 8, 2026 Cybersecurity
Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)
{ "priority": "HIGH", "cve": "N/A", "target": "Linux kernel", "threat_actor": "N/A", "patch_ready": false, "insight": "Another local privilege escalation vulnerability, 'Dirty Frag,' is di..
8:10 am, May 8, 2026 Cybersecurity
Canvas Breach Disrupts Schools & Colleges Nationwide
{ "priority": "HIGH", "cve": "N/A", "target": "Canvas education technology platform", "threat_actor": "Unnamed cybercrime group", "patch_ready": false, "insight": "A data extortion attack ..
3:10 am, May 8, 2026 Cybersecurity
ISC Stormcast For Friday, May 8th, 2026 https://isc.sans.edu/podcastdetail/9924, (Fri, May 8th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast details for Friday, May 8th, 2026." }
2:10 am, May 8, 2026 Cybersecurity
Canvas login portals hacked in mass ShinyHunters extortion campaign
{ "priority": "HIGH", "cve": "N/A", "target": "Canvas login portals", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "ShinyHunters extortion gang breached Instructure, de..
11:10 pm, May 7, 2026 Cybersecurity
New TCLBanker malware self-spreads over WhatsApp and Outlook
{ "priority": "HIGH", "cve": "N/A", "target": "TCLBanker", "threat_actor": "N/A", "patch_ready": false, "insight": "New TCLBanker malware self-spreads over WhatsApp and Outlook, targeting ..
10:10 pm, May 7, 2026 Cybersecurity
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
{ "priority": "HIGH", "cve": "N/A", "target": "Cloud Systems", "threat_actor": "PCPJack", "patch_ready": false, "insight": "PCPJack is a credential stealer that exploits 5 CVEs to spread a..
7:10 pm, May 7, 2026 Cybersecurity
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
{ "priority": "HIGH", "cve": "CVE-2026-6973", "target": "Ivanti EPMM", "threat_actor": "N/A", "patch_ready": true, "insight": "Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grant..
7:10 pm, May 7, 2026 Cybersecurity
New PCPJack worm steals credentials, cleans TeamPCP infections
{ "priority": "HIGH", "cve": "N/A", "target": "cloud infrastructure", "threat_actor": "PCPJack", "patch_ready": false, "insight": "PCPJack malware framework steals credentials from exposed..
7:10 pm, May 7, 2026 Cybersecurity
Australia warns of ClickFix attacks pushing Vidar Stealer malware
{ "priority": "HIGH", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Australian Cyber Security Center warns of ClickFix attacks distributing Vidar ..
6:10 pm, May 7, 2026 Cybersecurity
Ivanti warns of new EPMM flaw exploited in zero-day attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Ivanti Endpoint Manager Mobile (EPMM)", "threat_actor": "N/A", "patch_ready": true, "insight": "Ivanti warns of a high-severity remote co..
4:10 pm, May 7, 2026 Cybersecurity
One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth Breaches
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The hardest part of cybersecurity isn't the technology, it's the people." }
3:10 pm, May 7, 2026 Cybersecurity
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026. The vulnerability in question is..
2:10 pm, May 7, 2026 Cybersecurity
Americans sentenced for running 'laptop farms' for North Korea
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Two U.S. nationals were sentenced for operating 'laptop farms' that aided North..
2:10 pm, May 7, 2026 Cybersecurity
The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how modern security controls are being bypassed by data ..
2:10 pm, May 7, 2026 Cybersecurity
Crypto gang member gets 6.5 years for role in $230 million heist
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "Crypto gang", "patch_ready": false, "insight": "A member of a cryptocurrency gang was sentenced to 6.5 years in prison ..
1:10 pm, May 7, 2026 Cybersecurity
Day Zero Readiness: The Operational Gaps That Break Incident Response
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article highlights the importance of operational readiness in incident res..
12:10 pm, May 7, 2026 Cybersecurity
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The ThreatsDay Bulletin discusses various cybersecurity threats, including the..
12:10 pm, May 7, 2026 Cybersecurity
Webinar: Why modern attacks require both security and recovery
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A webinar discussing the importance of combining security and recovery to redu..
12:10 pm, May 7, 2026 Cybersecurity
Palo Alto Networks firewall zero-day exploited for nearly a month
Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month. [...]
11:10 am, May 7, 2026 Cybersecurity
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
{ "priority": "HIGH", "cve": "N/A", "target": "PyPI Packages", "threat_actor": "N/A", "patch_ready": false, "insight": "Three PyPI packages deliver ZiChatBot malware via Zulip APIs on Wind..
10:10 am, May 7, 2026 Cybersecurity
Fake Claude AI website delivers new 'Beagle' Windows malware
{ "priority": "HIGH", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "A fake Claude AI website is distributing a new undocumented backdoor malwa..
10:10 am, May 7, 2026 Cybersecurity
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible sys..
5:10 am, May 7, 2026 Cybersecurity
An Adaptive Cyber Analytics UI for Web Honeypot Logs [Guest Diary], (Wed, May 6th)
[This is a Guest Diary by Eric Roldan, an ISC intern as part of the SANS.edu BACS program]
2:10 am, May 7, 2026 Cybersecurity
ISC Stormcast For Thursday, May 7th, 2026 https://isc.sans.edu/podcastdetail/9922, (Thu, May 7th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, May 7, 2026 Cybersecurity
Hackers abuse Google ads for GoDaddy ManageWP login phishing
{"priority": "HIGH", "cve": "N/A", "target": "ManageWP", "threat_actor": "N/A", "patch_ready": false, "insight": "Phishers are abusing Google ads to target ManageWP credentials, aiming to harvest logi..
10:10 pm, May 6, 2026 Cybersecurity
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
{ "priority": "HIGH", "cve": "N/A", "target": "IoT Devices with ADB", "threat_actor": "xlabs_v1", "patch_ready": false, "insight": "New Mirai-derived botnet xlabs_v1 targets IoT devices wi..
9:10 pm, May 6, 2026 Cybersecurity
Critical vm2 sandbox bug lets attackers execute code on hosts
{ "priority": "CRITICAL", "cve": "N/A", "target": "vm2", "threat_actor": "N/A", "patch_ready": false, "insight": "A critical vulnerability in vm2 allows attackers to escape the sandbox and..
7:10 pm, May 6, 2026 Cybersecurity
New Cisco DoS flaw requires manual reboot to revive devices
Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems for recovery. [...]
6:10 pm, May 6, 2026 Cybersecurity
DAEMON Tools devs confirm breach, release malware-free version
{ "priority": "CRITICAL", "cve": "N/A", "target": "DAEMON Tools Lite", "threat_actor": "N/A", "patch_ready": true, "insight": "DAEMON Tools devs confirm breach, release malware-free versio..
5:10 pm, May 6, 2026 Cybersecurity
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Teams", "threat_actor": "MuddyWater", "patch_ready": false, "insight": "MuddyWater uses Microsoft Teams to steal credentials in a f..
3:10 pm, May 6, 2026 Cybersecurity
AI Testing
