Cyber Threat Brief

Cyber Threat Brief

2026-05-23: Drupal Core SQL injection (CVE-2026-9082) and Trend Micro Apex One directory traversal

27 min · 23. Mai 2026
Loslegen
Episode 2026-05-23: Drupal Core SQL injection (CVE-2026-9082) and Trend Micro Apex One directory traversal Cover

Beschreibung

SHOW NOTES - 2026-05-23 STORIES COVERED * Today: * Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV (CVE-2026-9082) [https://thehackernews.com/2026/05/drupal-core-sql-injection-bug-actively.html] [Critical Alerts] * Trend Micro Apex One Zero-Day Exploited in the Wild (CVE-2026-34926) [https://www.bleepingcomputer.com/news/security/trend-micro-warns-of-apex-one-zero-day-exploited-in-attacks/] [Critical Alerts] * LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root [https://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html] [Critical Alerts] * FBI Warns About Fast-Growing Phishing Kit Targeting Microsoft 365 Users (Kali365) [https://cyberscoop.com/fbi-phishing-kali365-microsoft365-access-tokens/] [Business & Infrastructure Threats] * First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups [https://thehackernews.com/2026/05/first-vpn-dismantled-in-global-takedown.html] [Business & Infrastructure Threats] * Four-Faith Industrial Router Vulnerability Exploited by Botnets (CVE-2024-9643) [https://www.securityweek.com/in-other-news-industrial-router-exploitation-cisa-kev-nomination-form-gas-station-hacking/] [Business & Infrastructure Threats] * Multi-Stage Linux Intrusion via F5 and Confluence Edge Appliance Compromise [https://www.microsoft.com/en-us/security/blog/2026/05/22/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5-and-confluence/] [Business & Infrastructure Threats] * Iranian Hackers Suspected in US Gas Station Tank Monitor Breaches [https://www.securityweek.com/in-other-news-industrial-router-exploitation-cisa-kev-nomination-form-gas-station-hacking/] [Business & Infrastructure Threats] * CISA Contractor Exposes Credentials on Public GitHub Repository [https://www.securityweek.com/in-other-news-industrial-router-exploitation-cisa-kev-nomination-form-gas-station-hacking/] [Business & Infrastructure Threats] * Hugging Face Hiding Second-Stage Malware for npm Supply Chain Attack [https://databreaches.net/2026/05/22/hugging-face-hiding-second-stage-malware-for-npm-supply-chain-attack/?pk_campaign=feed&pk_kwd=hugging-face-hiding-second-stage-malware-for-npm-supply-chain-attack] [Business & Infrastructure Threats] * New macOS Stealer Variant Masquerades as Apple, Google & Microsoft (Reaper) [https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-21-7/] [General Security News] * Interpol Operation Ramz Rounds Up 200+ Cybercrime Suspects Across Middle East and North Africa [https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-21-7/] [General Security News] * Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks [https://www.darkreading.com/cyber-risk/verizon-dbir-healthcare-fends-off-increased-social-engineering-attacks] [General Security News] * CVE-2026-41091 (CISA-KEV, EPSS 0.066, 91st percentile) [Vulnerability Disclosures] * CVE-2026-45401 (EPSS 0.000, 12th percentile) [Vulnerability Disclosures] * CVE-2025-14575 (Qt Network OpenSSL TLS backend, EPSS 0.000, 1st percentile) [Vulnerability Disclosures] * CVE-2026-3593 (BIND 9 DNS-over-HTTPS, EPSS 0.000, 5th percentile) [Vulnerability Disclosures] * CVE-2026-42009 (GnuTLS DTLS, EPSS 0.001, 31st percentile) [Vulnerability Disclosures] * CVE-2026-3039 (BIND 9, EPSS 0.001, 16th percentile) [Vulnerability Disclosures] * CVE-2026-3592 (BIND 9, EPSS 0.000, 4th percentile) [Vulnerability Disclosures] * CVE-2026-5946 (BIND 9, EPSS 0.000, 11th percentile) [Vulnerability Disclosures] * CVE-2026-5950 (BIND 9, EPSS 0.001, 21st percentile) [Vulnerability Disclosures] * CVE-2026-41054 (haveged, EPSS 0.000, 0th percentile) [Vulnerability Disclosures] * CVE-2026-8723 (qs.stringify, EPSS 0.000, 14th percentile) [Vulnerability Disclosures] * CVE-2026-5947 (BIND 9, EPSS 0.000, 6th percentile) [Vulnerability Disclosures] * CVE-2026-8711 (NGINX JavaScript, EPSS 0.002, 47th percentile) [Vulnerability Disclosures] * CVE-2025-51480 (ONNX 1.17.0, EPSS 0.004, 59th percentile) [Vulnerability Disclosures] * CVE-2023-6606 (Linux kernel SMB, EPSS 0.000, 1st percentile) [Vulnerability Disclosures] * CVE-2025-39932 (Linux SMB client, EPSS 0.000, 2nd percentile) [Vulnerability Disclosures] * Multiple Linux kernel CVEs [Vulnerability Disclosures] CVES REFERENCED CVE-2022-40139, CVE-2023-41179, CVE-2023-6606, CVE-2024-9643, CVE-2025-14575, CVE-2025-39901, CVE-2025-39905, CVE-2025-39927, CVE-2025-39932, CVE-2025-39940, CVE-2025-39990, CVE-2025-40003, CVE-2025-40064, CVE-2025-40065, CVE-2025-40074, CVE-2025-51480, CVE-2025-54948, CVE-2026-3039, CVE-2026-34926, CVE-2026-3592, CVE-2026-3593, CVE-2026-41054, CVE-2026-41091, CVE-2026-41940, CVE-2026-42009, CVE-2026-45401, CVE-2026-48172, CVE-2026-5946, CVE-2026-5947, CVE-2026-5950, CVE-2026-8711, CVE-2026-8723, CVE-2026-9082 INDICATORS OF COMPROMISE IP Addresses: 5.3.1.0, 2.223.66.103, 5.181.234.59, 92.38.148.58 Read the full brief [https://carolinacleartech.com/brief/2026-05-23/]

Kommentare

0

Sei die erste Person, die kommentiert

Melde dich jetzt an und werde Teil der Cyber Threat Brief-Community!

Loslegen

2 Monate für 1 €

Dann 4,99 € / Monat · Jederzeit kündbar.

  • Podcasts nur bei Podimo
  • 20 Stunden Hörbücher / Monat
  • Alle kostenlosen Podcasts
Loslegen

Alle Folgen

90 Folgen

Episode 2026-06-02: Critical Alerts Cover

2026-06-02: Critical Alerts

SHOW NOTES - 2026-06-02 STORIES COVERED * CVE-2026-21182: Oracle WebLogic Server Added to CISA KEV [https://www.cisa.gov/news-events/alerts/2026/06/01/cisa-adds-one-known-exploited-vulnerability-catalog] [Critical Alerts] * CVE-2026-41089: Windows Netlogon RCE Under Active Exploitation [https://www.bleepingcomputer.com/news/microsoft/critical-windows-netlogon-remote-code-execution-flaw-now-exploited-in-attacks/] [Critical Alerts] * CVE-2026-0257: Palo Alto Networks GlobalProtect Authentication Bypass Exploited [https://www.securityweek.com/recent-palo-alto-networks-vulnerability-exploited-for-weeks/] [Critical Alerts] * Gogs Remote Code Execution Zero-Day (No CVE Yet) [https://thehackernews.com/2026/06/weekly-recap-new-linux-flaw-pan-os.html] [Critical Alerts] * Red Hat npm Packages Compromised in Supply Chain Attack [https://www.bleepingcomputer.com/news/security/red-hat-npm-packages-compromised-to-steal-developer-credentials/] [Business & Infrastructure Threats] * DriveSurge Campaign Hijacks Thousands of Sites for Malware Distribution [https://www.bleepingcomputer.com/news/security/hackers-hijack-thousands-of-sites-for-clickfix-and-fakeupdate-attacks/] [Business & Infrastructure Threats] * codexui-android npm Package Steals OpenAI Codex Tokens [https://thehackernews.com/2026/06/openai-codex-authentication-tokens.html] [Business & Infrastructure Threats] * Meta AI Support Bot Exploited for Instagram Account Takeover [https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/] [Business & Infrastructure Threats] * WordPress Malware Hides C2 Data in Steam Profile Comments [https://www.bleepingcomputer.com/news/security/wordpress-malware-campaign-hides-payloads-in-steam-profiles/] [Business & Infrastructure Threats] * CVE-2026-45498, CVE-2026-33825, CVE-2026-41091: Additional Windows Zero-Days Under Exploitation [https://www.bleepingcomputer.com/news/microsoft/critical-windows-netlogon-remote-code-execution-flaw-now-exploited-in-attacks/] [Windows / AD Security] * Microsoft Outages Affecting MFA Setup and Office Apps [https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-outage-affecting-mfa-setup-mysignin-service/] [Windows / AD Security] * KB5089549 Windows 11 Security Update Installation Issues Resolved [https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-kb5089549-windows-security-update-install-issues/] [Windows / AD Security] * CVE-2026-26980: Ghost CMS SQL Injection Under Active Exploitation [https://research.checkpoint.com/2026/1st-june-threat-intelligence-report/] [General Security News] * CVE-2026-8732: WP Maps Pro WordPress Plugin Exploited for Site Takeover [https://www.securityweek.com/wp-maps-pro-vulnerability-exploited-to-take-over-wordpress-sites/] [General Security News] * Dashlane Brute-Force Attack Results in Limited Vault Downloads [https://www.bleepingcomputer.com/news/security/dashlane-password-manager-users-locked-out-by-brute-force-attacks/] [General Security News] * SVG Files Used in Phishing Campaigns [https://isc.sans.edu/diary/rss/33040] [General Security News] * GlassWorm C2 Infrastructure Taken Down [https://thehackernews.com/2026/06/weekly-recap-new-linux-flaw-pan-os.html] [General Security News] * Carnival Corporation, Charter Communications, Lithuania Data Breaches [https://research.checkpoint.com/2026/1st-june-threat-intelligence-report/] [General Security News] * Spain Arrests Doxer Targeting Government Employees [https://www.bleepingcomputer.com/news/security/spain-arrests-doxer-leaking-sensitive-data-of-govt-employees/] [General Security News] * Check Point Security Gateways: CVE-2026-48131, CVE-2026-48132 [https://research.checkpoint.com/2026/1st-june-threat-intelligence-report/] [Vulnerability Disclosures] * China-Aligned Threat Activity Targeting Czech Republic, Taiwan, India [https://thehackernews.com/2026/06/china-aligned-groups-ramp-up-attacks.html] [Vulnerability Disclosures] * Pakistan-Linked SideCopy Targets Afghanistan with Xeno RAT [https://thehackernews.com/2026/06/pakistan-linked-sidecopy-targets.html] [Vulnerability Disclosures] CVES REFERENCED CVE-2026-0257, CVE-2026-21182, CVE-2026-26980, CVE-2026-33825, CVE-2026-41089, CVE-2026-41091, CVE-2026-45498, CVE-2026-45585, CVE-2026-48131, CVE-2026-48132, CVE-2026-8732 INDICATORS OF COMPROMISE IP Addresses: 164.92.88.210 Read the full brief [https://carolinacleartech.com/brief/2026-06-02/]

2. Juni 202622 min
Episode 2026-06-01: Critical WordPress plugin flaw under active exploitation allows unauthenticated admin account Cover

2026-06-01: Critical WordPress plugin flaw under active exploitation allows unauthenticated admin account

SHOW NOTES - 2026-06-01 STORIES COVERED * Today: * Critical WP Maps Pro Flaw Actively Exploited (CVE-2026-8732) [https://thehackernews.com/2026/06/critical-wp-maps-pro-flaw-actively.html] [Critical Alerts] * Dutch Authorities Dismantle 17 Million Device Botnet [https://thehackernews.com/2026/05/dutch-authorities-dismantle-botnet.html] [Business & Infrastructure Threats] * Container Attack Vectors Continue to Threaten Cloud Environments (CVE-2019-5736, CVE-2022-0492) [https://securelist.com/container-attack-vectors/120010/] [Business & Infrastructure Threats] * SmartApeSG ClickFix Campaign Delivers Multi-Stage RAT Infections [https://isc.sans.edu/diary/rss/33034] [Business & Infrastructure Threats] * Ransomware Group Claims HDFC AMC Data Theft [https://databreaches.net/2026/05/31/bombay-high-court-issues-injunction-prohibiting-hackers-from-publishing-allegedly-hacked-hdfc-investor-data/?pk_campaign=feed&pk_kwd=bombay-high-court-issues-injunction-prohibiting-hackers-from-publishing-allegedly-hacked-hdfc-investor-data] [Business & Infrastructure Threats] * Russia Expands SORM Surveillance Requirements [https://news.risky.biz/risky-bulletin-russia-greatly-expands-sorm-surveillance-requirements/] [General Security News] * 2026 Election Threats Target Campaign Infrastructure, Not Voting Systems [https://cyberscoop.com/2026-election-cyber-threats-campaign-systems/] [General Security News] * YARA-X 1.17.0 Released [https://isc.sans.edu/diary/rss/33032] [General Security News] * CVE-2026-8732 - WP Maps Pro Privilege Escalation [https://thehackernews.com/2026/06/critical-wp-maps-pro-flaw-actively.html] [Vulnerability Disclosures] * CVE-2019-5736 - Container Runtime Escape [https://securelist.com/container-attack-vectors/120010/] [Vulnerability Disclosures] * CVE-2022-0492 - Container Escape Vulnerability [https://securelist.com/container-attack-vectors/120010/] [Vulnerability Disclosures] CVES REFERENCED CVE-2019-5736, CVE-2022-0492, CVE-2026-8732 INDICATORS OF COMPROMISE IP Addresses: 89.110.110.119, 185.163.47.217, 178.156.165.82, 178.156.173.194 Read the full brief [https://carolinacleartech.com/brief/2026-06-01/]

Gestern12 min
Episode 2026-05-31: Palo Alto GlobalProtect VPN suffers active exploitation of an authentication bypass (CVE-2026-0257 Cover

2026-05-31: Palo Alto GlobalProtect VPN suffers active exploitation of an authentication bypass (CVE-2026-0257

SHOW NOTES - 2026-05-31 STORIES COVERED * Today: * Palo Alto GlobalProtect VPN Authentication Bypass (CVE-2026-0257) [https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/] [Critical Alerts] * CIFSwitch Linux Privilege Escalation [https://www.bleepingcomputer.com/news/security/new-cifswitch-linux-flaw-gives-root-on-multiple-distributions/] [Critical Alerts] * Flowise AI Platform RCE (CVE-2026-40933) [https://www.securityweek.com/exploit-code-published-for-critical-flowise-rce-vulnerability/] [Critical Alerts] * Russian Intelligence Technology Procurement Escalation [https://www.securityweek.com/russian-spies-are-aggressively-seeking-western-technology-as-sanctions-bite-officials-say/] [Business & Infrastructure Threats] * GnuTLS Certificate Validation Bypass Flaws [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42012] [Vulnerability Disclosures] * Additional Certificate Validation Flaws [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42790] [Vulnerability Disclosures] * KubeVirt Security Flaws [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7374] [Vulnerability Disclosures] * Node.js Permission Model Flaws [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-36137] [Vulnerability Disclosures] * Other Disclosed Vulnerabilities [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46242] [Vulnerability Disclosures] * Microsoft Incident Response Criticized [https://databreaches.net/2026/05/30/microsofts-incident-response-is-getting-a-failing-grade-from-researchers/?pk_campaign=feed&pk_kwd=microsofts-incident-response-is-getting-a-failing-grade-from-researchers] [General Security News] CVES REFERENCED CVE-2024-22018, CVE-2024-36137, CVE-2025-15649, CVE-2025-23167, CVE-2026-0257, CVE-2026-40034, CVE-2026-40510, CVE-2026-40528, CVE-2026-40933, CVE-2026-42012, CVE-2026-42013, CVE-2026-42015, CVE-2026-42789, CVE-2026-42790, CVE-2026-44839, CVE-2026-46242, CVE-2026-48864, CVE-2026-48962, CVE-2026-5260, CVE-2026-7374, CVE-2026-9804 Read the full brief [https://carolinacleartech.com/brief/2026-05-31/]

31. Mai 202613 min
Episode 2026-05-30: Palo Alto GlobalProtect bypass is now actively exploited with CISA adding CVE-2026-0257 to KEV Cover

2026-05-30: Palo Alto GlobalProtect bypass is now actively exploited with CISA adding CVE-2026-0257 to KEV

SHOW NOTES - 2026-05-30 STORIES COVERED * Today: * Gogs Zero-Day Exposes Servers to Remote Code Execution (CVE-2025-8110) [https://www.securityweek.com/gogs-zero-day-exposes-servers-to-remote-code-execution/] [Critical Alerts] * PAN-OS GlobalProtect Authentication Bypass Under Active Exploitation (CVE-2026-0257) [https://thehackernews.com/2026/05/pan-os-globalprotect-authentication.html] [Critical Alerts] * Marimo Post-Exploitation via LLM Agent (CVE-2026-39987) [https://thehackernews.com/2026/05/attackers-use-llm-agent-for-post.html] [Critical Alerts] * Silent Ransom Group Escalates to Physical Intrusions [https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-22-7/] [Ransomware & Extortion] * Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Campaigns [https://thehackernews.com/2026/05/new-russian-linked-greyvibe-targets.html] [Ransomware & Extortion] * The Com Criminal Collective Funds Violence via Cybercrime [https://www.darkreading.com/threat-intelligence/the-com-cyberattacks-violence-sexploitation] [Ransomware & Extortion] * Malicious npm Packages Abuse Dependency Confusion to Profile Environments [https://www.microsoft.com/en-us/security/blog/2026/05/29/33-malicious-npm-packages-abuse-dependency-confusion-profile-developer-environments/] [Business & Infrastructure Threats] * Malicious Sicoob NuGet Package Steals Brazilian Banking Credentials [https://thehackernews.com/2026/05/malicious-sicoob-nuget-steals-banking.html] [Business & Infrastructure Threats] * 14 Malicious npm Packages Target AWS and CI/CD Secrets [https://thehackernews.com/2026/05/malicious-sicoob-nuget-steals-banking.html] [Business & Infrastructure Threats] * TrapDoor Supply Chain Campaign Hits 176 npm Packages [https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-22-7/] [Business & Infrastructure Threats] * ChatGPT Share Links Abused for Malware Distribution [https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/] [Business & Infrastructure Threats] * Shadow AI: 2,000+ Vibe-Coded Apps Exposed Corporate Data [https://thehackernews.com/2026/05/what-2000-exposed-vibe-coded-apps.html] [Business & Infrastructure Threats] * Zapier Nearly Compromised via Multi-Step Exploit Chain [https://www.darkreading.com/vulnerabilities-threats/complex-cloud-integrations-small-errors-compromises] [Business & Infrastructure Threats] * Dutch Authorities Disrupt 17 Million Device Botnet [https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/] [General Security News] * Stark Industries Hosting Network Dismantled [https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-22-7/] [General Security News] * Google Chrome Rolls Out Device Bound Session Credentials [https://www.bleepingcomputer.com/news/security/google-chrome-adds-session-cookie-theft-protection-for-all-users/] [General Security News] * California AG Sues 23andMe Over 2023 Breach [https://www.bleepingcomputer.com/news/security/california-ag-sues-23andme-over-2023-breach-exposing-health-data/] [General Security News] * DDoS-as-a-Service Market Evolves from Scripts to Polished Products [https://www.bleepingcomputer.com/news/security/from-5-attacks-to-botnet-powered-platforms-inside-the-ddos-as-a-service-market/] [General Security News] * Chrome 148 Patches 151 Vulnerabilities [https://www.securityweek.com/chrome-148-update-patches-151-vulnerabilities/] [Vulnerability Disclosures] * VS Code Remote SSH Extension Vulnerability [https://www.securityweek.com/in-other-news-trump-mobile-data-breach-fifa-world-cup-phishing-cisa-responds-to-supply-chain-attacks/] [Vulnerability Disclosures] * Veeam, Notepad++, Roundcube Patches [https://www.securityweek.com/in-other-news-trump-mobile-data-breach-fifa-world-cup-phishing-cisa-responds-to-supply-chain-attacks/] [Vulnerability Disclosures] * CISA Expands KEV Catalog with Supply Chain Attack CVEs [https://www.securityweek.com/in-other-news-trump-mobile-data-breach-fifa-world-cup-phishing-cisa-responds-to-supply-chain-attacks/] [Vulnerability Disclosures] * ChatGPhish Vulnerability in ChatGPT Web Summaries [https://thehackernews.com/2026/05/chatgphish-vulnerability-turns-chatgpt.html] [Vulnerability Disclosures] * SymJack and TrustFall: AI Coding Agent Attacks [https://thehackernews.com/2026/05/chatgphish-vulnerability-turns-chatgpt.html] [Vulnerability Disclosures] * CIFSwitch: Linux Local Root Vulnerability [https://www.schneier.com/blog/archives/2026/05/friday-squid-blogging-another-squid.html] [Vulnerability Disclosures] CVES REFERENCED CVE-2025-8110, CVE-2026-0257, CVE-2026-39987, CVE-2026-9872, CVE-2026-9873, CVE-2026-9874, CVE-2026-9875, CVE-2026-9876 INDICATORS OF COMPROMISE Domains: openew[.]app Read the full brief [https://carolinacleartech.com/brief/2026-05-30/]

30. Mai 202631 min
Episode 2026-05-29: Gogs zero-day enables remote code execution on 2,400+ Internet-exposed servers Cover

2026-05-29: Gogs zero-day enables remote code execution on 2,400+ Internet-exposed servers

SHOW NOTES - 2026-05-29 STORIES COVERED * Today: * Gogs Zero-Day Allows Remote Code Execution [https://www.bleepingcomputer.com/news/security/new-gogs-zero-day-flaw-lets-hackers-get-remote-code-execution/] [Critical Alerts] * DAEMON Tools Supply Chain Attack (CVE-2026-8398) [https://thehackernews.com/2026/05/threatsday-bulletin-claude-security.html] [Critical Alerts] * Multiple Windows Zero-Days Under Active Exploitation (CVE-2026-33825, CVE-2026-41091, CVE-2026-45498) [https://thehackernews.com/2026/05/microsoft-slams-public-zero-day.html] [Critical Alerts] * GitHub and Nx Console Supply Chain Intrusions (CVE-2026-48027) [https://www.cisa.gov/news-events/alerts/2026/05/28/supply-chain-compromises-impact-nx-console-and-github-repositories] [Critical Alerts] * FortiClient EMS Vulnerability Exploited for Infostealer Deployment (CVE-2026-35616) [https://www.securityweek.com/critical-forticlient-ems-vulnerability-exploited-in-fresh-attacks/] [Critical Alerts] * The Gentlemen Ransomware: Self-Propagating Go Encryptor [https://www.microsoft.com/en-us/security/blog/2026/05/28/the-gentlemen-ransomware-dissecting-a-self-propagating-go-encryptor/] [Ransomware & Extortion] * 1,350 C2 Servers Across Middle East Infrastructure [https://thehackernews.com/2026/05/threatsday-bulletin-claude-security.html] [Business & Infrastructure Threats] * Azure Backup for AKS Privilege Escalation Flaw [https://thehackernews.com/2026/05/threatsday-bulletin-claude-security.html] [Business & Infrastructure Threats] * Romanian Cybercrime Operator Sentenced to 56 Months [https://thehackernews.com/2026/05/threatsday-bulletin-claude-security.html] [Business & Infrastructure Threats] * IBM and Red Hat Commit $5 Billion to "Project Lightwell" for Open Source Supply Chain Security [https://www.securityweek.com/ibm-and-red-hat-commit-5-billion-to-secure-open-source-supply-chains-under-project-lightwell/] [General Security News] * MacGregor Voyage Data Recorder (VDR) G4e [https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-01] [Vulnerability Disclosures] * KMW CCTV Security Cameras (CVE-2026-5386) [https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-06] [Vulnerability Disclosures] * Perl Archive::Tar Vulnerabilities [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42496] [Vulnerability Disclosures] * Multiple Linux Kernel CVEs [Vulnerability Disclosures] * bzip2 Off-by-One Vulnerability (CVE-2026-42250) [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42250] [Vulnerability Disclosures] CVES REFERENCED CVE-2024-39930, CVE-2024-39932, CVE-2024-39933, CVE-2025-8110, CVE-2026-33825, CVE-2026-35616, CVE-2026-40425, CVE-2026-41091, CVE-2026-42250, CVE-2026-42496, CVE-2026-42929, CVE-2026-42941, CVE-2026-42951, CVE-2026-44611, CVE-2026-45498, CVE-2026-45585, CVE-2026-46107, CVE-2026-46155, CVE-2026-46186, CVE-2026-46195, CVE-2026-46232, CVE-2026-48027, CVE-2026-5386, CVE-2026-8398, CVE-2026-9538 Read the full brief [https://carolinacleartech.com/brief/2026-05-29/]

29. Mai 202619 min