List cybersec
What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The biggest security risk in organizations often comes from trusted utilities ..
12:10 pm, May 15, 2026 Cybersecurity
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
{ "priority": "MEDIUM", "cve": "N/A", "target": "OpenAI", "threat_actor": "N/A", "patch_ready": false, "insight": "Two OpenAI employee devices were impacted by the TanStack supply chain at..
12:10 pm, May 15, 2026 Cybersecurity
Microsoft to automatically roll back faulty Windows drivers
{ "priority": "INFO", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft introduces a feature to remotely roll back faulty Windows driver..
1:10 pm, May 15, 2026 Cybersecurity
Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The REMUS infostealer has evolved to focus on session theft and operational sc..
2:10 pm, May 15, 2026 Cybersecurity
Microsoft backpedals: Edge to stop loading passwords into memory
{ "priority": "MEDIUM", "cve": "N/A", "target": "Microsoft Edge", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft Edge update will prevent loading of saved passwords into..
3:10 pm, May 15, 2026 Cybersecurity
Avada Builder WordPress plugin flaws allow site credential theft
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the data..
4:10 pm, May 15, 2026 Cybersecurity
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
{ "priority": "HIGH", "cve": "N/A", "target": "OpenClaw", "threat_actor": "N/A", "patch_ready": false, "insight": "Four security flaws in OpenClaw can be chained for data theft, privilege ..
4:10 pm, May 15, 2026 Cybersecurity
Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Exchange, Windows 11", "threat_actor": "N/A", "patch_ready": false, "insight": "Multiple zero-day vulnerabilities exploited in ..
6:10 pm, May 15, 2026 Cybersecurity
Popular node-ipc npm package compromised to steal credentials
Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. [...]
6:10 pm, May 15, 2026 Cybersecurity
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
{ "priority": "HIGH", "cve": "N/A", "target": "Kazuar Backdoor", "threat_actor": "Turla", "patch_ready": false, "insight": "Turla transforms Kazuar backdoor into a modular P2P botnet for p..
6:10 pm, May 15, 2026 Cybersecurity
Funnel Builder WordPress plugin bug exploited to steal credit cards
{ "priority": "HIGH", "cve": "N/A", "target": "Funnel Builder WordPress plugin", "threat_actor": "N/A", "patch_ready": false, "insight": "Critical vulnerability in Funnel Builder WordPress..
8:10 pm, May 15, 2026 Cybersecurity
Russian hackers turn Kazuar backdoor into modular P2P botnet
{ "priority": "HIGH", "cve": "N/A", "target": "Kazuar backdoor", "threat_actor": "Secret Blizzard", "patch_ready": false, "insight": "Russian hackers have upgraded their Kazuar backdoor to..
3:10 pm, May 16, 2026 Cybersecurity
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
``` { "priority": "HIGH", "cve": "N/A", "target": "Funnel Builder plugin for WordPress", "threat_actor": "N/A", "patch_ready": false, "insight": "Active exploitation of Funnel Builder plug..
5:10 pm, May 16, 2026 Cybersecurity
Microsoft rejects critical Azure vulnerability report, no CVE issued
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Azure Backup for AKS", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft disputes a report of a critical Azure Bac..
9:10 pm, May 16, 2026 Cybersecurity
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
{ "priority": "HIGH", "cve": "N/A", "target": "Grafana", "threat_actor": "N/A", "patch_ready": false, "insight": "Grafana disclosed a GitHub token breach leading to codebase download and e..
8:10 am, May 17, 2026 Cybersecurity
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts. [...]
3:10 pm, May 17, 2026 Cybersecurity
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
{"priority":"CRITICAL","cve":"CVE-2026-42945","target":"NGINX","threat_actor":"N/A","patch_ready":false,"insight":"CVE-2026-42945 heap buffer overflow in ngx_http_rewrite_module is under active exploi..
3:10 pm, May 17, 2026 Cybersecurity
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
{"priority": "CRITICAL", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "A zero-day exploit called MiniPlasma allows attackers to gain SYSTEM privileges on ..
11:10 pm, May 17, 2026 Cybersecurity
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
{ "priority": "INFO", "cve": "N/A", "target": "Pwn2Own Berlin 2026", "threat_actor": "N/A", "patch_ready": false, "insight": "Security researchers earned $1,298,250 by exploiting 47 zero-d..
6:10 am, May 18, 2026 Cybersecurity
Exploit available for new DirtyDecrypt Linux root escalation flaw
{ "priority": "HIGH", "cve": "N/A", "target": "Linux kernel's rxgk module", "threat_actor": "N/A", "patch_ready": true, "insight": "A proof-of-concept exploit is available for a recently p..
8:10 am, May 18, 2026 Cybersecurity
Microsoft confirms Windows 11 security update install issues
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft confirms installation issues with Windows 11 security updat..
9:10 am, May 18, 2026 Cybersecurity
Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
{ "priority": "MEDIUM", "cve": "N/A", "target": "Nuclear Weapons Simulations", "threat_actor": "N/A", "patch_ready": false, "insight": "Fast16 malware was designed to tamper with nuclear w..
9:10 am, May 18, 2026 Cybersecurity
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
{ "priority": "CRITICAL", "cve": "N/A", "target": "Windows Cloud Files Mini Filter Driver (cldflt.sys)", "threat_actor": "Chaotic Eclipse", "patch_ready": false, "insight": "A zero-day vul..
9:10 am, May 18, 2026 Cybersecurity
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
{ "priority": "HIGH", "cve": "N/A", "target": "npm packages", "threat_actor": "N/A", "patch_ready": false, "insight": "Four malicious npm packages (chalk-tempalte, @deadcode09284814/axios-..
11:10 am, May 18, 2026 Cybersecurity
Developer Workstations Are Now Part of the Software Supply Chain
{"priority":"HIGH","cve":"N/A","target":"Developer Workstations","threat_actor":"N/A","patch_ready":false,"insight":"Supply chain attackers target developer workstations to steal access and secrets, i..
12:10 pm, May 18, 2026 Cybersecurity
Microsoft testing adjustable taskbar, Start menu in Windows 11
{ "priority": "INFO", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft is testing a resizable taskbar and Start menu in Windows 11."..
12:10 pm, May 18, 2026 Cybersecurity
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
{"priority": "CRITICAL", "cve": "CVE-2026-8043", "target": "Ivanti Xtraction", "threat_actor": "N/A", "patch_ready": true, "insight": "Ivanti Xtraction has a critical flaw (CVE-2026-8043, CVSS score: ..
12:10 pm, May 18, 2026 Cybersecurity
Grafana says stolen GitHub token let hackers steal codebase
Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. [...]
2:10 pm, May 18, 2026 Cybersecurity
How to Reduce Phishing Exposure Before It Turns into Business Disruption
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks ..
2:10 pm, May 18, 2026 Cybersecurity
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the fami..
4:10 pm, May 18, 2026 Cybersecurity
Leaked Shai-Hulud malware fuels new npm infostealer campaign
The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend. [...]
6:10 pm, May 18, 2026 Cybersecurity
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "INTERPOL's Operation Ramz resulted in 201 arrests and 382 identified suspects ..
6:10 pm, May 18, 2026 Cybersecurity
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
Many employees already use shadow AI tools at work without security review. Adaptive Security breaks down how teams can build practical AI governance without adding friction for employees. [...]
7:10 pm, May 18, 2026 Cybersecurity
CISA Admin Leaked AWS GovCloud Keys on Github
{ "priority": "CRITICAL", "cve": "N/A", "target": "AWS GovCloud", "threat_actor": "CISA Admin", "patch_ready": false, "insight": "CISA contractor leaked AWS GovCloud keys and internal syst..
9:10 pm, May 18, 2026 Cybersecurity
TeamPCP Supply Chain Campaign: Activity Through 2026-05-17, (Mon, May 18th)
{ "priority": "HIGH", "cve": "N/A", "target": "Checkmarx Jenkins plugin", "threat_actor": "TeamPCP", "patch_ready": false, "insight": "TeamPCP supply chain campaign includes confirmed Chec..
9:10 pm, May 18, 2026 Cybersecurity
SHub macOS infostealer variant spoofs Apple security updates
A new variant of the 'SHub' macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor. [...]
10:10 pm, May 18, 2026 Cybersecurity
INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "INTERPOL's Operation Ramz resulted in the seizure of 53 malware and phishing se..
11:10 pm, May 18, 2026 Cybersecurity
ISC Stormcast For Tuesday, May 19th, 2026 https://isc.sans.edu/podcastdetail/9936, (Tue, May 19th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, May 19, 2026 Cybersecurity
GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub Actions", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors compromised the GitHub Actions workflow actions-cool/..
6:10 am, May 19, 2026 Cybersecurity
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-H..
6:10 am, May 19, 2026 Cybersecurity
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub Actions workflow", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors compromised the GitHub Actions workflow acti..
7:10 am, May 19, 2026 Cybersecurity
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
{ "priority": "HIGH", "cve": "N/A", "target": "Nx Console extension (rwl.angular-console) version 18.95.0", "threat_actor": "N/A", "patch_ready": false, "insight": "A compromised Nx Consol..
9:10 am, May 19, 2026 Cybersecurity
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enabl..
11:10 am, May 19, 2026 Cybersecurity
Microsoft confirms patching issues in restricted Windows networks
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft confirms patching issues in restricted Windows networks with J..
12:10 pm, May 19, 2026 Cybersecurity
Webinar: The hidden bottlenecks in network incident response
IT teams are increasingly overwhelmed by alerts from disconnected systems, forcing responders to manually coordinate investigations during network incidents. This webinar explores how automation and A..
1:10 pm, May 19, 2026 Cybersecurity
The New Phishing Click: How OAuth Consent Bypasses MFA
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft 365", "threat_actor": "EvilTokens", "patch_ready": false, "insight": "EvilTokens PhaaS platform compromises 340+ Microsoft 365 orgs..
1:10 pm, May 19, 2026 Cybersecurity
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
{ "priority": "CRITICAL", "cve": "N/A", "target": "Drupal", "threat_actor": "N/A", "patch_ready": false, "insight": "Drupal will release a core security update on May 20, 2026, at 5-9 p.m...
1:10 pm, May 19, 2026 Cybersecurity
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
{ "priority": "MEDIUM", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft's critical vulnerability count doubled in 2025, with attacke..
2:10 pm, May 19, 2026 Cybersecurity
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
{"priority":"HIGH","cve":"CVE-2026-31635","target":"Linux Kernel","threat_actor":"N/A","patch_ready":true,"insight":"Proof-of-concept exploit code released for DirtyDecrypt LPE vulnerability in Linux ..
3:10 pm, May 19, 2026 Cybersecurity
New Shai-Hulud malware wave compromises 600 npm packages
Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign. [...]
3:10 pm, May 19, 2026 Cybersecurity
AI Testing
