Financially motivated threat actors are running an active campaign that impersonates Google’s Gemini CLI and Anthropic’s Claude Code, using SEO poisoning to deliver a fileless PowerShell infostealer to developer workstations worldwide. First identified in early March 2026 by EclecticIQ researchers,…
Category: EN
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2026-9082 (CVSS score:…
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run…
Hackers Compromise Laravel-Lang Packages via 700 GitHub Repos
A sophisticated and active supply chain attack has struck the Laravel-Lang open-source organization, compromising over 700 historical package versions across four widely used PHP localization repositories. The attack, detected on May 22, 2026, and reported by both Aikido Security and the Socket Research…
Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise
Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data This article has been indexed from WeLiveSecurity Read the original article: Foul play: Fake FIFA websites target soccer fans looking…
Hackers Compromised 233 Versions of Laravel-Lang Packages by Hacking 700 GitHub Repos
A highly sophisticated supply chain attack has compromised the Laravel-Lang ecosystem, injecting credential-stealing remote code execution backdoors into 233 package versions across 700 GitHub repositories. Discovered in May 2026 by Socket and Aikido, threat actors manipulated GitHub tags to distribute…
An Example of Stack String in High Level Language, (Sat, May 23rd)
This week, I'm attending the SEC670[1] training (“Red Teaming Tools – Developing Windows Implants, Shellcode, Command and Controlâ€). From my point of view, this training fits perfectly with FOR610 or FOR710 (malware analysis) because it addresses malware from the opposite:…
Claude Mythos Preview Discovers 10,000+ 0-Days in Glasswing
Anthropic has published an update on Project Glasswing, its collaborative AI-powered vulnerability discovery initiative launched last month, revealing that Claude Mythos, the company’s most capable and tightly restricted model, has already surfaced more than 10,000 high- or critical-severity zero-day vulnerabilities…
Anthropic’s Claude Mythos Preview Uncovers 10,000+ 0-Days in Project Glasswing
Anthropic has revealed the staggering initial results of Project Glasswing, a collaborative cybersecurity initiative designed to secure critical infrastructure using advanced AI before malicious actors can exploit it. In its first month, the project leveraged the unreleased Claude Mythos Preview…
Quantum Technology Emerges as a Potential Threat to Bitcoin Networks
Bitcoin’s security architecture has been based on a foundational assumption that modern cryptographic protections will remain computationally impractical to violate at scale for more than a decade. Now, with quantum computing transitioning from theoretical research into an emerging engineering…
Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials
The episode recounts how GitGuardian security researcher Guillaume Valadon, while monitoring public GitHub for leaked secrets, discovered a publicly accessible repository labeled “CISA-Private” containing highly sensitive CISA materials, including internal DHS/CISA credentials, cloud keys, tokens, plaintext passwords, logs, and files…
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
Void Dokkaebi, a North Korea-aligned intrusion set, has updated its information-stealing malware, InvisibleFerret, shifting its delivery format to evade script-based detections. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Analyzing Void Dokkaebi’s…
World Cup Phishing Campaign Nearly Triples With 203 Unique IP Addresses
A large-scale phishing campaign targeting the 2026 FIFA World Cup has grown far beyond what security researchers originally thought. What began as a documented set of 79 fraudulent domains has ballooned into a network of at least 222 domains spread…
Hackers Abuse Middle East Telecom Networks for Large-Scale Command-and-Control Operations
Hackers are using telecom networks and hosting providers across the Middle East as a foundation for massive command-and-control operations, turning trusted infrastructure into a launchpad for cyberattacks. A newly released threat intelligence report reveals that more than 1,350 active command-and-control…
Hackers Backdoor Popular art-template npm Package to Launch Watering-Hole Attacks
A widely-used JavaScript templating library called art-template has been weaponized to deliver a sophisticated iOS browser exploit kit through a supply chain attack. The backdoored package silently dropped malicious code into end users’ browsers, turning everyday web applications into watering…
Russian Threat Groups Use RDP, VPN, Supply Chain Attacks, and Social Engineering for Initial Access
Russian state-sponsored threat groups significantly stepped up their cyber operations in 2025, using a range of methods to break into targeted systems. From exploiting remote desktop tools and virtual private networks to manipulating trusted supply chains and deceiving employees through…
Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker
Microsoft has released a temporary mitigation for YellowKey, a Windows zero-day that can reportedly bypass BitLocker protections. The post Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker appeared first on TechRepublic. This article has been indexed from Security Archives –…
Data Sanitization Challenges Are Increasing in the AI Era
A new Blancco report shows AI and poor sanitization practices are increasing data security risks. The post Data Sanitization Challenges Are Increasing in the AI Era appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
2026-05-22: SmartApeSG ClickFix –> Unidentified RAT –> NetSupport RAT
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2026-05-22: SmartApeSG ClickFix –> Unidentified RAT –> NetSupport RAT
Friday Squid Blogging: Regulating Squid Fishing in the South Pacific
The South Pacific Regional Fisheries Management Organization (SPRFMO) needs to regulate squid fishing in the South Pacific. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog…