🐛 COMMON VULNERABILITIES AND EXPOSURES 116[−]
29 MayIBM and Red Hat want to become the ‘security clearinghouse’ for open source applications in the enterpriseOpen source code is everywhere in the enterprise; it’s estimated that upwards of 90% of Fortune 500 companies have it in their software supply chains. But open source code is notoriously rife with vulnerabilities, and identifying and patching those bugs can be an endless battle f…CSOONLINE.COM
29 MayCVE-2026-46219 spi: mpc52xx: fix use-after-free on unbindInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46214 vsock/virtio: fix accept queue count leak on transport mismatchInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46137 mptcp: pm: ADD_ADDR rtx: fix potential data-raceInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46186 Bluetooth: virtio_bt: validate rx pkt_type header lengthInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46172 ipv6: xfrm6: release dst on error in xfrm6_rcv_encap()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46168 mptcp: fix scheduling with atomic in timestamp sockoptInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46163 wifi: b43legacy: enforce bounds check on firmware key index in RX pathInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46131 KVM: x86: check for nEPT/nNPT in slow flush hypercallsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46110 net: stmmac: Prevent NULL deref when RX memory exhaustedInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46128 ipmi: Check event message buffer response for bad dataInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-42250 Off-by-One Leading to Out-of-Bounds Write in bzip2Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46191 fbcon: Avoid OOB font access if console rotation failsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46159 btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leakInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46226 spi: fsl: fix controller deregistrationInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46165 openvswitch: vport: fix self-deadlock on release of tunnel portsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46158 mptcp: pm: ADD_ADDR rtx: always decrease sk refcountInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46232 HID: playstation: Clamp num_touch_reportsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46197 drm/amdkfd: validate SVM ioctl nattr against buffer sizeInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46220 drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emissionInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46107 dm-thin: fix metadata refcount underflowInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46176 RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46149 scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46208 batman-adv: stop tp_meter sessions during mesh teardownInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46116 xfrm: defensively unhash xfrm_state lists in __xfrm_state_deleteInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46225 spi: rspi: fix controller deregistrationInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46236 media: rc: xbox_remote: heed DMA restrictionsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46164 btrfs: fix double free in create_space_info_sub_group() error pathInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46235 media: saa7164: add ioremap return checks and cleanupsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46127 RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46177 ipmi: Add limits to event and receive message requestsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46155 smb/client: fix out-of-bounds read in smb2_compound_op()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46157 ALSA: pcm: oss: Fix data race at accessing runtime.oss.triggerInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46136 wifi: mt76: mt7921: fix a potential clc buffer length underflowInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46132 net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfoInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46170 mptcp: pm: ADD_ADDR rtx: free sk if lastInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46190 mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46230 drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msgInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46175 f2fs: fix fsck inconsistency caused by FGGC of node blockInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46123 Bluetooth: virtio_bt: clamp rx length before skb_putInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46238 batman-adv: stop caching unowned originator pointers in BAT IVInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46120 ip6_gre: Use cached t->net in ip6erspan_changelink().Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46108 ipmi:si: Return state to normal if message allocation failsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46152 wifi: mac80211: drop stray 'static' from fast-RX rx_resultInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46112 RDMA/hns: Fix unlocked call to hns_roce_qp_remove()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46114 RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloadsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46122 wifi: b43: enforce bounds check on firmware key index in b43_rx()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46146 ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46125 wifi: mac80211: remove station if connection prep failsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46227 sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALLInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46153 8021q: delete cleared egress QoS mappingsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46150 fanotify: fix false positive on permission eventsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46241 spi: mpc52xx: fix use-after-free on registration failureInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46147 KVM: arm64: Fix pin leak and publication ordering in __pkvm_init_vcpu()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46135 nvmet-tcp: fix race between ICReq handling and queue teardownInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-42496 Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directoryInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46189 RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error pathInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-9538 Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar headerInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46199 drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msgInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46151 usb: usblp: fix heap leak in IEEE 1284 device ID via short responseInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-42497 Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directoryInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46124 isofs: validate block number from NFS file handle in isofs_export_igetInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46106 eventfs: Hold eventfs_mutex and SRCU when remount walks eventsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46181 RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46178 RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46231 batman-adv: bla: put backbone reference on failed claim hash insertInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46200 spi: mpc52xx: fix controller deregistrationInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46209 drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46148 spi: microchip-core-qspi: control built-in cs manuallyInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46198 batman-adv: fix integer overflow on buff_posInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46111 Bluetooth: hci_conn: fix potential UAF in create_big_syncInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46195 smb: client: validate dacloffset before building DACL pointersInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46194 f2fs: fix node_cnt race between extent node destroy and writebackInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46109 usb: ulpi: fix memory leak on ulpi_register() error pathsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46229 drm/amdkfd: Clear VRAM on allocation to prevent stale data exposureInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46173 exit: prevent preemption of oopsing TASK_DEAD taskInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46160 btrfs: fix missing last_unlink_trans update when removing a directoryInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46180 wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog taskInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46115 block: add pgmap check to biovec_phys_mergeableInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46185 smb/client: fix out-of-bounds read in symlink_data()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46161 md/raid10: fix divide-by-zero in setup_geo() with zero far_copiesInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46212 batman-adv: bla: prevent use-after-free when deleting claimsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46205 staging: media: atomisp: Disallow all private IOCTLsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46171 riscv: kvm: fix vector context allocation leakInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46179 ASoC: SOF: Don't allow pointer operations on unconfigured streamsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46196 tracepoint: balance regfunc() on func_add() failure in tracepoint_add_func()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46143 ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opensInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46133 RDMA/rxe: Reject unknown opcodes before ICRC processingInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46129 btrfs: fix double free in create_space_info() error pathInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46218 drm/amdgpu: Add bounds checking to ib_{get,set}_valueInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46204 drm/amdgpu/vcn4: Prevent OOB reads when parsing IBInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46233 batman-adv: bla: only purge non-released claimsInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46156 LoongArch: Fix potential ADE in loongson_gpu_fixup_dma_hang()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46138 Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evtInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46187 wifi: rsi: fix kthread lifetime race between self-exit and external-stopInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46167 usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctlInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46113 KVM: x86: Fix shadow paging use-after-free due to unexpected GFNInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46206 batman-adv: reject new tp_meter sessions during teardownInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46130 dm-verity-fec: fix reading parity bytes split across blocks (take 3)Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46119 libceph: Fix slab-out-of-bounds access in auth message processingInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46169 hfsplus: fix uninit-value by validating catalog record sizeInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46142 net: libwx: fix VF illegal register accessInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46121 mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lockInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46144 RDMA/mana: Fix error unwind in mana_ib_create_qp_rss()Information published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46184 sound: ua101: fix division by zero at probeInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46174 x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cacheInformation published.MSRC.MICROSOFT.COM
29 MayCVE-2026-46193 xfrm: ah: account for ESN high bits in async callbacksInformation published.MSRC.MICROSOFT.COM
29 MayNotepad++ vulnerabilities could enable arbitrary code execution on Windows systemsTwo arbitrary code execution vulnerabilities in Notepad++ let local attackers run commands of their choice on Windows machines by tampering with the editor’s XML configuration files, with both flaws rated High at CVSS 7.8. The flaws, tracked as CVE-2026-48778 and CVE-2026-48800, …CSOONLINE.COM
29 MayNew infostealer reaches enterprise devices through FortiClient EMS vulnerabilityAttackers are delivering a broad-spectrum infostealer to enterprise computers by exploiting a known vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS). “The [malicious] payload was presented as a Fortinet endpoint update and executed through Fo…HELPNETSECURITY.COM
29 MayAttackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 ExploitAn unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability. "The attacker compromi…THEHACKERNEWS.COM
29 MayFederal audit reveals NIST’s NVD is plagued by poor planning and duplicationA report from the Commerce Inspector General details how mismanagement allowed a backlog of 27,000 unprocessed security flaws to grow unchecked, while the agency duplicated work with a similar CISA program. The post Federal audit reveals NIST’s NVD is plagued by poor planni…CYBERSCOOP.COM
29 MayRapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)Overview On May 13, 2026, Palo Alto Networks published a security advisory for CVE-2026-0257, a medium severity authentication bypass affecting PAN-OS and Prisma Access when a specific configuration is present. Successful exploitation of this vulnerability allows a remote unauthe…RAPID7.COM
29 MayMetasploit Wrap Up 05/29/2026More Linux LPEs Hark the age of the Linux LPE has arrived. This week’s release follows up on recent work bringing new Linux LPEs to Metasploit users. Copy Fail seemed to have kicked off a trend of similar bugs and hot on its heels is Dirty Frag. Dirty Frag is actually two vulnera…RAPID7.COM
29 MayMicrosoft and security researcher’s dueling posts about cybersecurity disclosures get nastyMicrosoft and a prominent cybersecurity researcher have gotten into a very public and rather personal exchange of unpleasantries about what responsible cybersecurity disclosures should mean in 2026. A cybersecurity researcher going by the name Nightmare Eclipse, who has disclosed…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 20[−]
29 MayLack of response to critical vulnerability in Gogs is a reminder of the limits of open source projectsA newly discovered and so far unpatched critical vulnerability in the open source Gogs Git service not only demands immediate action from developers to secure their code, it also puts a spotlight on the potential issues in using self-hosted code platforms from small maintainers. …CSOONLINE.COM
29 MayBuilding a risk-based vulnerability management program that scalesIn this Help Net Security video, Shankar Somasundaram, CEO at Asimily, explains how to build a risk-based vulnerability program. He notes that vulnerabilities are exploding by an order of magnitude in the age of AI-driven attacks, with one customer finding a thousand vulnerabilit…HELPNETSECURITY.COM
29 MayGDPR set the tone for regulatory action — and the AI fine pushback to comeBig tech firms continue to push back against fines levied for alleged violations of European data protection law, in what could be a harbinger for AI regulations to come. While lawyers and experts quizzed by CSO broadly argue that big tech firms contesting data protection rules i…CSOONLINE.COM
29 MayAnthropic launches Claude Opus 4.8, prepares Mythos-class models for all customersAnthropic has released Claude Opus 4.8 and outlined plans for broader access to its Mythos-class models, which the company expects to make available to all customers in the coming weeks. Claude Opus 4.8 (Source: Anthropic) Claude Opus 4.8 is available to all users, with pricing u…HELPNETSECURITY.COM
29 MayThe Gentlemen are coming for your files, and then your networkRansomware operators have spent years refining the art of locking files. Now, some are working harder to get those lockers to every reachable system first. Microsoft’s recent warning of the Gentlemen ransomware revealed its operators using a self-propagating Go-based encryptor ca…CSOONLINE.COM
29 MayChinese Hackers Exploit Iran War to Target Maritime and Energy CompaniesESET’s 2026 APT Activity Report suggests China-backed APTs are using instability in the region to target victims, as well as continuing activity against organizations around the globeINFOSECURITY-MAGAZINE.COM
29 MayCybersecurity trends in SEC filingsIn 2023, the Securities and Exchange Commission (SEC) required public companies to include a new section in their 10-K annual filings that is devoted to cybersecurity. This section is meant to address “cybersecurity risk management, strategy, governance and incidents.” I got curi…CSOONLINE.COM
29 May KEVChrome security update addresses 22 critical severity flawsGoogle has released a major Chrome security update that fixes 151 vulnerabilities in the browser, including 22 critical-severity flaws. While no actively exploited zero-days were disclosed, the unusually large number of vulnerabilities and the predominance of internally discovere…CYBERINSIDER.COM
29 MayChrome 148 Update Patches 151 VulnerabilitiesThe browser update resolves critical-severity security defects that could potentially lead to remote code execution. The post Chrome 148 Update Patches 151 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayLinkedIn-themed phishing abuses Adobe’s A/B testing platformA newly documented phishing campaign is targeting professionals with fake LinkedIn business emails and abusing a trusted service operated by Adobe. The attack from the victim’s perspective The attack starts with an email that looks, at first glance, like a routine business …HELPNETSECURITY.COM
29 MayGogs Zero-Day Exposes Servers to Remote Code ExecutionThe critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with malicious branch names. The post Gogs Zero-Day Exposes Servers to Remote Code Execution appeared first on SecurityWeek …SECURITYWEEK.COM
29 MayWith Complex Cloud Integrations, Small Errors Lead to Major CompromisesResearchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have compromised a popular automation service.DARKREADING.COM
29 May'The Com' Cyberattacks Support Violence & SexploitationYour organization's security failures have consequences for everyone else too, since this neo-Nazi-infested criminal gang uses its cyber winnings to support more violent and widespread crimes.DARKREADING.COM
29 MayMicrosoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop moreEach vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both attackers and security professionals.THERECORD.MEDIA
29 MayDutch police disrupts botnet composed of 17 million devicesThe Dutch National Police and the country’s National Cyber Security Center (NCSC) have taken offline 200 servers controlling a botnet of 17 million devices, the law enforcement agency announced on Thursday. The investigation was launched after the NCSC received a report by …HELPNETSECURITY.COM
29 MayCertifiably random: Swiss researchers claim perfect random number sourceResearchers in Switzerland claim to have built a perfect random number generator from two quantum superconducting chips, a 30-meter-long pipe, and some software. The resulting device could be used to generate cryptographic keys, or to offer a “public randomness service” for lotte…CSOONLINE.COM
29 MayChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing SurfaceCybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks. The technique has been…THEHACKERNEWS.COM
29 MayTennessee man linked to 764 accused of series of crimes against children dating back to 2022Zachary Sweeney allegedly traveled to New York, Indiana, Missouri and Georgia to meet and harm numerous victims in person. The FBI began investigating him in 2023. The post Tennessee man linked to 764 accused of series of crimes against children dating back to 2022 appeared first…CYBERSCOOP.COM
29 MayMind the gap between IT and OT.Iranian hackers hit LA transit. Chinese cyber operators target Middle East infrastructure. Dutch police take down a 17-million-device botnet. Researchers uncover a phishing risk in ChatGPT. Anthropic prepares its Mythos model for release. Chrome patches 22 critical bugs. Zapier f…THECYBERWIRE.COM
29 MayYour AI Doesn’t Understand AnythingLarge language models are statistical prediction systems trained to generate likely sequences of words based on massive datasets. They do not reason, understand context, or interpret meaning the same way humans do, even when their responses sound conversational or emotionally awa…YOUTUBE.COM
📢 SECURITY ADVISORIES 5[−]
29 MayNetskope extends data localization capabilities with NewEdge updatesNetskope has enhanced its NewEdge Network infrastructure, expanding data sovereignty capabilities to more regions than any other SASE cloud provider. The NewEdge Network architecture provides national data localization features that address requirements for network transport, dat…HELPNETSECURITY.COM
29 MayChilling EffectsYounger Americans have soured on the second Donald Trump presidency , but they are not protesting it. Despite an unpopular Iran war and an even more unpopular Trump administration , college campus protests nationwide have gone silent . And at many schools, student activism is vir…SCHNEIER.COM
29 MayCISA urges security teams to check for software development compromisesThe agency warned about a wave of attacks targeting credentials and other secrets across critical supply chains.CYBERSECURITYDIVE.COM
29 MayIn Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain AttacksNoteworthy stories that might have slipped under the radar: Trump Mobile exposes customer data, phishers target the 2026 FIFA World Cup, CISA responds to recent supply chain attacks. The post In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Suppl…SECURITYWEEK.COM
29 MayThe White House’s Aliens.gov Site Brags That ICE Arrested More Than 700 US CitizensThe website, which compares human beings to extraterrestrials, touts arrest numbers from the Trump administration’s sweeping immigration crackdown. But some of its details are really out there.WIRED.COM
🔥 INCIDENT REPORTING 11[−]
29 MayProduct showcase: TotalAV helps iOS users clean up their digital messTotalAV Mobile Security helps protect devices from malicious websites, SMS scams, unsafe public Wi-Fi networks, and exposed credentials. The app is available for Windows, Android, macOS, and iOS devices. After downloading the app from the App Store, users provide an email address…HELPNETSECURITY.COM
29 MayKimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code TunnelsThe North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026. "Kimsuky employed a range of tailored social engineering t…THEHACKERNEWS.COM
29 MayHumanix expands detection to identify live violations of security proceduresHumanix has announced a capability to identify live violations of organization-defined procedures governing IT support workflows. Designed to prevent unauthorized access, these procedures typically require help desk and service desk agents to follow identity verification steps be…HELPNETSECURITY.COM
29 MayCharter Communications data breach affects 4.9 million accountsThe ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking the U.S. telecom giant Charter Communications in early April, according to data breach notification service Have I Been Pwned. [...]BLEEPINGCOMPUTER.COM
29 MayMalicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud SecretsCybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon client IDs and PFX certificates. According to Socket, versions 2.0.0 through 2.0.4 of…THEHACKERNEWS.COM
29 MayCalifornia Sues 23andMe, Alleging It Failed to Protect User Data in 2023 BreachAttorney General Rob Bonta filed the lawsuit against Chrome Holding Co., which 23andMe rebranded under after filing for bankruptcy last March. The post California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayNew Russian-Linked GREYVIBE Targets Ukraine with AI-Powered CyberattacksA previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Ru…THEHACKERNEWS.COM
29 MaySilent Ransom Group Uses In-Person IT Impersonation to Breach SystemsThreat actors from the Silent Ransom Group, aka Luna Moth, are escalating attacks by impersonating IT staff in phone calls and even showing up in person to gain direct access to victim systemsINFOSECURITY-MAGAZINE.COM
29 MayCharter Communications Data Breach Could Impact Nearly 5 MillionThe notorious ShinyHunters extortion group leaked over 42 million records allegedly stolen from Charter in April. The post Charter Communications Data Breach Could Impact Nearly 5 Million appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayMokN Raises $15 Million for Phish-Back PlatformMokN's platform deploys realistic decoy access points to lure attackers into revealing compromised credentials, enabling organizations to respond before abuse occurs. The post MokN Raises $15 Million for Phish-Back Platform appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayCalifornia AG sues 23andMe over 2023 breach exposing health dataCalifornia Attorney General Rob Bonta filed a lawsuit against 23andMe, now Chrome Holding Co., over the company's failure to protect sensitive customer genetic and personal information. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 18[−]
29 MayISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
29 MayNew infosec products of the month: May 2026Here’s a look at the most interesting products from the past month, featuring releases from Alation, AppOmni, Apricorn, ASAPP, Babel Street, Checksum, Cogent, CTERA, Forward, LastPass, Operant AI, Riverbed, Sysdig, Trust3 AI, TrustCloud, VIAVI, Versa Networks, and XM Cyber. Opera…HELPNETSECURITY.COM
29 MayTyposquatted npm packages used to steal cloud and CI/CD secretsThe Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack chain, detection opportunities, and mitigation guidance to help organizations identify and disrupt related activity. The po…MICROSOFT.COM
29 MayThe behavioral signals that sharpen Trojan malware detectionMalware analysts spend a lot of time deciding which signals from a sandbox run are worth keeping. A sample executed in a controlled environment can generate hundreds of measurable attributes covering file structure, registry edits, process behavior, and network traffic. Most of t…HELPNETSECURITY.COM
29 MayClaroty targets cyber-physical system risks with AI-powered security agentClaroty has launched Claroty Claire, a CPS-native AI security agent designed to help organizations defend mission-critical infrastructure. Claire is powered by a CPS language model trained on more than a decade of industry expertise and CPS-related data. The launch expands organi…HELPNETSECURITY.COM
29 MayMicrosoft 365 Copilot redesign brings context and actions into one workspaceMicrosoft 365 Copilot, an AI assistant that helps people write, summarize, analyze information, and complete work tasks, has been redesigned. It now serves as a single, flexible entry point to Copilot across Microsoft 365 apps, suggesting relevant actions based on the user’…HELPNETSECURITY.COM
29 MayWebsites can spy on user activity by analyzing SSD behaviorWebsites have spent years collecting information about visitors through browser fingerprinting, tracking scripts, and other techniques designed to identify devices and monitor behavior. Researchers have demonstrated another method that relies on something most users would never e…HELPNETSECURITY.COM
29 MayNew FROST attack leverages SSD side-channel to reveal browsing activitySecurity researchers have demonstrated a new browser-based side-channel attack that can monitor user activity by measuring subtle timing variations in SSD access, allowing malicious websites to infer which sites users visit and which applications they launch. The attack, named FR…CYBERINSIDER.COM
29 MayThe Firmware Your PC TrustsMany hardware devices ship with small firmware components called option ROMs that help UEFI initialize hardware during the boot process. These aren’t traditional operating system drivers. They run earlier, inside firmware, and help systems communicate with components like network…YOUTUBE.COM
29 MayA Gartner take on the MDR market in 2026For CISOs navigating the AI era, the question is no longer whether AI will change the SOC. It is whether the current service model is the right vehicle for that change. The post A Gartner take on the MDR market in 2026 appeared first on Intezer .INTEZER.COM
29 MayCybersecurity & Arctic Sovereignty: Protecting Canada's Most Vulnerable Infrastructure Cheryl BiswasHost David Shipley speaks with cybersecurity professional Cheryl Biswas about her journey into the industry and why she believes Arctic sovereignty must be viewed as a cybersecurity challenge as much as a geopolitical one. Biswas traces her path from political science and a help …CYBERSECURITYTODAY.LIBSYN.COM
29 MayDNS-AID will make AI agents easier to discover, says Linux FoundationAs AI agents become more numerous and more communicative, keeping track of where to find them is becoming increasingly important. Numerous proprietary agent registries are on the market, but the Linux Foundation suggests we simply extend the distributed, open Domain Name System (…CSOONLINE.COM
29 MaySignal users targeted by attackers seeking backup recovery keysSignal users are being targeted in a new phishing campaign that attempts to steal recovery keys used to access the platform's encrypted cloud backups. Attackers who obtain these keys could gain access to entire message archives, including older conversations, photos, and document…CYBERINSIDER.COM
29 MayMicrosoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint ProtectionMicrosoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. The post Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection appeared first on Microsoft Security Blog .MICROSOFT.COM
29 MayChatGPT share links abused to host fake outage pages to deliver malwareThreat actors are abusing ChatGPT's content-sharing feature to display fake OpenAI outage pages that direct users to download malware disguised as the ChatGPT desktop application. [...]BLEEPINGCOMPUTER.COM
29 MayName That Toon: Mark of (Cybersecurity) ProgressAs part of Dark Reading's 20th anniversary package, we asked readers for a cybersecurity-related caption that captures their thoughts about the industry's last two decades.DARKREADING.COM
29 MayFriday Squid Blogging: Another SquidSomeone named “Squid” seems to be a “ West Country legend .” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.SCHNEIER.COM
29 MaySidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Beliefs, Josh Marpet - SWN #585Sidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Belief Systems, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-585YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
29 MayWhat’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistantWhat are the main risks for container environments: vulnerabilities, supply chain attacks, configuration errors; how to improve container security and how Kaspersky Container Security with the KIRA AI assistant can help.SECURELIST.COM
29 MayAI-Generated npm Malware Leaks Its Own GitHub TokenSloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operatorINFOSECURITY-MAGAZINE.COM
29 MayFrom $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service MarketDDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare explores how the DDoS-as-a-Service market has evolved from scattered tools into polished attack platforms. [...]BLEEPINGCOMPUTER.COM
29 MayDutch govt disrupts malware botnet with 17 million infected devicesDutch authorities have taken offline a massive botnet of 17 million devices and seized more than 200 servers at a local provider that supported the operation. [...]BLEEPINGCOMPUTER.COM
29 MayResearchers blame Iranian government for LA transit authority hack.Thousands of domains are impersonating FIFA ahead of the World Cup. Dutch police dismantle a botnet.THECYBERWIRE.COM
📡 INFOSEC NEWS 10[−]
29 MayPolice arrest man following hack of Ajax football clubDutch police have arrested a 35-year-old man suspected of hacking into the computer systems of Amsterdam football giant Ajax, after the personal data of hundreds of thousands of supporters was put at risk. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
29 MayInfosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec Takes OverFrom a research-driven pilot, the Cybersecurity Communities of Support (CyCOS) is about to be handed over to CIISecINFOSECURITY-MAGAZINE.COM
29 MayUS charges Google security engineer with Polymarket insider tradingA Google security engineer was charged with insider trading after winning $1.2 million using confidential company data to place bets on the cryptocurrency-based Polymarket decentralized prediction market. [...]BLEEPINGCOMPUTER.COM
29 MayWhat 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security StacksShadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing them on the open internet. Without Security or IT in the loop. The artifac…THEHACKERNEWS.COM
29 MayMan sent to prison for selling data of 7 millions elderly AmericansA North Carolina man was sentenced to more than 10 years in prison for selling the personal information of over 7 million elderly Americans to Jamaican scammers. [...]BLEEPINGCOMPUTER.COM
29 MaySignal users targeted in backup-stealing phishing attacksCybercriminals are impersonating Signal Support to steal backup recovery keys, giving them access to victims' entire message archives.MALWAREBYTES.COM
29 MayGoogle Chrome adds session cookie theft protection for all usersGoogle says the Chrome Device Bound Session Credentials (DBSC) security feature is now generally available and is rolling out to all users to prevent account takeovers. [...]BLEEPINGCOMPUTER.COM
29 MayFinal 24 hours to save up to $410 on your TechCrunch Disrupt 2026 ticketYou now have until tonight at 11:59 p.m. PT to lock in Early Bird savings of up to $410 for TechCrunch Disrupt 2026 before prices increase. Join 10,000+ tech leaders in October for one of the most anticipated tech events of the year. Register now.TECHCRUNCH.COM
29 MayAsia's Cyber Insurance Market Shows Signs of LifeThe cyber insurance industry has made relatively weak inroads into Asia due to a a variety of factors, but that could be changing.DARKREADING.COM
29 MayMicrosoft under fire for threatening security researcher with criminal investigationA public spat between Microsoft and an independent security researcher reopens a long-running debate over who is responsible for securing software.TECHCRUNCH.COM