Cybersecurity Feed

Keywords

CVE- ClickFix Malware Leak Attack 0-day zero-day RCE remote code execution privilege escalation LPE kernel exploit PoC exploit weaponized exploit KEV CISA KEV critical vulnerability supply chain attack dependency hijacking DLL sideloading code injection memory corruption SQL injection SSRF XSS sandbox escape hypervisor escape ransomware data exfiltration lateral movement APT nation state Cobalt Strike Sliver Metasploit malware campaign phishing kit loader infostealer rootkit persistence command and control C2 backdoor Fortinet FortiOS FortiGate GlobalProtect Palo Alto Cortex XDR XSIAM Prisma PAN-OS CrowdStrike SentinelOne Mandiant Elastic Security Azure AD KQL Active Directory Kerberos Golden Ticket pass-the-hash Okta identity breach session hijack exploit

Cyber Security News — 27/05/2026, 09:54:33

GitLab Suspends Windows Exploit Researcher Nightmare-Eclipse After GitHub Ban CVE-2026-33825 Critical Click here

Cyble — 27/05/2026, 09:41:18

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight Critical Click here

Cyber Security News — 27/05/2026, 09:26:52

BIND 9 Software Vulnerabilities Exposes Resolvers and Authoritative Servers to Remote Exploits CVE-2026-3593 Click here

BleepingComputer — 27/05/2026, 01:37:31

KnowledgeDeliver flaw exploited as a zero-day to install web shells Critical Click here

darkreading — 27/05/2026, 01:17:14

Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos Click here

BleepingComputer — 27/05/2026, 01:16:01

Charter confirms data breach after ShinyHunters extortion threat Click here

darkreading — 27/05/2026, 00:48:01

The Hackers Behind Shai-Hulud: Lucky or Skilled? Click here

darkreading — 26/05/2026, 23:55:44

Microsoft Issues Out-of-Band SharePoint Patch Click here

Cyber Security News — 26/05/2026, 23:00:04

Multiple Angular Language Service Extension Vulnerabilities Enable RCE Attacks High Click here

Cyber Security News — 26/05/2026, 22:56:16

How Tier 1 Can Process Alerts 3x Faster with Threat Intelligence High Click here

Cyber Security News — 26/05/2026, 22:19:30

Quasar Linux RAT Targets Developers With Fileless Execution and eBPF Rootkit Click here

SOC Prime — 26/05/2026, 21:41:25

CVE-2026-48095: 7-Zip Heap Buffer Overflow Can Lead to Code Execution CVE-2026-48095 Click here

Cyber Security News — 26/05/2026, 21:38:22

China-Linked Hackers Target Southeast Asian Edge Routers With Custom Linux Implant Click here

Cyber Security News — 26/05/2026, 19:28:50

Microsoft Defender Now Automatically Isolates Compromised Devices to Stop Ransomware High Click here

Cyber Security News — 26/05/2026, 19:03:49

Microsoft SharePoint Server Vulnerability Enables Remote Code Execution Attacks CVE-2026-45659 Critical Click here

SecurityWeek — 26/05/2026, 18:56:17

Iranian APT Targets Aviation, Software Companies With Updated Tools Click here

BleepingComputer — 26/05/2026, 17:49:43

Microsoft Defender can now automatically isolate hacked endpoints Click here

All CISA Advisories — 26/05/2026, 17:30:00

Eppendorf BioFlo 320 CVE-2026-7251 Click here

All CISA Advisories — 26/05/2026, 17:30:00

ABB Ability Camera Connect CVE-2024-46461 High Click here

All CISA Advisories — 26/05/2026, 17:30:00

ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) CVE-2025-3450 High Click here

All CISA Advisories — 26/05/2026, 17:30:00

ABB LVS MConfig CVE-2025-9970 Click here

All CISA Advisories — 26/05/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-48172 Critical Click here

All CISA Advisories — 26/05/2026, 17:30:00

ABB AC500 V2 CVE-2025-7745 Click here

All CISA Advisories — 26/05/2026, 17:30:00

ABB Terra AC CVE-2025-5517 High Click here

All CISA Advisories — 26/05/2026, 17:30:00

ABB AbilityTM Zenon Remote Transport Vulnerability CVE-2025-8754 Critical Click here

SecurityWeek — 26/05/2026, 17:29:40

185,000 Likely Impacted by 7-Eleven Data Breach Click here

The Hacker News — 26/05/2026, 17:28:00

[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back Click here

The Hacker News — 26/05/2026, 17:19:53

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions CVE-2026-45659 High Click here

SecurityWeek — 26/05/2026, 17:14:53

Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations Click here

SecurityWeek — 26/05/2026, 16:44:31

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment Critical Click here

SecurityWeek — 26/05/2026, 16:15:00

Open Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker Images Click here

The Hacker News — 26/05/2026, 16:00:00

MFA Prompt Bombing: Why Your Second Factor Isn't Saving You Click here

SecurityWeek — 26/05/2026, 15:56:56

Lithuania Suspects Foreign Involvement in Data Leak of Over 600,000 National Register Entries Click here

Check Point Research — 26/05/2026, 15:39:59

AI Threat Landscape Digest March-April 2026 CVE-2025-55182 High Click here

The Hacker News — 26/05/2026, 14:43:02

CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks Click here

BleepingComputer — 26/05/2026, 14:16:45

CISA orders feds to patch actively exploited Drupal vulnerability Critical Click here

The Hacker News — 26/05/2026, 10:49:38

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike CVE-2026-5426 Critical Click here

Blog — 26/05/2026, 10:30:00

Disrupting Glassworm: Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet Click here

SANS Internet Storm Center, InfoCON: green — 26/05/2026, 05:31:48

Possible ACR Stealer From Page Impersonating Claude, (Tue, May 26th) Click here

Check Point Research — 25/05/2026, 20:38:40

25th May – Threat Intelligence Report CVE-2026-41091 Critical Click here

The Hacker News — 25/05/2026, 19:43:27

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos Click here

Threat Intelligence — 25/05/2026, 19:30:00

2 PhaaS 2 Furious: The Evolution of Chinese-language Phishing Services Click here

Threat Intelligence — 25/05/2026, 19:30:00

Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability CVE-2026-5426 Critical Click here

SecurityWeek — 25/05/2026, 18:57:12

Ghost CMS Vulnerability Exploited to Hack Over 700 Websites Click here

SANS Internet Storm Center, InfoCON: green — 25/05/2026, 18:56:06

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th) Critical Click here

SANS Internet Storm Center, InfoCON: green — 25/05/2026, 18:55:47

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th) Critical Click here

Krebs on Security — 25/05/2026, 18:51:49

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks Click here

The Hacker News — 25/05/2026, 17:32:46

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks CVE-2026-26980 High Click here

The Hacker News — 25/05/2026, 15:02:54

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms Click here

The Hacker News — 25/05/2026, 11:29:13

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO Click here

BleepingComputer — 24/05/2026, 19:42:32

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign CVE-2026-26980 Medium Click here

BleepingComputer — 24/05/2026, 02:18:23

Laravel Lang packages hijacked to deploy credential-stealing malware Click here

The Hacker News — 23/05/2026, 22:05:10

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks Click here

The Hacker News — 23/05/2026, 21:37:51

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware Click here

The Hacker News — 23/05/2026, 17:25:35

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software Click here

The Hacker News — 23/05/2026, 15:21:13

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer Click here

The Hacker News — 23/05/2026, 13:05:13

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root CVE-2026-48172 Critical Click here

The Hacker News — 23/05/2026, 12:53:48

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV CVE-2026-9082 Critical Click here

SANS Internet Storm Center, InfoCON: green — 23/05/2026, 11:19:17

An Example of Stack String in High Level Language, (Sat, May 23rd) Click here

The Hacker News — 22/05/2026, 23:05:02

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups High Click here

BleepingComputer — 22/05/2026, 22:54:52

Netherlands seizes 800 servers of hosting firm enabling cyberattacks Click here

The Hacker News — 22/05/2026, 21:50:32

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware Click here

Fox-IT International blog — 22/05/2026, 20:25:58

RemotePE: The Lazarus RAT that lives in memory Critical Click here

darkreading — 22/05/2026, 18:47:25

Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks High Click here

SOC Prime — 22/05/2026, 18:41:27

CVE-2026-9082: Highly Critical Drupal Core SQL Injection Flaw Threatens PostgreSQL Sites CVE-2026-9082 High Click here

SOC Prime — 22/05/2026, 18:35:22

CVE-2026-45585: YellowKey BitLocker Bypass Exposes Encrypted Data on Windows Devices CVE-2026-45585 Critical Click here

Unit 42 — 22/05/2026, 18:30:42

Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns Click here

All CISA Advisories — 22/05/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-9082 Critical Click here

The Hacker News — 22/05/2026, 17:25:24

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows Click here

The Hacker News — 22/05/2026, 17:08:12

Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective Click here

Unit 42 — 22/05/2026, 15:30:24

Paved With Intent: ROADtools and Nation-State Tactics in the Cloud Click here

The Hacker News — 22/05/2026, 14:20:18

Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks Click here

darkreading — 22/05/2026, 12:31:00

China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments Click here

The Hacker News — 22/05/2026, 11:17:33

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV CVE-2025-34291 Critical Click here

The Hacker News — 22/05/2026, 11:06:18

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access CVE-2026-20223 High Click here

Krebs on Security — 22/05/2026, 03:20:25

Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada Click here

Unit 42 — 21/05/2026, 21:00:33

The npm Threat Landscape: Attack Surface and Mitigations (Updated May 21) Click here

The Hacker News — 21/05/2026, 19:47:09

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor Click here

darkreading — 21/05/2026, 19:30:00

Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks Click here

Cyble — 21/05/2026, 19:21:47

JOMANGY: INJ3CTOR3’s Self-Healing FreePBX Toll Fraud Campaign CVE-2025-64328 Critical Click here

darkreading — 21/05/2026, 18:35:00

Content Delivery Exploit Opens Websites to Brand Hijacking Click here

All CISA Advisories — 21/05/2026, 17:30:00

CISA Adds Two Known Exploited Vulnerabilities to Catalog CVE-2025-34291 Critical Click here

All CISA Advisories — 21/05/2026, 17:30:00

ABB B&R Automation Runtime CVE-2025-3449 High Click here

All CISA Advisories — 21/05/2026, 17:30:00

ABB B&R Automation Studio CVE-2025-6965 High Click here

All CISA Advisories — 21/05/2026, 17:30:00

Hitachi Energy GMS600 CVE-2022-4304 Click here

All CISA Advisories — 21/05/2026, 17:30:00

ABB B&R PCs CVE-2023-45229 Click here

All CISA Advisories — 21/05/2026, 17:30:00

ABB Terra AC Wallbox CVE-2025-10504 Click here

The Hacker News — 21/05/2026, 17:22:14

ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories Critical Click here

The Hacker News — 21/05/2026, 16:25:57

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities CVE-2026-41091 Critical Click here

The Hacker News — 21/05/2026, 16:00:00

When Identity is the Attack Path Click here

The Hacker News — 21/05/2026, 13:05:53

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros CVE-2026-46333 Click here

The Hacker News — 21/05/2026, 09:14:11

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks CVE-2026-9082 High Click here

darkreading — 21/05/2026, 02:05:35

Fake Android Apps Commit Carrier Billing Fraud for Premium Services Click here

The Hacker News — 20/05/2026, 22:36:54

Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development Click here

darkreading — 20/05/2026, 21:42:08

Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control High Click here

The Hacker News — 20/05/2026, 20:06:44

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks High Click here

The Hacker News — 20/05/2026, 18:21:43

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API Click here

All CISA Advisories — 20/05/2026, 17:30:00

CISA Adds Seven Known Exploited Vulnerabilities to Catalog CVE-2008-4250 Critical Click here

The Hacker News — 20/05/2026, 17:08:43

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos Click here

Seqrite Labs — 20/05/2026, 16:53:06

Operation Dragon Whistle: UNG0002 Targets Chinese Academia via Weaponized Institutional Lure Click here

The Hacker News — 20/05/2026, 16:00:00

Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem Click here

The Hacker News — 20/05/2026, 13:58:26

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit CVE-2026-45585 Critical Click here

darkreading — 20/05/2026, 12:30:00

Interpol's 'Operation Ramz' Pioneers Cross-Region Collabs in Middle East Click here

The Hacker News — 20/05/2026, 10:42:06

Grafana GitHub Breach Exposes Source Code via TanStack npm Attack Click here

Blog — 20/05/2026, 10:30:00

How to Protect Identities and Sessions from Infostealers Click here

darkreading — 20/05/2026, 03:47:55

What Will Make AI BOMs Real? Click here

darkreading — 20/05/2026, 03:25:35

Verizon DBIR: Enterprises Face a Dangerous Vulnerability Glut Click here

darkreading — 20/05/2026, 02:36:54

Windows Zero-Day Barrage Continues After Patch Tuesday Critical Click here

darkreading — 20/05/2026, 01:19:40

Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS Click here

The Hacker News — 19/05/2026, 22:08:12

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps Click here

The Hacker News — 19/05/2026, 20:26:26

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability CVE-2026-31635 Medium Click here

darkreading — 19/05/2026, 18:58:43

Looking Back, Looking Forward: Digesting a Dynamic Bouillabaisse of Cyber Evolution Click here

All CISA Advisories — 19/05/2026, 17:30:00

Siemens RUGGEDCOM APE1808 Devices CVE-2026-0300 High Click here

All CISA Advisories — 19/05/2026, 17:30:00

Kieback & Peter DDC Building Controllers CVE-2026-4293 Medium Click here

All CISA Advisories — 19/05/2026, 17:30:00

ZKTeco CCTV Cameras CVE-2026-8598 Click here

All CISA Advisories — 19/05/2026, 17:30:00

ScadaBR CVE-2026-8602 High Click here

All CISA Advisories — 19/05/2026, 17:30:00

ABB CoreSense HM and CoreSense M10 CVE-2025-3465 High Click here

The Hacker News — 19/05/2026, 16:14:45

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare Click here

Cyble — 19/05/2026, 15:16:55

Cyble Named a Challenger in the Inaugural 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies High Click here

The Hacker News — 19/05/2026, 14:53:15

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access High Click here

The Hacker News — 19/05/2026, 10:58:06

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials Click here

The Hacker News — 19/05/2026, 10:24:17

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account Click here

darkreading — 19/05/2026, 03:13:51

Microsoft Exchange Zero-Day Under Attack, No Patch Available CVE-2026-42897 Critical Click here

darkreading — 19/05/2026, 02:54:59

'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments Click here

Krebs on Security — 19/05/2026, 02:18:21

CISA Admin Leaked AWS GovCloud Keys on Github Click here

darkreading — 19/05/2026, 01:23:05

Shai-Hulud Worm Clones Spread After Code Release Click here

Cybersecurity Blog - Nextron Systems — 18/05/2026, 20:05:15

Announcing the Release of ASGARD Management Center v4.0 Click here

The Hacker News — 18/05/2026, 19:20:17

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More Critical Click here

darkreading — 18/05/2026, 18:30:00

The Boring Stuff Is Dangerous Now Click here

Seqrite Labs — 18/05/2026, 12:25:34

From Fragmented Security to Unified Defense: How BFSI Organizations Can Stay Ahead of Cyber Threats High Click here

Seqrite Labs — 18/05/2026, 12:07:21

Why EPP for Manufacturing Industry Is Essential Against Modern Cyber Threats High Click here

darkreading — 16/05/2026, 01:49:20

Congress Puts Heat on Instructure After Canvas Outage Click here

Threat Intelligence — 15/05/2026, 19:30:00

Welcome to BlackFile: Inside a Vishing Extortion Operation Click here

SOC Prime — 15/05/2026, 19:29:41

CVE-2026-42897: Exchange Server OWA Spoofing Flaw Exploited via Crafted Email CVE-2026-42897 Critical Click here

Cyble — 15/05/2026, 19:26:56

GCC Cyber 2026: How Digital Banking Expansion Is Creating a New Attack Surface Attackers Are Already Exploiting CVE-2024-4577 High Click here

All CISA Advisories — 15/05/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-42897 Critical Click here

Unit 42 — 15/05/2026, 15:30:52

Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files Click here

darkreading — 15/05/2026, 02:27:27

SecurityScorecard Snags Driftnet to Level Up Threat Intelligence Click here

darkreading — 15/05/2026, 01:55:31

Maximum Severity Cisco SD-WAN Bug Exploited in the Wild Critical Click here

darkreading — 14/05/2026, 22:29:25

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine Click here

SOC Prime — 14/05/2026, 20:05:09

CVE-2026-42945: 18-Year-Old NGINX Rewrite Flaw May Enable Unauthenticated RCE CVE-2026-42945 High Click here

SOC Prime — 14/05/2026, 19:58:56

CVE-2026-46300: Fragnesia Linux Kernel Flaw Grants Root via Page Cache Corruption CVE-2026-46300 Medium Click here

darkreading — 14/05/2026, 17:30:00

Foxconn Attack Highlights Manufacturing's Cyber Crisis High Click here

All CISA Advisories — 14/05/2026, 17:30:00

Siemens Ruggedcom Rox CVE-2025-40947 High Click here

All CISA Advisories — 14/05/2026, 17:30:00

Siemens Solid Edge CVE-2026-44411 Click here

All CISA Advisories — 14/05/2026, 17:30:00

Siemens SENTRON 7KT PAC1261 Data Manager CVE-2025-22871 Click here

All CISA Advisories — 14/05/2026, 17:30:00

Siemens Simcenter Femap CVE-2025-12659 High Click here

All CISA Advisories — 14/05/2026, 17:30:00

Siemens SIMATIC CVE-2026-27662 High Click here

All CISA Advisories — 14/05/2026, 17:30:00

Siemens SIPROTEC 5 CVE-2024-54017 High Click here

All CISA Advisories — 14/05/2026, 17:30:00

Siemens Ruggedcom Rox CVE-2025-40949 Click here

↑