🚨 CISA KEV 1[−]
16 May KEVU.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-202…SECURITYAFFAIRS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 20[−]
16 MayCVE-2026-44673 libyang: lyb_read_string() integer overflow → heap buffer overflowInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-6478 PostgreSQL discloses MD5-hashed passwords via covert timing channelInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-6473 PostgreSQL server undersizes allocations, via integer wraparoundInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table nameInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-6637 PostgreSQL refint allows stack buffer overflow and SQL injectionInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-6477 PostgreSQL libpq lo_* functions let server superuser overwrite client stack memoryInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-42934 NGINX ngx_http_charset_module vulnerabilityInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-42946 NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerabilityInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-44662 rust-openssl: Heap buffer overflow when encrypting with AES key-wrap-with-paddingInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-44431 urllib3: Sensitive headers forwarded across origins in proxied low-level redirectsInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-43490 ksmbd: validate inherited ACE SID lengthInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-6475 PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choiceInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-6474 PostgreSQL timeofday() can disclose portions of server memoryInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-6472 PostgreSQL CREATE TYPE does not check multirange schema CREATE privilegeInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-6479 PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursionInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-40701 NGINX ngx_http_ssl_module vulnerabilityInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-42945 NGINX ngx_http_rewrite_module vulnerabilityInformation published.MSRC.MICROSOFT.COM
16 MayCVE-2026-46333 ptrace: slightly saner 'get_dumpable()' logicInformation published.MSRC.MICROSOFT.COM
16 MayLinux “ssh-keysign-pwn” Flaw Exposing Critical Authentication FilesA newly disclosed Linux kernel vulnerability, dubbed “ssh-keysign-pwn” by Qualys researchers, exposes millions of Linux systems to unauthorized access to sensitive SSH private keys and hashed passwords stored in /etc/shadow. Tracked as CVE-2026-463…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 6[−]
16 MayInside CIRA: How Canada's .ca Registry Became a Global DNS & Cybersecurity ForceDavid Shipley interviews Jon Ferguson, VP at CIRA, about how the Canadian Internet Registration Authority evolved from early paper-based .ca registrations at UBC into a 142-person, member-based not-for-profit running .ca and authoritative Anycast DNS infrastructure now supporting…CYBERSECURITYTODAY.LIBSYN.COM
16 MayJDownloader Website Hack Exposes Windows and Linux Users to Malicious InstallersA popular open-source download manager trusted by millions suddenly became a malware delivery platform after attackers compromised its official website, replacing legitimate installers with trojanized versions targeting both Windows and Linux users. The incident, confirmed by JDo…GBHACKERS.COM
16 MayOpenAI and others deal with fallout from TanStack supply-chain attack.Disgruntled researcher discloses two Windows zero-days. Microsoft warns of critical zero-day in on-prem Exchange Servers.THECYBERWIRE.COM
16 MayOpenAI hit by supply chain attack linked to malicious TanStack packagesOpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromised two employee devices and exposed credential material stored in internal source c…SECURITYAFFAIRS.COM
16 MayAI Broke Patch ManagementAI systems are now discovering software vulnerabilities at a pace that is forcing major vendors to rethink how they ship security updates. The speaker points to Mozilla fixes tied to Glasswing discoveries and Oracle shifting from quarterly to monthly patching cycles. That change …YOUTUBE.COM
16 MayFunnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout SkimmingA critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages with the goal of stealing payment data. Details of the activity were published by…THEHACKERNEWS.COM
🔥 INCIDENT REPORTING 2[−]
16 MayCybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams RecordingPlus: Instructure’s Canvas ransomware debacle comes to a close, an alleged dark net market kingpin gets arrested, OpenAI workers fall victim to a supply chain attack, and more.WIRED.COM
16 MayRussian APT Turla builds long-term access tool with Kazuar Botnet evolutionRussia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected sys…SECURITYAFFAIRS.COM
🕵️ THREAT INTELLIGENCE 2[−]
16 MayFriday Squid Blogging: Bigfin SquidArticle about the bigfin squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.SCHNEIER.COM
16 MayScam papers served.Thomas Elkins, SOC L3 Analyst from BlueVoyant, is discussing "Unpacking Augmented Marauder’s Multi-Pronged Casbaneiro Campaigns." BlueVoyant researchers uncovered a large-scale phishing campaign by the Brazil-linked threat group targeting Spanish-speaking users across Lat…THECYBERWIRE.COM