Cyber Daily News

Cyber Daily News for May 25, 2026

Cyber Daily News for May 25, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens https://thecyberexpress.com/kali365-phishing-kit-hijacks-microsoft-365/ - Over 5,500 GitHub Repositories Infected in 'Megalodon' Supply Chain Attack https://www.securityweek.com/over-5500-github-repositories-infected-in-megalodon-supply-chain-attack/ - Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation https://securityaffairs.com/192602/intelligence/dutch-authorities-dismantle-hosting-network-allegedly-used-for-cyberattacks-and-disinformation.html - FBI director Kash Patel's brand website taken offline after malware reports https://securityaffairs.com/192613/security/fbi-director-kash-patels-brand-website-taken-offline-after-malware-reports.html - Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects https://www.securityweek.com/anthropic-mythos-detected-23000-potential-vulnerabilities-across-1000-oss-projects/ - Laravel-Lang Packages Poisoned for Malware Delivery https://www.securityweek.com/laravel-lang-packages-poisoned-for-malware-delivery/ - DocketWise Data Breach Impacts 143,000 https://www.securityweek.com/docketwise-data-breach-impacts-143000/ - Taiwan Flags Five Major Cyber Risks After 726 Security Incidents in 2025 https://thecyberexpress.com/taiwan-cyber-risk-726-cybersecurity-incidents/

Cyber Daily News for May 24, 2026

Cyber Daily News for May 24, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Anthropic’s Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious https://securityaffairs.com/192576/ai/anthropics-glasswing-10000-vulnerabilities-found-in-one-month-and-the-patching-problem-has-never-been-more-obvious.html - CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack https://securityaffairs.com/192557/security/cve-2026-9082-drupals-highly-critical-sql-injection-flaw-is-already-under-active-attack.html - U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/192566/uncategorized/u-s-cisa-adds-a-flaw-in-drupal-core-to-its-known-exploited-vulnerabilities-catalog.html - Why pure extortion is replacing traditional ransomware https://securityaffairs.com/192550/cyber-crime/why-pure-extortion-is-replacing-traditional-ransomware.html

Cyber Daily News for May 23, 2026

Cyber Daily News for May 23, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets https://securityaffairs.com/192538/apt/ghostwriter-is-back-using-a-ukrainian-learning-platform-as-bait-to-hit-government-targets.html - 'Underminr' Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains https://www.securityweek.com/underminr-vulnerability-lets-attackers-hide-malicious-connections-behind-trusted-domains/ - Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure https://www.securityweek.com/drupal-vulnerability-in-hacker-crosshairs-shortly-after-disclosure/ - Authorities arrest 23-year-old accused of running the Kimwolf botnet https://securityaffairs.com/192533/cyber-crime/authorities-arrest-23-year-old-accused-of-running-the-kimwolf-botnet.html - In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking https://www.securityweek.com/in-other-news-industrial-router-exploitation-cisa-kev-nomination-form-gas-station-hacking/

Cyber Daily News for May 22, 2026

Cyber Daily News for May 22, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - 'First VPN' Cybercrime Service Disrupted, Administrator Arrested https://www.securityweek.com/first-vpn-cybercrime-service-disrupted-administrator-arrested/ - Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload https://securityaffairs.com/192473/security/cisco-fixed-maximum-severity-flaw-cve-2026-20223-in-secure-workload.html - Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack https://www.securityweek.com/grafana-says-codebase-and-other-data-stolen-via-tanstack-supply-chain-attack/ - GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension https://www.infosecurity-magazine.com/news/github-breach-nx-console-vs-code/ - Vulnerability Exploitation Overtakes Stolen Credentials in AI-Driven Cyberattacks https://thecyberexpress.com/vulnerability-exploitation-tops-cyber-breach/ - Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix https://securityaffairs.com/192477/hacking/attackers-are-bypassing-mfa-on-sonicwall-vpns-because-something-was-wrong-with-previous-fix.html - Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems https://thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/ - TrendAI Patches Apex One Zero-Day Exploited in the Wild https://www.securityweek.com/trendai-patches-apex-one-zero-day-exploited-in-the-wild/

Cyber Daily News for May 21, 2026

Cyber Daily News for May 21, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - GitHub Confirms Cyberattack Targeting Thousands of Internal Repositories https://thecyberexpress.com/github-cyberattack-teampcp/ - Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking https://www.securityweek.com/drupal-patches-highly-critical-vulnerability-exposing-websites-to-hacking/ - Mini Shai-Hulud Hits Hundreds of npm Packages in AntV Ecosystem https://www.infosecurity-magazine.com/news/antv-npm-mini-shai-hulud-largest/ - Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days https://www.securityweek.com/microsoft-patches-exploited-undefend-and-redsun-defender-zero-days/ - Microsoft Rolls Out Mitigations for YellowKey BitLocker Bypass https://www.securityweek.com/microsoft-rolls-out-mitigations-for-yellowkey-bitlocker-bypass/ - Discord adds end-to-end encryption to voice and video calls by default https://securityaffairs.com/192463/security/discord-adds-end-to-end-encryption-to-voice-and-video-calls-by-default.html - Anthropic Silently Patches Claude Code Sandbox Bypass https://www.securityweek.com/anthropic-silently-patches-claude-code-sandbox-bypass/ - Carding site B1ack's Stash dumps 4.6 Million stolen cards for free https://securityaffairs.com/192415/cyber-crime/carding-site-b1acks-stash-dumps-4-6-million-stolen-cards-for-free.html