🚨 CISA KEV 2[−]
23 May KEVCISA to allow researchers to report vulnerabilities to exploited bugs catalogThe Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a nomination form on Thursday that they said enables “researchers, vendors, and industry partners” to report bugs that need to be added to the Known Exploited Vulnerabilities catalog.THERECORD.MEDIA
23 May KEVDrupal Core SQL Injection Bug Actively Exploited, Added to CISA KEVThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2026-908…THEHACKERNEWS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 12[−]
23 MayCVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiationInformation published.MSRC.MICROSOFT.COM
23 MayCVE-2026-3592 Amplification vulnerabilities via self-pointed glue recordsInformation published.MSRC.MICROSOFT.COM
23 MayCVE-2026-3593 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementationInformation published.MSRC.MICROSOFT.COM
23 MayCVE-2026-5950 Unbounded resend loop in BIND 9 resolverInformation published.MSRC.MICROSOFT.COM
23 MayCVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerabilityInformation published.MSRC.MICROSOFT.COM
23 MayCVE-2026-41054 Missing exit out of permission check in haveged could lead to root exploitInformation published.MSRC.MICROSOFT.COM
23 MayCVE-2026-8723 qs.stringify crashes on null/undefined entries in comma-format arrays under encodeValuesOnlyInformation published.MSRC.MICROSOFT.COM
23 MayCVE-2025-14575 Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loadingInformation published.MSRC.MICROSOFT.COM
23 MayCVE-2026-5947 SIG(0) validation during query flood may lead to undefined behaviorInformation published.MSRC.MICROSOFT.COM
23 MayLiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as RootA maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to ru…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 7[−]
23 MayGoogle leaks details for Chromium bug that can turn browsers into botsChromium — the open-source browser that underpins Google Chrome, Microsoft Edge, and Opera, among others — contains an unpatched vulnerability that attackers can exploit to execute JavaScript code persistently across browser restarts. As a result, the flaw can be used to hijack u…CSOONLINE.COM
23 MayGhosted by GrafanaToday we are joined by Sasi Levi, Security Research Lead at Noma Security, sharing their team's work on "GrafanaGhost: The Phantom Stealing Your Data." Researchers at Noma Security disclosed “GrafanaGhost,” a vulnerability that could allow attackers to silently exfiltrate sen…THECYBERWIRE.COM
23 MayGitHub discloses breach of 3,800 internal code repositories.CISA contractor exposed AWS GovCloud keys on GitHub. Researchers craft a kernel exploit on Apple's M5 chips, with help from Mythos.THECYBERWIRE.COM
23 MayThe FBI Wants ‘Near Real-Time’ Access to US License Plate ReadersPlus: Google publishes a live exploit for an unpatched flaw, the feds arrest two men accused of creating thousands of nonconsensual deepfake nudes, and more.WIRED.COM
23 May‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted DomainsThe stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide command-and-control traffic. The post ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains appeared first on SecurityWeek .SECURITYWEEK.COM
23 MayClaude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used SoftwareAnthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most "systemically" important software across the world since the cybersecurity initiative went live last month. Project Glasswin…THEHACKERNEWS.COM
23 MayShipping Vulnerable Code On PurposeA large percentage of organizations knowingly ship software with unresolved vulnerabilities in order to meet business deadlines. This clip highlights the ongoing tension between production pressure and security requirements: one side wants to release features immediately, while t…YOUTUBE.COM
📢 SECURITY ADVISORIES 1[−]
23 MayResearcher Finds Public GitHub Repo Exposing Sensitive CISA CredentialsThe episode recounts how GitGuardian security researcher Guillaume Valadon, while monitoring public GitHub for leaked secrets, discovered a publicly accessible repository labeled "CISA-Private" containing highly sensitive CISA materials, including internal DHS/CISA credentials, c…CYBERSECURITYTODAY.LIBSYN.COM
🔥 INCIDENT REPORTING 2[−]
23 MayLaravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential StealerCybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing framework. The affected packages include - laravel-lang/lang laravel-lang/http-sta…THEHACKERNEWS.COM
23 MayCharter Communications confirms data breach as hackers threaten leak of 42 million recordsCharter Communications has confirmed a cybersecurity incident after the ShinyHunters extortion group claimed it breached the telecommunications giant and stole data belonging to more than 42 million customers. The threat actor added Charter Communications to its leak site this we…CYBERINSIDER.COM
🕵️ THREAT INTELLIGENCE 1[−]
23 MayAn Example of Stack String in High Level Language, (Sat, May 23rd)This week, I'm attending the SEC670[ 1 ] training (“Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Controlâ€). From my point of view, this training fits perfectly with FOR610 or FOR710 (malware analysis)…ISC.SANS.EDU
🌐 CYBER THREAT LANDSCAPE 4[−]
23 Maynpm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain AttacksGitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly available for installation. Called staged publishing, the feature is now general…THEHACKERNEWS.COM
23 MayPackagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux MalwareA new "coordinated" supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL. "Although the affected packages were all Composer packages, the malicious code was not added to …THEHACKERNEWS.COM
23 MayThese special phone and app features can help protect you from spywareApple, Meta, and Google offer special security modes that provide your devices more secure against targeted spyware attacks. Here are how those modes work, what they do, and how to switch them on.TECHCRUNCH.COM
23 MayLaravel Lang packages hijacked to deploy credential-stealing malwareA supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated credential-stealing malware campaign after attackers abused GitHub version tags to distribute malicious code through Composer packages. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 1[−]
23 MayItaly disrupts CINEMAGOAL piracy app that stole streaming auth codesItalian authorities have dismantled a piracy ecosystem centered around the CINEMAGOAL app that provided access to various streaming platforms, including Netflix, Disney+, and Spotify. [...]BLEEPINGCOMPUTER.COM