HomeWeekly DigestsThis Week
LiveThreat Threat Intelligence

Weekly Threat Intelligence Digest — May 25 to Jun 01, 2026

Weekly threat intelligence digest from 357 items (40 critical, 179 high).

June 01, 2026 357 articles analyzed
LIVETHREAT WEEKLY THREAT DIGEST May 25 – June 01, 2026 This week reinforced a shift we’ve been tracking: breaches are no longer driven by isolated flaws but by compromised trusted third parties with privileged access. From credential‑stuffing attacks on SaaS admin consoles to state‑backed actors wiping transit data, the common thread is clear: attackers are hijacking the supply chain to reach massive downstream footprints. AI‑assisted exploit creation is compressing the window between vulnerability disclosure and active exploitation, amplifying the impact of each compromised vendor. 👉 Access, not vulnerability, is now the primary risk driver 🚨 EXECUTIVE RISK SNAPSHOT * Supply‑chain entry dominates → MSPs, SaaS admin consoles, CI/CD pipelines, and OT devices were primary compromise paths * Privileged credentials amplify impact → Single admin hijacks (Zapier, Microsoft, Charter) exposed 40‑50 M records or triggered wholesale data deletion * Blind spots persist → Cloud‑native assets, bullet‑proof hosts, and fourth‑party services remain outside most TPRM inventories 🔍 WHAT CHANGED THIS WEEK * AI‑driven exploit creation is compressing the vulnerability‑to‑exploit window, seen in zero‑days targeting KnowledgeDeliver, Gogs, and Windows components * Credential‑stuffing and phishing now focus on admin layers of SaaS platforms (Zapier, Microsoft 365, Salesforce) to harvest millions of records * State‑backed actors leveraged stolen admin credentials to disrupt critical infrastructure (LA Metro), raising supply‑chain risk for transit‑related vendors * Malware‑as‑a‑service (BTMOB RAT) and botnet‑enabled attacks are scaling across Latin America, expanding the attack surface of any vendor with regional ties 🎯 WHERE YOU ARE MOST LIKELY EXPOSED * Cloud hosting and API providers – Zapier, AWS S3 buckets, THE.Hosting bullet‑proof host * SaaS admin consoles – Microsoft 365, Salesforce, Charter Spectrum portal, other CRM platforms * Managed service and MSP relationships – FortiClient EMS, other endpoint‑security services * OT and IoT devices – Eppendorf BioFlo VNC, telecom CPE (MeiG, ZTE) with hard‑coded credentials * Third‑party code libraries – npm/typosquatted packages, Zapier SDK, WordPress plugins (WP Maps Pro, Ghost CMS) ⚡ WHAT TPRM LEADERS SHOULD DO THIS WEEK 1. Re‑audit privileged access → Verify every vendor with admin or API‑key rights to your environment. 👉 Ask: “Which of your staff or service accounts hold admin privileges on our SaaS platforms?” 2. Map sub‑processor chains → Request full sub‑processor lists from top vendors and identify any MSP or bullet‑proof host in the chain. 👉 Ask: “Who hosts your services and what security controls do they enforce?” #Cybersecurity #TPRM #VendorRisk #SupplyChainSecurity #ThreatIntel #LiveThreat #VerisqAI

Articles Referenced in This Digest 357 items

Advisory (113)

High145 AI laws passed in 2025 and privacy teams aren’t catching a break
HighData discovery gaps that catch enterprises off guard
HighQuantum computing looms, and your security is nowhere near ready
HighWhat’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant
HighNew AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"
HighCompanies built AI into core systems before figuring out how to govern it
HighFBI warns extortion hackers are visiting US law firms to steal data
High‘Tiny11’ Gives Windows 10 Users a Risky Upgrade Path
High Company bragged phone mics could listen to conversations. They couldn’t.
HighDutch Government just said no to an American firm buying the keys to their digital State
HighFor Enterprises, Security Remains Agentic AI's Biggest Challenge
HighCERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
HighMicrosoft: Domain Controller lookup may fail on Windows Server 2016
MediumGoverning shadow AI without killing innovation
MediumOpen-source security is a mess - IBM and Red Hat bet $5 billion and 20,000 engineers can fix it
MediumAnthropic confirms Claude Mythos-class models will roll out to the public
MediumAgentic AI Isn't Risky; the Way Orgs Deploy It Is
MediumMicrosoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
MediumGoogle’s $135M Android Privacy Settlement: Who May Be Eligible
MediumWhen old data brings AI rollouts to a screeching halt - and how to manage it
MediumExtending EOL/EOS Software Intelligence Across Containers, Kubernetes, and Modern Workloads
Medium Your Windows PC has a security deadline in June 2026
MediumRudd orders Cyber Command reviews as Pentagon presses reform agenda
MediumAI is an arms race, and the US wants $9 billion in Nvidia superchips to keep up
MediumState Cyber Leaders Beg Congress for More Funding, Support
MediumWhatsApp Local Storage Claim Raises Apple Privacy Questions
MediumWhat happens when security teams inherit identity
MediumManage machine identities: The hidden privileged access layer you need to manage
InformationalOWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory
InformationalEU organizations buckle under rising compliance pressure
LowDell's new XPS 13 is a MacBook Neo rival that costs $599 and retains premium features
InformationalYARA-X 1.17.0 Release, (Sun, May 31st)
LowI tried Microsoft's Windows 365 Cloud PC on MacOS, Android, and iOS - here's what it's like
InformationalAsia's Cyber Insurance Market Shows Signs of Life
Informational8 Best Enterprise Password Managers (2026)
InformationalThe Deliverability Problem: How New Platforms Are Solving Inbox Placement
LowExpressVPN blows away the competition on security audits - but what do they mean?
LowI've used Gemini in Android Auto for 2 months now, and it's transformed my daily drive in 4 ways
InformationalClaroty targets cyber-physical system risks with AI-powered security agent
InformationalNetskope extends data localization capabilities with NewEdge updates
InformationalAnthropic launches Claude Opus 4.8, prepares Mythos-class models for all customers
InformationalMicrosoft 365 Copilot redesign brings context and actions into one workspace
LowGoogle Chrome adds session cookie theft protection for all users
InformationalMicrosoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection
InformationalCisco Secure Access and Microsoft Edge for Business Integration
InformationalApple May Bring Android-Style Theft Detection to iPhones
LowAI Model Release Tracker: Opus 4.8's misalignment rates similar to Claude Mythos Preview
InformationalNew infosec products of the month: May 2026
InformationalProduct showcase: TotalAV helps iOS users clean up their digital mess
InformationalLess panic patching, more precision
InformationalFocus on Cyber Insurance: How Quantifying Risk Is Reshaping Security
LowWhy a Bluetooth upgrade for AirPods excites me more than cameras or AI
Informational4 Android Auto apps I highly recommend for your next road trip - beyond Maps and Spotify
LowI'm an iPhone user, but Gemini with Android Auto beats Siri in the car any day - here's why
InformationalNordVPN isn't just a VPN anymore, but a full security suite - here's what you get now
LowWhy I ditched Copilot for Claude in Word, Excel, and PowerPoint - and how you can, too
InformationalAnthropic launches Opus 4.8, with honesty as its killer feature
InformationalEuro-Office, Europe's open-source alternative to Microsoft Office and Google Docs, launches June 9
InformationalMicrosoft’s new cloud PCs place AI agents under enterprise controls
InformationalQevlar’s new AI agents correlate CVEs, incident data, and active exploitation signals
InformationalDigimarc adds provenance, audit, and verification controls for AI agent workflows
InformationalMicrosoft’s Copilot trust test: Zero findings, more models, wider oversight
InformationalIBM and Red Hat are betting $5 billion that open source needs a security guard
InformationalWebinar: Why network incidents take too long to resolve
InformationalNordic CISOs Handle Rising Cyber Threats Remarkably Well
LowWhy I use wireless security cameras at home versus a wired system - after years of testing
LowI dug deeper into my Oura Ring data using this free app - here's what I found
InformationalHottest cybersecurity open-source tools of the month: May 2026
InformationalNudge Security adds browser-based discovery for shadow AI agents
InformationalThe CISO selling confidence in a market full of breach headlines
LowLink11 is fully committed to Europe and is opening a Customer Excellence Hub in Lisbon
InformationalHow Can MSSPs Scale Threat Detection Without Burning Out Their Analysts?
InformationalCybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security
LowDoes Android Auto make your phone overheat? Try these 8 ways to cool it down
LowWhen my eye doctor got my glasses prescription wrong, AI helped me fix it
InformationalRust will save Linux from AI, says Greg Kroah-Hartman
InformationalWhy the future of AI is on-premises - business advice from Dell Tech World 2026
InformationalMy new favorite Windows app made my PC safer and more reliable - and it's free
InformationalHow I got my business emails through spam filters with SPF, DKIM, and DMARC
LowThis AI-free Google alternative is surging in popularity - how to try it for yourself
InformationalJetico expands BestCrypt Data Shelter with zero-trust file access controls
InformationalFranklin Access adds three-layer security system to Wi-Fi routers
InformationalApple makes its quantum-resistant encryption open source
InformationaleSentire launches new Atlas AI Operatives for autonomous threat detection and response
InformationalPing Identity advances agentic security with AI governance and trusted access
InformationalCogent targets exploit-to-remediation gap with new AI-powered security capabilities
InformationalClaude now reviews and fixes vulnerabilities as you write code
InformationalGoogle AI Threat Defense targets attackers using AI to find flaws faster
Informational3 SOC Steps that Shut Down Incident Risks Early
Informational5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
LowWindows 11 KB5089573 update released with performance improvements
LowCan you enforce strong Active Directory password rules without frustrating users?
InformationalDesigning secure access with ZTNA
LowWhy Network Segmentation Projects Fail: Four Patterns
LowThe Flipper One is the Linux cyberdeck I wish my Raspberry Pi could be
InformationalI wore Google's Fitbit Air for a week, and it gives the Whoop a serious run for its money
LowAvoid these 8 solar mistakes that cut your power output in half - I learned the hard way
LowHow I make my solar panels last long enough to pay for themselves
LowI quit ChatGPT for a free, private, and local AI called Ollama - here's why
InformationalTamnoon introduces skill-based AI orchestration for autonomous cloud defense
InformationalConifers rolls out AI-powered SOC for unified security operations and automated response
InformationalDetectify brings AppSec automation to AI agents with MCP Server and continuous testing
InformationalWebinar: Too many tools are slowing network incident response
InformationalMicrosoft Defender can now automatically isolate hacked endpoints
LowCybersecurity jobs available right now: May 26, 2026
InformationalProduct showcase: F-Secure Internet Security blocks phishing sites, fake stores, and SMS scams
Low🎙️SECURITY.COM The Podcast: The Evolution of Cybersecurity PR with W2 Communications
InformationalWelcoming the Bhutanese Government to Have I Been Pwned
LowBest Buy and Amazon has dropped major SSDs prices - I found the best storage deals
InformationalUS states step up cyber defenses to protect local communities
InformationalCisco refines its risk-based vulnerability disclosure for the AI era
InformationalAnthropic adds 28 security and compliance integrations for Claude
InformationalThe Alert Firehose Finally Meets Its Match

Breach (31)

CriticalCalifornia AG sues 23andMe over 2023 breach exposing health data
CriticalThe LA Metro Attack Wasn’t Hacktivism. It Was a State Operation With a Costume On.
HighAtlas Menu - 63,926 breached accounts
HighShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers
HighCarnival Data Breach Exposes Data of Nearly 6 Million Customers
HighCharter Communications data breach affects 4.9 million accounts
HighPolice arrest man following hack of Ajax football club
HighKrispy Kreme Settlement Deadline Nears: Eligible Members Could Claim Up to $3,500
HighShinyHunters Alleges 42M Records Stolen from Charter Communications
HighCarnival Data Breach Exposes Personal Data of Nearly 6 Million Customers
HighCruise giant Carnival confirms data breach affecting nearly 6 million people
HighCharter - 4,851,517 breached accounts
HighCybercriminals sail away with data from 6 million Carnival customers
HighCarnival Cruise confirms data breach affecting nearly 6 million people
High Carnival confirms data breach impacting nearly 6 million
HighA Fake UK Visa Site Left 100,000 Passports Wide Open
HighKemper - 269,299 breached accounts
HighRomanian Hacker Gets Nearly 5 Years in US Prison Over Network Intrusion
HighSmashing Security podcast #469: What your Oura ring won’t tell you
HighLatin American Cybercriminals Hoover Up Government Data
HighDutch police arrest man over cyber breach at Ajax football club
HighRomanian national sentenced to more than 4 years for hacking Oregon government systems
High7-Eleven Breach: Hackers Claim 600,000 Records Stolen
HighDutch police arrests suspect linked to Ajax football club hack
HighMytheresa - 84,108 breached accounts
HighAmeriprise - 502,597 breached accounts
HighHacker Lists 340M OnlyFans User Records for Sale
HighPersonal information of 185,000 people exposed after cyberattack on 7-Eleven
High7-Eleven data breach exposes personal information of 185,000 people
High340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks
HighFBI Chief Kash Patel’s Clothing Store Hacked in ClickFix Infostealer Attack

Ransomware (2)

CriticalThe Gentlemen ransomware: Dissecting a self-propagating Go encryptor
HighRansomware Actors Show Up In Person to Steal Law Firm Data

ThreatIntel (127)

CriticalZapier exploit chain shows how known anti-patterns compose into critical risk
CriticalMore CVEs, Same Playbook: 2026 Vulnerability Exploitation in the Wild
CriticalKnowledgeDeliver flaw exploited as a zero-day to install web shells
CriticalEppendorf BioFlo 320
HighSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99
HighUnidentified RAT pushes NetSupport RAT, (Mon, Jun 1st)
High27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens
HighWeek in review: Infostealer dropped via FortiClient EMS flaw, exploited Trend Micro Apex One flaw
HighFake Anthropic Sites Deliver Fileless Infostealer to Claude Code Users
HighBotnet of 17 Million Devices Dismantled in the Netherlands
HighSignal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys
HighDexcom Warns Stolen G7 Glucose Sensors May Pose Infection, Reading Risks
HighChatGPT share links abused to host fake outage pages to deliver malware
HighMalicious npm packages abuse dependency confusion to profile developer environments
HighMeet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes
HighAs Global Powers Explore Humanoid Robots, Cyber-Risk Looms
HighWith Complex Cloud Integrations, Small Errors Lead to Major Compromises
HighChilling Effects
HighWebsites can spy on user activity by analyzing SSD behavior
HighDutch police disrupts botnet composed of 17 million devices
HighDutch govt disrupts malware botnet with 17 million infected devices
HighFrom $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
High Signal users targeted in backup-stealing phishing attacks
HighBTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone
High'The Com' Cyberattacks Support Violence & Sexploitation
HighKimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
HighMalicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
HighWhat 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
HighNew Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
HighFBI Warns Companies About Ransom Gang’s Fake IT Support Tactics
HighFBI warns of fake FIFA websites running World Cup fraud schemes
HighBTMOB Android malware service generates custom phishing payloads
HighGreyVibe hackers use ChatGPT, Gemini to power cyberattacks
HighTyposquatted npm packages used to steal cloud and CI/CD secrets
HighResecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem
HighBTMOB RAT Spreads Across Brazil, LatAm via MaaS Model
HighDutch Raid Fails to Dent Russian Bulletproof Host
High2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface
HighThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More
HighRussia conducting daily attacks on UK 'from seabed to cyberspace,' spy chief warns
HighChinese-speaking fraud gang could be stealing millions from 2026 World Cup fans
HighPirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years
HighA single typo could derail your World Cup plans
HighOpenAI prepares ChatGPT for the election misinformation wave
HighRomanian gets 5 years in prison for hacking Oregon govt network
High Fake ChatGPT download site infects Windows and Mac users with malware
High19.6 Billion Files Are Sitting Open on the Internet. No Password Required
HighFootball Fever Fuels Scam Campaigns Across Email and Social Media
HighJINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware
HighAI chatbot recommendations lure users to cryptojacking malware sites
HighFrontier AI models collapse under multi-turn AI attacks, Cisco finds
HighGPU mining malware spreads via SEO poisoning, AI chatbots
HighIran’s Nimbus Manticore Used Trojanized Zoom Installers Against US Firms
HighReconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs, (Wed, May 27th)
HighAI-Assisted Exploit Development Outpaces Scanner Detection
HighOut of the Crypt: The Evolving Cyber Extortion Economy
HighIranian intelligence service behind hack of LA transit system, researchers say
HighFBI Warns: ‘Kali365’ Phishing Service Targets Microsoft 365 Accounts
HighFake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware
HighHackers are knocking on office doors pretending to be IT staff
HighAI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
HighGlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
HighGrandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
HighFBI warns of in-person data theft attacks from extortion gang
HighGlassworm botnet disrupted after resilient C2 infrastructure takedown
High Fake LinkedIn emails abuse Adobe to track victims
High Kali365 phishing kit bypasses MFA and steals Microsoft logins
HighHow cybersecurity firms took down Glassworm botnet in one shot
HighTrojanized Gemini and Claude Installers Target Developers Via SEO Poisoning
HighEuropean AI adoption hits 99% with regulated data driving most policy violations
HighCharter confirms data breach after ShinyHunters extortion threat
HighThe Hidden Ransomware Economy Running on Exposed Databases
HighFBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts – no password required
HighThe Hackers Behind Shai-Hulud: Lucky or Skilled?
HighFeeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
HighChinese phishing gangs grow into a force to be reckoned with
HighIranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
HighMFA Prompt Bombing: Why Your Second Factor Isn't Saving You
High[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back
HighMuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
High Fake software on GitHub and SourceForge distribute Deno RAT 
HighThird-Party Cyberattack Impacts Patient Information at The Oncology Institute
HighPossible ACR Stealer From Page Impersonating Claude, (Tue, May 26th)
HighNetherlands Busts Bulletproof Hosting Network Linked to Disinformation and Cybercrime
HighTeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th)
HighTeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th)
HighAuthorities seize 800 servers used for cyberattacks and disinformation
HighTrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
HighLazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
HighFBI warns of Kali365 phishing service targeting Microsoft 365 accounts
HighAnthropic’s restricted Claude Mythos model may be coming to Claude Code
HighDutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation
HighZero-Click WhatsApp Account Takeover Hits iPhone Users Running iOS 16. No Linked Devices, No Warning
MediumMyPillow listed on ransomware gang’s leak site, but denies it has been breached
MediumCISA Adds One Known Exploited Vulnerability to Catalog
MediumIdentifying People Using Wi-Fi Routers
MediumFrom poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
MediumNimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers
MediumMalware Found in Laravel-Lang Composer Packages After Git Tag Poisoning Attack
MediumMicrosoft Access VBA, (Mon, May 25th)
InformationalSecurity Affairs newsletter Round 579 by Pierluigi Paganini – INTERNATIONAL EDITION
InformationalDutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
InformationalHumanix expands detection to identify live violations of security procedures
InformationalDIL Observatory: when the World Escalates, the Underground Responds
InformationalISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)
InformationalThe behavioral signals that sharpen Trojan malware detection
InformationalAnalysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)
InformationalThe CISO Whisperer’s Watch List For The Gartner Security & Risk Management Summit 2026
InformationalQumulo NeuralProtect uses AI to detect and stop ransomware before encryption
InformationalISC Stormcast For Thursday, May 28th, 2026 https://isc.sans.edu/podcastdetail/9948, (Thu, May 28th)
InformationalFBI’s 2025 Internet Crime Report
InformationalISC Stormcast For Wednesday, May 27th, 2026 https://isc.sans.edu/podcastdetail/9946, (Wed, May 27th)
InformationalI've tried so many Linux email clients - why Aerion just replaced Geary as my top pick
InformationalCoinflow CISO on crypto payments security under AI pressure
InformationalPost-AI Jobs Will Go to a Tiny Sliver
Informational[webapps] Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover
Informational[hardware] D-Link DSL2600U - 'rom-0' Admin Password Disclosure
Informational[webapps] Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service
Informational[webapps] Grav CMS 2.0.0-beta.2 - Remote Code Execution
InformationalDutch authorities arrest men suspected of providing infrastructure for Russian cyber operations
InformationalLithuania investigates theft of 600,000 state registry records by foreign actor
InformationalHow Varonis Atlas integrates Claude Compliance API for AI governance
Informational5 Ways XDR Helps SOCs Act Faster
InformationalLazarus APT unveils fileless remote access Trojan designed to evade detection
InformationalRemembering Tim Wilson, Whose Legacy Lives on at Dark Reading
InformationalKremlin appoints cyber executive with alleged GRU ties to Security Council role
InformationalISC Stormcast For Tuesday, May 26th, 2026 https://isc.sans.edu/podcastdetail/9944, (Tue, May 26th)

Vulnerability (84)

CriticalWP Maps Pro bug exploited to create admin accounts on WordPress sites
Critical[remote] strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow
Critical[webapps] MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution
Critical[local] Linux Kernel - Local Privilege Escalation
Critical[local] ZTE ZXHN H188A V6 - Authentication Bypass
Critical[webapps] Langflow 1.3.0 - Remote Code Execution
CriticalChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
CriticalMicrosoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.
CriticalU.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog
CriticalCVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks
CriticalThreat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
CriticalCritical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
CriticalNew Gogs zero-day flaw lets hackers get remote code execution
CriticalHackers exploit FortiClient EMS flaw to push infostealer malware
CriticalKMW CCTV Security Cameras
CriticalXCharge C6
CriticalFourth Frontier Frontier X Mobile Application, Frontier X2
CriticalJinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
CriticalDICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap
CriticalU.S. CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog
CriticalCISA Adds Three Known Exploited Vulnerabilities to Catalog
Critical[local] Realtek rtl819x - Local Privilege
Critical[hardware] MeiG Smart FORGE_SLT711 - OS Command Injection
Critical[webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal
Critical[local] Linux Kernel - Local Privilege Escalation
CriticalCISA gives feds 4 days to patch actively exploited cPanel plugin flaw
CriticalMicrosoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
CriticalMicrosoft Issues Out-of-Band SharePoint Patch
Critical[webapps] cPanel - CRLF Injection
CriticalActively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)
CriticalABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
CriticalABB Ability Camera Connect
CriticalGhost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
HighCVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers
HighNew CIFSwitch Linux flaw gives root on multiple distributions
HighPalo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
HighPAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
HighCISA Adds One Known Exploited Vulnerability to Catalog
High[dos] strongSwan 5.9.13 - DoS
High[webapps] CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)
High[remote] Wing FTP Server 8.1.3 - Authenticated Remote Code Execution
High[local] ZTE H298A / H108N - Unauthenticated Credential Exposure
High[local] ZTE Routers - Unauthenticated Denial of Service
High[local] ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion
High[webapps] Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution
High[webapps] Prodigy Commerce 3.3.0 - Local File Inclusion
High[webapps] MikroORM 7.0.13 - SQL Injection
HighAttackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
HighNew infostealer reaches enterprise devices through FortiClient EMS vulnerability
HighMicrosoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
HighZDI-26-320: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
HighZDI-26-321: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
HighZDI-26-322: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
HighZDI-26-323: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
HighZDI-26-324: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
HighZDI-26-325: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
HighZDI-26-326: TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
HighSupply Chain Compromises Impact Nx Console and GitHub Repositories
HighMacGregor Voyage Data Recorder (VDR) G4e
HighCP Plus 8 Ch. Network Video Recorder
HighABB EIBPORT
HighMediaArea heap-based buffer overflow vulnerabilities
High[webapps] OpenCATS 0.9.7.4 - SQL Injection
High[webapps] scramble - Remote Code Execution
High[webapps] EspoCRM 9.3.3 - SSRF
HighThe Next AI Security Failure May Start With a Trusted Assistant
HighGitea Vulnerability Exposes Private Container Images without Authentication
High[local] Linux Kernel 6.8 - Local Privilege Escalation
HighClaude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month
HighHigh-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)
HighAnthropic: Claude Mythos identified 10,000+ software flaws
HighMicrosoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
HighCISA orders feds to patch actively exploited Drupal vulnerability
HighABB AbilityTM Zenon Remote Transport Vulnerability
HighABB LVS MConfig
HighABB Terra AC
High 700+ education and tech websites hijacked in huge ClickFix malware campaign
HighKnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
HighGhost CMS flaw abused to push ClickFix attacks on hundreds of sites
High⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
Medium[remote] Microsoft - NTLMv2 Hash Capture
MediumABB Busch-Welcome 2 Wire Door Opener Actuator
MediumSchnieider Electric EcoStruxure Machine Expert HVAC
MediumABB AC500 V2

Daily breach, advisory, and vulnerability briefs publish every weekday.

View Live Breach Feed ← All Weekly Digests