1. The ShinyHunters extortion group breached 7-Eleven systems and leaked a 9.4GB database containing personal information of over 183,000 individuals (BleepingComputer).
2. Threat actors are actively exploiting a critical SQL injection vulnerability in Ghost CMS, tracked as CVE-2026-26980, to compromise over 700 websites (The Hacker News).
3. CISA has issued an emergency directive for U.S. federal agencies to patch an actively exploited SQL injection vulnerability in Drupal (BleepingComputer).
4. The North Korea-linked Lazarus Group is deploying a new memory-only remote access trojan called RemotePE to target financial and cryptocurrency firms (The Hacker News).
5. Iranian state-sponsored actor Nimbus Manticore is conducting a phishing and SEO poisoning campaign to deploy MiniFast and MiniJunk V2 malware against aviation and software sectors (The Hacker News).
6. A high-severity zero-day vulnerability in the KnowledgeDeliver LMS, CVE-2026-5426, was exploited to deliver the Godzilla web shell and Cobalt Strike beacons (The Hacker News).
7. The FBI issued a warning regarding the Kali365 phishing-as-a-service platform, which bypasses multi-factor authentication by stealing session tokens from Microsoft 365 accounts (BleepingComputer).
8. Dutch authorities seized 800 servers and arrested two individuals for providing hosting infrastructure used by Russian actors for cyberattacks and disinformation campaigns (KrebsOnSecurity).
9. The Indian CERT-In has mandated that organizations patch critical internet-facing vulnerabilities within 12 hours to counter AI-automated exploitation (The Hacker News).
10. A new heap overflow vulnerability in 7-Zip, tracked as CVE-2026-48095, allows for potential code execution through the use of renamed files (Reddit).
11. Security researchers identified a cross-ecosystem crypto stealer campaign dubbed TrapDoor targeting multiple platforms (Reddit).
12. Microsoft confirmed that the May 2026 security update KB5087537 causes domain controller lookup failures on Windows Server 2016 systems (BleepingComputer).
Be First to Comment