K7 Security K7RKScan.sys vulnerable kernel driver — DragonForce BYOVD chain
cve · CVE-2025-1055
Coverage timeline
1
first 2026-06-17 → last 2026-06-17
Briefs
1
1 distinct
Sources cited
932
287 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-06-17CTI Daily Brief — 2026-06-17
Source distribution
- bleepingcomputer.com82 (9%)
- thehackernews.com65 (7%)
- attack.mitre.org59 (6%)
- securityweek.com37 (4%)
- helpnetsecurity.com36 (4%)
- github.com33 (4%)
- security-hub.ncsc.admin.ch27 (3%)
- theregister.com21 (2%)
- other572 (61%)
External references
All cited sources (932)
- security.comprimaryinlineBroadcom Security, 2026-05-18https://www.security.com/blog-post/fast16-nuclear-sabotage
- security.comprimaryinlineSymantec / Broadcom, 2026-06-16https://www.security.com/threat-intelligence/dragonforce-msteams-backdoor
- security.comprimaryinlineSymantec / Broadcom Threat Intelligence, 2026-05-12https://www.security.com/threat-intelligence/iran-seedworm-electronics
- security.comprimaryinlineBroadcom/Symantec, 2026-06-03https://www.security.com/threat-intelligence/stock-exchange-espionage
- about.fb.cominlineMeta, 2026-06-08https://about.fb.com/news/2026/06/fighting-spyware-an-update-from-whatsapp/
- abw.gov.plinlineABW — Cybersecurity Alert, Polish Water Sector OT Intrusionhttps://abw.gov.pl/pl/cyberbezpieczenstwo/
- access.redhat.cominlineRed Hat, CVE-2022-0492https://access.redhat.com/security/cve/cve-2022-0492
- access.redhat.cominlineRed Hat RHSB-2026-003https://access.redhat.com/security/vulnerabilities/RHSB-2026-003
- access.redhat.cominlineRed Hat RHSB-2026-02https://access.redhat.com/security/vulnerabilities/RHSB-2026-02
- addleshawgoddard.cominlineAddleshaw Goddard, 2026-02-26https://www.addleshawgoddard.com/en/insights/insights-briefings/2026/technology/nis2-directive-finally-implemented-poland-what-businesses-need-know/
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0158, 2026-05-15https://advisories.ncsc.nl/advisory?id=NCSC-2026-0158
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0159, 2026-05-15https://advisories.ncsc.nl/advisory?id=NCSC-2026-0159
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0162, 2026-05-15https://advisories.ncsc.nl/advisory?id=NCSC-2026-0162
- advisories.ncsc.nlinlineNCSC-NL, 2026-06-16https://advisories.ncsc.nl/advisory?id=NCSC-2026-0179
- advisories.ncsc.nlinlineNCSC-NL, 2026-06-11https://advisories.ncsc.nl/advisory?id=NCSC-2026-0189
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0161, 2026-05-15https://advisories.ncsc.nl/csaf/v2/2026/ncsc-2026-0161.json
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0162, 2026-05-15https://advisories.ncsc.nl/csaf/v2/2026/ncsc-2026-0162.json
- aerzteblatt.deinlineDeutsches Ärzteblatt, 2026-05-18https://www.aerzteblatt.de/news/hackerangriff-auf-rezeptprufer-c259a70c-595b-4770-9d84-87f6c8338c0c
- aikido.devinlineAikido, 2026-05-21https://www.aikido.dev/blog/google-api-keys-deletion
- aikido.devinlineAikido Securityhttps://www.aikido.dev/blog/red-hat-npm-packages-compromised-credential-stealing-worm
- aikido.devinlineAikido, 2026-05-23https://www.aikido.dev/blog/supply-chain-attack-targets-laravel-lang-packages-with-credential-stealer
- akamai.cominlineAkamai Security Researchhttps://www.akamai.com/blog/security-research/incomplete-patch-apt28s-zero-day-cve-2026-32202
- almalinux.orginlineAlmaLinux bloghttps://almalinux.org/blog/2026-05-07-dirty-frag/
- amd.cominlineAMD Security Bulletin AMD-SB-7052https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7052.html
- apereo.github.ioinlineApereo CAS — OIDC disclosurehttps://apereo.github.io/2026/05/27/oidc-vuln/
- arcticwolf.cominlineArctic Wolf, 2026-06-11https://arcticwolf.com/resources/blog/arctic-wolf-observes-increase-in-palo-alto-networks-globalprotect-authentication-bypass-exploitation-via-cve-2026-0257/
- arista.cominlineAristahttps://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137
- attack.mitre.orginline`T1068` Exploitation for Privilege Escalationhttps://attack.mitre.org/techniques/T1068/
- attack.mitre.orginline`T1562.001` Impair Defenseshttps://attack.mitre.org/techniques/T1562/001/
- attack.mitre.orginline`T1046`https://attack.mitre.org/techniques/T1046/
- attack.mitre.orginline`T1018`https://attack.mitre.org/techniques/T1018/
- attack.mitre.orginline`T1555.003`https://attack.mitre.org/techniques/T1555/003/
- attack.mitre.orginline`T1021`https://attack.mitre.org/techniques/T1021/
- attack.mitre.orginlineT1003 OS Credential Dumpinghttps://attack.mitre.org/techniques/T1003/
- attack.mitre.orginlineT1021.002https://attack.mitre.org/techniques/T1021/002/
- attack.mitre.orginlineRemote Services: SSHhttps://attack.mitre.org/techniques/T1021/004/
- attack.mitre.orginlineT1021.007 (Remote Services: Cloud Services)https://attack.mitre.org/techniques/T1021/007/
- attack.mitre.orginlineT1027https://attack.mitre.org/techniques/T1027/
- attack.mitre.orginlineMasquerading: Match Legitimate Name or Locationhttps://attack.mitre.org/techniques/T1036/005/
- attack.mitre.orginlineT1041 Exfiltration Over C2 Channelhttps://attack.mitre.org/techniques/T1041/
- attack.mitre.orginlineT1048.003https://attack.mitre.org/techniques/T1048/003/
- attack.mitre.orginline`T1052.001`https://attack.mitre.org/techniques/T1052/001/
- attack.mitre.orginline`T1053.003`https://attack.mitre.org/techniques/T1053/003/
- attack.mitre.orginlineT1053.005https://attack.mitre.org/techniques/T1053/005/
- attack.mitre.orginlineT1055 Process Injectionhttps://attack.mitre.org/techniques/T1055/
- attack.mitre.orginlineT1056.001https://attack.mitre.org/techniques/T1056/001/
- attack.mitre.orginlineCommand and Scripting Interpreterhttps://attack.mitre.org/techniques/T1059/
- attack.mitre.orginline`T1059.004`https://attack.mitre.org/techniques/T1059/004/
- attack.mitre.orginlineT1059.007https://attack.mitre.org/techniques/T1059/007/
- attack.mitre.orginlineT1071.001https://attack.mitre.org/techniques/T1071/001/
- attack.mitre.orginline`T1074` Data Stagedhttps://attack.mitre.org/techniques/T1074/
- attack.mitre.orginlineValid Accountshttps://attack.mitre.org/techniques/T1078/
- attack.mitre.orginlineT1078.004 (Valid Accounts: Cloud Accounts)https://attack.mitre.org/techniques/T1078/004/
- attack.mitre.orginlineT1082https://attack.mitre.org/techniques/T1082/
- attack.mitre.orginline`T1083` File and Directory Discoveryhttps://attack.mitre.org/techniques/T1083/
- attack.mitre.orginline`T1090` Proxyhttps://attack.mitre.org/techniques/T1090/
- attack.mitre.orginlineT1090.001https://attack.mitre.org/techniques/T1090/001/
- attack.mitre.orginlineT1095https://attack.mitre.org/techniques/T1095/
- attack.mitre.orginlineT1098.005 (Account Manipulation: Device Registration)https://attack.mitre.org/techniques/T1098/005/
- attack.mitre.orginlineT1105https://attack.mitre.org/techniques/T1105/
- attack.mitre.orginlineT1114.002https://attack.mitre.org/techniques/T1114/002/
- attack.mitre.orginlineT1133 External Remote Serviceshttps://attack.mitre.org/techniques/T1133/
- attack.mitre.orginline`T1135` Network Share Discoveryhttps://attack.mitre.org/techniques/T1135/
- attack.mitre.orginline`T1136.001`https://attack.mitre.org/techniques/T1136/001/
- attack.mitre.orginlineT1190 Exploit Public-Facing Applicationhttps://attack.mitre.org/techniques/T1190/
- attack.mitre.orginline`T1195.001`https://attack.mitre.org/techniques/T1195/001/
- attack.mitre.orginlineT1195.002https://attack.mitre.org/techniques/T1195/002/
- attack.mitre.orginline`T1204.002` User Executionhttps://attack.mitre.org/techniques/T1204/002/
- attack.mitre.orginline`T1219` Remote Access Softwarehttps://attack.mitre.org/techniques/T1219/
- attack.mitre.orginline`T1485`https://attack.mitre.org/techniques/T1485/
- attack.mitre.orginlineT1486 Data Encrypted for Impacthttps://attack.mitre.org/techniques/T1486/
- attack.mitre.orginlineT1542.001https://attack.mitre.org/techniques/T1542/001/
- attack.mitre.orginlineT1548.001 Setuid and Setgid Abusehttps://attack.mitre.org/techniques/T1548/001/
- attack.mitre.orginline`T1552.001`https://attack.mitre.org/techniques/T1552/001/
- attack.mitre.orginlineCompromise Host Software Binaryhttps://attack.mitre.org/techniques/T1554/
- attack.mitre.orginlineT1555https://attack.mitre.org/techniques/T1555/
- attack.mitre.orginlineT1555.001 Credentials from Password Stores: Keychainhttps://attack.mitre.org/techniques/T1555/001/
- attack.mitre.orginlineModify Authentication Process: Pluggable Authentication Moduleshttps://attack.mitre.org/techniques/T1556/003/
- attack.mitre.orginlineT1556.006 (Modify Authentication Process: Multi-Factor Authentication)https://attack.mitre.org/techniques/T1556/006/
- attack.mitre.orginlineT1566.001https://attack.mitre.org/techniques/T1566/001/
- attack.mitre.orginline`T1566.004` Spearphishing Voicehttps://attack.mitre.org/techniques/T1566/004/
- attack.mitre.orginlineT1567 Exfiltration Over Web Servicehttps://attack.mitre.org/techniques/T1567/
- attack.mitre.orginline`T1567.002` Exfiltration to Cloud Storagehttps://attack.mitre.org/techniques/T1567/002/
- attack.mitre.orginlineT1572 Protocol Tunnelinghttps://attack.mitre.org/techniques/T1572/
- attack.mitre.orginline`T1574.002`https://attack.mitre.org/techniques/T1574/002/
- attack.mitre.orginlineMITRE ATT&CK T1611https://attack.mitre.org/techniques/T1611/
- badhost.orginlineX41 D-Sec Advisory x41-2026-002, 2026-05-22https://badhost.org/
- bankinfosecurity.cominlineBankInfoSecurity, 2026-06-05https://www.bankinfosecurity.com/chinese-phishing-service-scams-thousands-fifa-world-cup-fans-a-31819
- bankinfosecurity.cominlineBankInfoSecurity — DentaQuesthttps://www.bankinfosecurity.com/shinyhunters-leaks-234gb-dentaquest-data-trove-a-31883
- bankinfosecurity.cominlineBankInfoSecurity, 2026-05-11https://www.bankinfosecurity.com/tables-turned-gentlemen-ransomware-group-suffers-data-leak-a-31654
- bishopfox.cominlineBishop Foxhttps://bishopfox.com/blog/cve-2026-42208-pre-authentication-sql-injection-in-litellm-proxy
- bitdefender.cominlineBitdefender Business Insights, 2026-05-13https://www.bitdefender.com/en-us/blog/businessinsights/famoussparrow-apt-targets-azerbaijani-oil-gas-industry
- bka.deinlineBundeskriminalamt press release — Deutscher Betreiber von "Crimenetwork" auf Mallorca verhaftet, 2026-05-08https://www.bka.de/SharedDocs/Pressemitteilungen/DE/Presse_2026/pm260508_Crimenetwork.pdf?__blob=publicationFile&v=3
- bleepingcomputer.cominlineBleepingComputer, 2026-05-20https://www.bleepingcomputer.com/news/linux/exploit-released-for-new-pintheft-arch-linux-root-escalation-flaw/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-01https://www.bleepingcomputer.com/news/microsoft/critical-windows-netlogon-remote-code-execution-flaw-now-exploited-in-attacks/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/microsoft/microsoft-defender-rogueplanet-zero-day-grants-system-privileges/
- bleepingcomputer.cominlineBleepingComputer — June Patch Tuesdayhttps://www.bleepingcomputer.com/news/microsoft/microsoft-june-2026-patch-tuesday-fixes-6-zero-days-200-flaws/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-26https://www.bleepingcomputer.com/news/security/7-eleven-data-breach-exposes-personal-information-of-185-000-people/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/acer-warns-of-max-severity-zero-days-affecting-wave-7-routers/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-07https://www.bleepingcomputer.com/news/security/c0xmo-botnet-spreads-via-dd-wrt-router-flaw-kills-rival-malware/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-29https://www.bleepingcomputer.com/news/security/california-ag-sues-23andme-over-2023-breach-exposing-health-data/
- bleepingcomputer.cominlineBleepingComputer — Charter confirmshttps://www.bleepingcomputer.com/news/security/charter-confirms-data-breach-after-shinyhunters-extortion-threat/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-29https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-08https://www.bleepingcomputer.com/news/security/check-point-links-vpn-zero-day-attacks-to-qilin-ransomware-gang/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-21https://www.bleepingcomputer.com/news/security/chinese-hackers-target-telcos-with-new-linux-windows-malware/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-04https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-atlas-rat-malware-in-european-cyberattacks/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/cisa-gives-feds-3-days-to-patch-ivanti-flaw-exploited-in-attacks/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/cisa-tells-govt-agencies-to-patch-critical-exploited-flaws-in-3-days/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-15https://www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-15https://www.bleepingcomputer.com/news/security/council-of-europe-investigates-shinyhunters-data-breach-claims/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-04https://www.bleepingcomputer.com/news/security/credit-card-theft-campaign-abuses-stripe-to-host-stolen-payment-info/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-06https://www.bleepingcomputer.com/news/security/critical-everest-forms-pro-flaw-exploited-to-take-over-wordpress-sites/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-02https://www.bleepingcomputer.com/news/security/critical-kirki-flaw-exploited-to-hijack-wordpress-admin-accounts/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-06https://www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-01https://www.bleepingcomputer.com/news/security/dashlane-password-manager-users-locked-out-by-brute-force-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-04https://www.bleepingcomputer.com/news/security/dentaquest-data-breach-exposed-info-of-26-million-accounts/
- bleepingcomputer.cominlineBleepingComputer (2026-05-22)https://www.bleepingcomputer.com/news/security/drupal-critical-sql-injection-flaw-now-targeted-in-attacks/
- bleepingcomputer.cominlineBleepingComputer — Dutch police arresthttps://www.bleepingcomputer.com/news/security/dutch-police-arrests-suspect-linked-to-ajax-football-club-hack/
- bleepingcomputer.cominlineBleepingComputer — Eurail says December data breach impacts 300,000 individualshttps://www.bleepingcomputer.com/news/security/eurail-says-december-data-breach-impacts-300-000-individuals/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/exploit-available-for-new-dirtydecrypt-linux-root-escalation-flaw/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-14https://www.bleepingcomputer.com/news/security/fbi-disrupts-massive-ai-powered-phishing-service-using-a-million-urls/
- bleepingcomputer.cominlineBleepingComputer — FBI seizes BreachForums extortion portalhttps://www.bleepingcomputer.com/news/security/fbi-takes-down-breachforums-portal-used-for-salesforce-extortion/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-28https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-fifa-websites-running-world-cup-fraud-schemes/
- bleepingcomputer.cominlineBleepingComputer, 2025-05-23https://www.bleepingcomputer.com/news/security/fbi-warns-of-luna-moth-extortion-attacks-targeting-law-firms/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-13https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-rce-flaws-in-fortisandbox-and-fortiauthenticator/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-09https://www.bleepingcomputer.com/news/security/french-govt-messaging-service-breached-in-account-hijacking-attack/
- bleepingcomputer.cominlineBleepingComputer — Funnel Builder skimmerhttps://www.bleepingcomputer.com/news/security/funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-24https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-11https://www.bleepingcomputer.com/news/security/github-announces-npm-security-changes-to-tackle-supply-chain-attacks/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/gogs-patches-critical-zero-day-enabling-remote-code-execution/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-02https://www.bleepingcomputer.com/news/security/google-fixes-one-actively-exploited-android-zero-day-124-flaws/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-20https://www.bleepingcomputer.com/news/security/grafana-breach-caused-by-missed-token-rotation-after-tanstack-attack/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-18https://www.bleepingcomputer.com/news/security/grafana-says-stolen-github-token-let-hackers-steal-codebase/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-20https://www.bleepingcomputer.com/news/security/hackers-bypass-sonicwall-vpn-mfa-due-to-incomplete-patching/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-02https://www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-04https://www.bleepingcomputer.com/news/security/instructure-confirms-data-breach-shinyhunters-claims-attack/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-07https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/japanese-energy-firm-loses-drive-with-data-of-109-million-clients/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/maine-breach-portal-abused-to-publish-fake-data-breach-disclosures/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-12https://www.bleepingcomputer.com/news/security/maine-disables-data-breach-notification-portal-after-fake-disclosures/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-19https://www.bleepingcomputer.com/news/security/max-severity-flaw-in-chromadb-for-ai-apps-allows-server-hijacking/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-08https://www.bleepingcomputer.com/news/security/meta-ai-support-data-breach-affects-20-000-instagram-accounts/
- bleepingcomputer.cominlineBleepingComputer corroboration on 2026-05-19https://www.bleepingcomputer.com/news/security/microsoft-self-service-password-reset-abused-in-azure-data-theft-attacks/
- bleepingcomputer.cominlineBleepingComputer — MuddyWater hackers use Chaos ransomware as a decoyhttps://www.bleepingcomputer.com/news/security/muddywater-hackers-use-chaos-ransomware-as-a-decoy-in-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-22https://www.bleepingcomputer.com/news/security/netherlands-seizes-800-servers-of-hosting-firm-enabling-cyberattacks/
- bleepingcomputer.cominlineBleepingComputer — IronWormhttps://www.bleepingcomputer.com/news/security/new-ironworm-malware-hits-36-packages-in-npm-supply-chain-attack/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-16https://www.bleepingcomputer.com/news/security/new-rokarolla-android-malware-targets-217-banking-crypto-apps/
- bleepingcomputer.cominlineBleepingComputer 2026-05-05https://www.bleepingcomputer.com/news/security/new-stealthy-quasar-linux-malware-targets-software-developers/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-11https://www.bleepingcomputer.com/news/security/nottingham-university-data-breach-affects-over-450-000-students/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-10https://www.bleepingcomputer.com/news/security/oracle-peoplesoft-servers-hacked-in-shinyhunters-data-theft-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-12https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-08https://www.bleepingcomputer.com/news/security/oxford-university-discloses-data-breach-after-careerconnect-platform-hack/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/path-traversal-flaw-in-ai-dev-platform-langflow-exploited-in-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-12https://www.bleepingcomputer.com/news/security/pharmaceutical-giant-novo-nordisk-discloses-security-breach/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-21https://www.bleepingcomputer.com/news/security/police-seize-first-vpn-service-used-in-ransomware-data-theft-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-15https://www.bleepingcomputer.com/news/security/pwn2own-day-two-hackers-demo-microsoft-exchange-windows-11-red-had-enterprise-linux-zero-days/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-16https://www.bleepingcomputer.com/news/security/ransomware-gang-abuses-microsoft-teams-relays-to-hide-malicious-traffic/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/red-hat-npm-packages-compromised-to-steal-developer-credentials/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-09https://www.bleepingcomputer.com/news/security/sap-fixes-critical-flaws-in-netweaver-and-commerce-cloud/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-05https://www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-09https://www.bleepingcomputer.com/news/security/servicenow-discloses-security-incident-exposing-customer-data/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-11https://www.bleepingcomputer.com/news/security/south-korea-hits-coupang-with-record-409-million-fine-over-data-breach/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-01https://www.bleepingcomputer.com/news/security/spain-arrests-doxer-leaking-sensitive-data-of-govt-employees/
- bleepingcomputer.cominlineBleepingComputer — Polyfill.iohttps://www.bleepingcomputer.com/news/security/suspicious-polyfill-login-prompts-pop-up-on-toshiba-muji-websites/
- bleepingcomputer.cominlineBleepingComputer — The Gentlemen + SystemBC, 2026-04-20https://www.bleepingcomputer.com/news/security/the-gentlemen-ransomware-now-uses-systembc-for-bot-powered-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-04https://www.bleepingcomputer.com/news/security/trellix-discloses-data-breach-after-source-code-repository-hack/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-17https://www.bleepingcomputer.com/news/security/tycoon2fa-hijacks-microsoft-365-accounts-via-device-code-phishing/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-12https://www.bleepingcomputer.com/news/security/ukrainian-national-pleads-guilty-to-role-in-conti-ransomware-operation/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-06https://www.bleepingcomputer.com/news/security/video-service-vimeo-confirms-anodot-breach-exposed-user-data/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-08https://www.bleepingcomputer.com/news/security/whatsapp-says-it-disrupted-new-nso-spyware-phishing-attacks/
- bleepingcomputer.cominlineBleepingComputer — Windows BitLocker zero-day PoChttps://www.bleepingcomputer.com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-16https://www.bleepingcomputer.com/news/security/windows-version-of-sprysocks-linux-malware-used-to-attack-govt-orgs/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-01https://www.bleepingcomputer.com/news/security/wordpress-malware-campaign-hides-payloads-in-steam-profiles/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-31https://www.bleepingcomputer.com/news/security/wp-maps-pro-bug-exploited-to-create-admin-accounts-on-wordpress-sites/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-08https://www.bleepingcomputer.com/news/security/zara-data-breach-exposed-personal-information-of-197-000-people/
- blick.chinlineBlick.ch, 2026-05-07https://www.blick.ch/fr/suisse/romande/cyberattaque-le-groupe-romand-3r-de-radiologie-cible-id21930477.html
- blog.calif.ioinlineCalif/Codex, 2026-06-02https://blog.calif.io/p/codex-discovered-a-hidden-http2-bomb
- blog.checkpoint.cominlineMarch-April 2026 AI Threat Landscape Digesthttps://blog.checkpoint.com/research/ai-attacks-are-no-longer-experimental-key-findings-from-the-march-april-2026-ai-threat-landscape/
- blog.checkpoint.cominlineCheck Pointhttps://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/
- blog.daemon-tools.ccinlineDisc Softhttps://blog.daemon-tools.cc/post/security-incident
- blog.exodusintel.cominlineExodus Intelligence, 2026-06-08https://blog.exodusintel.com/2026/06/08/off-by-exploiting-a-use-after-free-in-the-linux-kernel/
- blog.googleinlineGoogle, 2026-06-12https://blog.google/innovation-and-ai/technology/safety-security/combatting-ai-scams/
- blog.litespeedtech.cominlineLiteSpeed advisoryhttps://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/
- blog.litespeedtech.cominlineLiteSpeed, 2026-06-01https://blog.litespeedtech.com/2026/06/01/security-update-for-litespeed-cpanel-plugin-2/
- blog.qualys.cominlineQualys TRU on CVE-2026-46333https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path
- blog.sekoia.ioinlineSekoia TDR, 2026-06-11https://blog.sekoia.io/apt28-an-evolution-of-tradecraft/
- blog.sekoia.ioinlineSekoia TDR, 2026-06-01https://blog.sekoia.io/fsbs-matryoshka-1-3-gamaredons-gifts-that-keeps-unpacking-gammaphish-and-gammaworm/
- blog.sekoia.ioinlineSekoia's reference analysishttps://blog.sekoia.io/tycoon-2fa-an-in-depth-analysis-of-the-latest-version-of-the-aitm-phishing-kit/
- blog.spip.netinlineSPIP security bulletin, 2026-05-12https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-4-14.html
- blog.spip.netinlineSPIP blog, 2026-05-22https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-4-15.html
- blog.talosintelligence.cominlineCisco Talos UAT-8616https://blog.talosintelligence.com/sd-wan-ongoing-exploitation/
- blog.talosintelligence.cominlineCisco Talos 2026-05-05https://blog.talosintelligence.com/uat-8302/
- blog.talosintelligence.cominlineCisco Talos — UAT-8616https://blog.talosintelligence.com/uat-8616-sd-wan/
- blog.xlab.qianxin.cominlineXLab Qianxin, 2026-05-21https://blog.xlab.qianxin.com/ghost-cms-mass-compromised-via-cve-2026-26980-now-fueling-clickfix-attacks/
- blogs.microsoft.cominlineMicrosoft On the Issues — DCU legal action, 2026-05-19https://blogs.microsoft.com/on-the-issues/2026/05/19/disrupting-fox-tempest-a-cybercrime-service/
- borncity.cominlineBorns IT Blog, 2026-05-16https://borncity.com/blog/2026/05/16/cyberangriff-auf-die-arwini-rezeptpruefung-in-niedersachsen-mit-datenabfluss/
- brusselsmorning.cominlineBrussels Morning, 2026-06-11https://brusselsmorning.com/eu-cyber-exercise-2026/99116/
- brusselssignal.euinlineBrussels Signalhttps://brusselssignal.eu/2026/06/eu-takes-france-and-spain-to-court-over-cybersecurity-law-delay/
- bsi.bund.deinlineBSI advisory 2026-05-07https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2026/2026-211476-1032.html
- bundesregierung.deinlineBundesregierung — Stärkung der Cybersicherheit (DE)https://www.bundesregierung.de/breg-de/aktuelles/staerkung-cybersicherheit-2432588
- bundesregierung.deinlineBundesregierunghttps://www.bundesregierung.de/breg-en/news/strengthening-cyber-security-2433588
- careers.ox.ac.ukinlineOxfordhttps://www.careers.ox.ac.uk/article/careerconnect-secured-and-safe-to-use-following-data-security-incident
- ccb.belgium.beinlineCCB Belgium, 2026-05-08https://ccb.belgium.be/advisories/warning-dirty-frag-new-linux-local-privilege-escalation-vulnerability-was-disclosed
- ccb.belgium.beinlineCCB Belgium, 2026-06-11https://ccb.belgium.be/advisories/warning-fortinet-addresses-critical-command-injection-vulnerability-fortisandbox-patch
- ccb.belgium.beinlineCCB Belgium, 2026-05-20https://ccb.belgium.be/advisories/warning-nlnet-labs-has-addressed-multiple-vulnerabilities-unbound-dns-resolver-could
- ccb.belgium.beinlineCCB, 2026-06-09https://ccb.belgium.be/advisories/warning-sap-addresses-critical-vulnerabilities-affecting-multiple-sap-products-patch
- ccb.belgium.beinlineCCB Belgium issued a *"Patch Immediately"* advisoryhttps://ccb.belgium.be/advisories/warning-two-critical-vulnerabilities-portainer-allow-full-host-takeover-patch
- cert.europa.euinlineCERT-EU Advisory 2026-005, 2026-04-30https://cert.europa.eu/publications/security-advisories/2026-005/
- cert.europa.euinlineCERT-EU Critical Advisory 2026-006https://cert.europa.eu/publications/security-advisories/2026-006/
- cert.europa.euinlineCERT-EU 2026-007https://cert.europa.eu/publications/security-advisories/2026-007/
- cert.europa.euinlineCERT-EU 2026-008, 2026-06-10https://cert.europa.eu/publications/security-advisories/2026-008/
- cert.plinlineCERT Polska CVE-2026-42096https://cert.pl/en/posts/2026/05/CVE-2026-42096/
- cert.plinlineCERT Polska — CVE-2026-42251https://cert.pl/en/posts/2026/06/CVE-2026-42251/
- cert.ssi.gouv.frinlineCERT-FR, 2026-05-05https://www.cert.ssi.gouv.fr/
- cert.ssi.gouv.frinlineCERT-FR, 2026-05-06https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0537/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0543, 2026-05-07https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0543/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0552, 2026-05-07https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0552/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0564, 2026-05-12https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0564/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0572, 2026-05-12https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0572/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0576, 2026-05-13https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0576/
- cert.ssi.gouv.frinlineANSSI / CERT-FR — CERTFR-2026-AVI-0635 (SPIP)https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0635/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0651https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0651/
- cert.ssi.gouv.frinlineCERT-FR / ANSSI advisory CERTFR-2026-AVI-0652https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0652/
- cert.ssi.gouv.frinlineissued advisory CERTFR-2026-AVI-0654 on 2026-05-28https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0654/
- checkmarx.cominlineCheckmarx, 2026-05-12https://checkmarx.com/blog/ongoing-security-updates/
- chromereleases.googleblog.cominlineGoogle Chrome Releases, 2026-06-02https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html
- cisa.govinlineCISA KEV, 2026-05-27https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- cisa.govinlineCISA KEV, 2026-05-21https://www.cisa.gov/news-events/alerts/2026/05/21/cisa-adds-two-known-exploited-vulnerabilities-catalog
- cisa.govinlineCISAhttps://www.cisa.gov/news-events/alerts/2026/06/02/cisa-adds-two-known-exploited-vulnerabilities-catalog
- cisa.govinlineCISA, 2026-06-15https://www.cisa.gov/news-events/alerts/2026/06/15/cisa-adds-two-known-exploited-vulnerabilities-catalog
- cisa.govinlineCISA — Adds one Known Exploited Vulnerability to Catalog, 2026-06-16https://www.cisa.gov/news-events/alerts/2026/06/16/cisa-adds-one-known-exploited-vulnerability-catalog
- cisa.govinlineCISA Alert AA21-321A, 2021-11-17https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-321a
- cisa.govinlineCISA AA24-060Ahttps://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060a
- cisa.govinlineCISA AA24-207A — Russian GRU CI targeting (background reference)https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-207a
- cisa.govinlineCISAhttps://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk
- cisa.govinlineCISA ED-26-03https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems
- cisa.govinlineCISA, 2026-06-10https://www.cisa.gov/news-events/news/patch-smarter-not-harder
- cloud.google.cominlineGoogle Cloud Threat Intelligence — AI vulnerability exploitation initial access, 2026-05-11https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access
- cloud.google.cominlineGoogle GTIG, 2026-06-15https://cloud.google.com/blog/topics/threat-intelligence/prc-targets-us-medical-research
- cloud.google.cominlineGoogle GTIGhttps://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit/
- cloud.google.cominlineMandianthttps://cloud.google.com/blog/topics/threat-intelligence/targeted-campaign-us-law-firms/
- comparitech.cominlineComparitech Q1 2026 Healthcarehttps://www.comparitech.com/news/healthcare-ransomware-roundup-q1-2026-stats-on-attacks-ransoms-and-data-breaches/
- computable.nlinlineComputablehttps://www.computable.nl/2026/05/13/inspectie-vernietigend-over-beveiliging-clinical-diagnostics-na-datahack/
- computerweekly.cominlineComputer Weeklyhttps://www.computerweekly.com/news/366642525/They-protect-the-law-while-breaking-it-Inside-Europols-shadow-IT-system
- correctiv.orginlineCorrectiv, 2026-05-05https://correctiv.org/en/europe/2026/05/05/they-protect-the-law-while-breaking-it-inside-europols-shadow-it-system/
- cpomagazine.cominlineCPO Magazinehttps://www.cpomagazine.com/cyber-security/microsoft-doubles-down-on-opposition-to-public-disclosure-as-chaotic-eclipse-wave-of-zero-day-vulnerabilities-continues/
- crowdstrike.cominlineCrowdStrike bloghttps://www.crowdstrike.com/en-us/blog/crowdstrike-2026-financial-services-threat-landscape-report/
- crowdstrike.cominlineCrowdStrike press releasehttps://www.crowdstrike.com/en-us/press-releases/crowdstrike-2026-financial-services-threat-landscape-report/
- cryptotimes.ioinlineCryptoTimes's post-mortem synthesis on 2026-05-17https://www.cryptotimes.io/2026/05/17/10-8-million-drained-inside-the-thorchain-exploit-that-froze-cross-chain-defi-for-13-hours/
- csoonline.cominlineCSO Onlinehttps://www.csoonline.com/article/4171926/expired-domain-leads-to-supply-chain-attack-on-node-ipc-npm-package.html
- csoonline.cominlineCSO Online, 2026-05-20https://www.csoonline.com/article/4175329/drupal-admins-rushing-to-patch-maximum-severity-sql-injection-vulnerability.html
- cve.newsinlinecve.news analysis of CVE-2025-69691, 2026-05-08https://www.cve.news/cve-2025-69691/
- cve.threatint.euinlineTHREATINT, 2026-06-01https://cve.threatint.eu/CVE/CVE-2026-44825
- cwe.mitre.orginlineCWE-648https://cwe.mitre.org/data/definitions/648.html
- cyber.gc.cainlineCanadian Centre for Cyber Securityhttps://www.cyber.gc.ca/en/guidance/cyber-threat-bulletin-fifa-world-cup-2026tm
- cyberinsider.cominlineCyberInsider, 2026-05-26https://cyberinsider.com/7-eleven-data-breach-exposes-personal-information-of-185000-applicants/
- cyberinsider.cominlineCyberInsider, 2026-05-23https://cyberinsider.com/charter-communications-confirms-data-breach-as-hackers-threaten-leak-of-42-million-records/
- cyberscoop.cominlineCyberScoop, 2026-06-12https://cyberscoop.com/conti-ransomware-member-ukrainian-lytvynenko-guilty/
- cyberscoop.cominlineCyberScoop, 2026-05-05https://cyberscoop.com/cpanel-authentication-bypass-vulnerability-cve-2026-41940-exploited/
- cyberscoop.cominlineCyberScoop, 2026-05-22https://cyberscoop.com/fbi-phishing-kali365-microsoft365-access-tokens/
- cyberscoop.cominlineCyberScoop, 2026-05-27https://cyberscoop.com/fbi-warning-silent-ransom-group-law-firms/
- cyberscoop.cominlineCyberScoop, 2026-06-08https://cyberscoop.com/meta-contempt-complaint-nso-group-spyware/
- cyberscoop.cominlineCyberScoop, 2026-06-12https://cyberscoop.com/outsider-cybercrime-network-takedown-china-fbi-google-lumen/
- cybersecuritydive.cominlineCybersecurity Divehttps://www.cybersecuritydive.com/news/iran-cyberattacks-espionage-us-israel-uae/820990/
- cybersecuritydive.cominlineCybersecurity Divehttps://www.cybersecuritydive.com/news/patch-bypass-hackers-exploit-flaw-sonicwall/820600/
- cybersecuritydive.cominlineCybersecurity Dive, 2026-05-14https://www.cybersecuritydive.com/news/west-pharmaceutical-restoring-operations-ransomware-attack/820250/
- cybersecuritynews.cominlineCybersecurityNews, 2026-05-19https://cybersecuritynews.com/compromised-github-action-exfiltrates-workflow-credentials/
- cybersecuritynews.cominlineCybersecurityNews, 2026-05-19https://cybersecuritynews.com/nx-console-vs-code-extension-compromised/
- cybersecuritynews.cominlineCybersecurityNews, 2026-05-19https://cybersecuritynews.com/seppmail-gateway-flaws/
- cybersecuritynews.cominlineCybersecurityNewshttps://cybersecuritynews.com/veeam-backup-replication-tool-vulnerability/
- cyera.cominlineCyera Research, 2026-05-15https://www.cyera.com/blog/claw-chain-cyera-research-unveil-four-chainable-vulnerabilities-in-openclaw
- dataminr.cominlineDataminr, 2026-06-11https://www.dataminr.com/resources/intel-brief/cyber-intel-brief-handala-claims-breach-of-california-water-service/
- depthfirst.cominlinedepthfirst, 2026-06-02https://depthfirst.com/research/21-zero-days-in-ffmpeg
- depthfirst.cominlinedepthfirst "NGINX Rift" technical writeup, 2026-05-13https://depthfirst.com/research/nginx-rift-achieving-nginx-rce-via-an-18-year-old-vulnerability
- dhtmlx.cominlineDHTMLX security advisory DHX-SA-2026-001https://dhtmlx.com/blog/security-advisory-dhx-sa-2026-001/
- dig.watchinlineDigital Watch Observatory, 2026-05-31https://dig.watch/updates/germany-approves-draft-law-expanding-cyber-defense-powers-for-federal-authorities
- digital-strategy.ec.europa.euinlineEC CRA implementationhttps://digital-strategy.ec.europa.eu/en/factpages/cyber-resilience-act-implementation
- dlapiper.cominlineDLA Piper, 2026-02-16https://www.dlapiper.com/en/insights/publications/2026/02/nis2-update-eu-moves-to-harmonise-cyber-controls-refine-scope-and-add-new-in-scope-entities
- docs.gitlab.cominlineGitLab patch-release pagehttps://docs.gitlab.com/releases/patches/patch-release-gitlab-19-0-1-released/
- docs.litellm.aiinlineLiteLLM vendor advisory, 2026-04-29https://docs.litellm.ai/blog/cve-2026-42208-litellm-proxy-sql-injection
- docu.ilias.deinlineILIAS Security Bloghttps://docu.ilias.de/go/blog/15821
- downloads.seppmail.cominlineSEPPmail v15.0 release noteshttps://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security
- dragos.cominlineDragos — AI-assisted ICS attack water utilityhttps://www.dragos.com/blog/ai-assisted-ics-attack-water-utility/
- dragos.cominlineDragos — 8th Annual OT Cybersecurity Year in Review blog announcementhttps://www.dragos.com/blog/dragos-8th-annual-ot-cybersecurity-year-in-review-is-now-available
- dragos.cominlineDragos — 2025 OT Cybersecurity Year in Reviewhttps://www.dragos.com/year-in-review/
- drupal.orginlineDrupal PSA, 2026-05-18https://www.drupal.org/psa-2026-05-18
- drupal.orginlineDrupal SA-CORE-2026-004https://www.drupal.org/sa-core-2026-004
- drupal.orginlineDrupal SA feedhttps://www.drupal.org/security
- drupal.orginlineDrupal Steward WAFhttps://www.drupal.org/steward
- dutchnews.nlinlineDutchNews.nl, 2026-04-29https://www.dutchnews.nl/2026/04/chipsoft-says-stolen-patient-data-has-been-destroyed/
- dutchnews.nlinlineDutchNews.nlhttps://www.dutchnews.nl/2026/05/hackers-break-into-ed-tech-giant-again-after-massive-data-heist/
- dutchnews.nlinlineDutchNews.nl, 2026-05-22https://www.dutchnews.nl/2026/05/two-dutch-men-arrested-for-aiding-russian-cyberattacks/
- dutchnews.nlinlineDutchNews.nl, 2026-06-03https://www.dutchnews.nl/2026/06/mass-data-breach-on-over-100-dutch-hotels-hits-guests/
- ebas.chinlineebas.ch, 2026-05-07https://www.ebas.ch/en/2026/05/sms-blaster-new-scam-reaches-switzerland/
- edri.orginlineEDRi, 2026-05-28https://edri.org/our-work/inside-italys-low-cost-spyware-economy/
- elastic.coinlineElastic Security Labs 2026-05-07https://www.elastic.co/security-labs/tclbanker-brazilian-banking-trojan
- elastic.coinlineElastic Security Labs, 2026-05-26https://www.elastic.co/security-labs/tycoon-2fa-aitm-detection-engineering
- english.ajax.nlinlineAFC Ajax statementhttps://english.ajax.nl/articles/information-about-data-breach-at-ajax/
- enisa.europa.euinlineENISA NIS360 2026https://www.enisa.europa.eu/enisa-nis360-2026
- enisa.europa.euinlineENISAhttps://www.enisa.europa.eu/news/cyber-europe-2026-all-eyes-on-the-eus-collective-response-and-resilience
- enisa.europa.euinlineENISA, 2026-05-06https://www.enisa.europa.eu/news/new-cve-numbering-authorities-under-enisa-root
- enisa.europa.euinlineENISA, 2026-05-28https://www.enisa.europa.eu/news/nis360-the-bigger-picture-on-maturity-and-criticality-of-nis-critical-sectors
- enisa.europa.euinlineENISA SRP pagehttps://www.enisa.europa.eu/topics/product-security-and-certification/single-reporting-platform-srp
- enki.co.krinlineENKI WhiteHat, 2026-05-27https://www.enki.co.kr/en/media-center/blog/kimsuky-s-advanced-attack-techniques-jsonping-webex-spoofing-and-a-new-httpspy-variant
- esentire.cominlineeSentire TRU, 2026-05-12https://www.esentire.com/blog/tycoon-2fa-operators-adopt-oauth-device-code-phishing
- eurojust.europa.euinlineEurojust, 2026-05-21https://www.eurojust.europa.eu/news/eurojust-coordinated-investigation-shuts-down-criminal-vpn-network
- euvd.enisa.europa.euinlineENISA EUVD EUVD-2026-32027, 2026-05-27https://euvd.enisa.europa.eu/enisa/eu_vulnerability_database/EUVD-2026-32027
- euvd.enisa.europa.euinlineENISA EUVDhttps://euvd.enisa.europa.eu/enisa/eu_vulnerability_database/EUVD-2026-34268
- exim.orginlineExim security releasehttps://exim.org/static/doc/security/CVE-2026-45185.txt
- fiod.nlinlineFIOD, 2026-05-22https://www.fiod.nl/fiod-houdt-twee-verdachten-aan-wegens-overtreding-sanctiewetgeving/
- flatt.techinlineGMO Flatt Security — claude-code-actionhttps://flatt.tech/research/posts/poisoning-claude-code-one-github-issue-to-break-the-supply-chain/
- fortiguard.fortinet.cominlineFortinet PSIRT FG-IR-26-128, 2026-05-12https://fortiguard.fortinet.com/psirt/FG-IR-26-128
- fortiguard.fortinet.cominlineFortinet PSIRT FG-IR-26-136, 2026-05-12https://fortiguard.fortinet.com/psirt/FG-IR-26-136
- fortinet.cominlineFortiGuard Labshttps://www.fortinet.com/blog/threat-research/cybercriminals-are-targeting-the-fifa-world-cup-2026
- fortinet.cominlineFortiGuard Labs, 2026-06-03https://www.fortinet.com/blog/threat-research/inside-cross-platform-propagation-of-new-gafgyt-variant-c0xmo
- frenchbreaches.cominlineFrenchBreaches.comhttps://frenchbreaches.com/alertes/west-pharmaceutical-mp02xkxjkw6bd7u8y9n
- gambit.securityinlineGambit Security — Ababil of Minab / Iran MOIShttps://gambit.security/blog-posts/babil-of-minab-iran-mois-destruction-campaign
- gbhackers.cominlineGBHackers, 2026-06-09https://gbhackers.com/ghost-sender-flaw-exposes-exchange-online-users/
- github.bloginlineGitHub Changelog, 2026-06-09https://github.blog/changelog/2026-06-09-upcoming-breaking-changes-for-npm-v12/
- github.bloginlineGitHub Security Blog — internal-repo accesshttps://github.blog/security/investigating-unauthorized-access-to-githubs-internal-repositories/
- github.cominlineBedrock Safeguard decryptorhttps://github.com/Bedrock-Safeguard/gentlemen-decryptor
- github.cominlineGitHub Advisory GHSA-86qp-5c8j-p5mrhttps://github.com/Kludex/starlette/security/advisories/GHSA-86qp-5c8j-p5mr
- github.cominlineGHSA-g7cv-rxg3-hmpxhttps://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx
- github.cominlineResearcher write-up (V4bel), 2026-05-07https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md
- github.cominlineGitHub Security Advisory GHSA-679G-PP8V-JVG4, 2026-06-02https://github.com/advisories/GHSA-679G-PP8V-JVG4
- github.cominlineGitHub Security Advisory GHSA-fwfp-h68w-2hcrhttps://github.com/advisories/GHSA-fwfp-h68w-2hcr
- github.cominlineGitHub Advisory GHSA-fxrh-cwjh-m33vhttps://github.com/advisories/GHSA-fxrh-cwjh-m33v
- github.cominlineGitHub GHSA-gcgv-v5gf-c543https://github.com/advisories/GHSA-gcgv-v5gf-c543
- github.cominlineGHSA-h7wj-m45x-884xhttps://github.com/advisories/GHSA-h7wj-m45x-884x
- github.cominlineGitHub Advisory GHSA-v4p8-mg3p-g94ghttps://github.com/advisories/GHSA-v4p8-mg3p-g94g
- github.cominlineGitHub Security Advisory GHSA-w52v-v783-gw97https://github.com/advisories/GHSA-w52v-v783-gw97
- github.cominlineBBB GHSA-43hc-5g2m-cqff, 2026-05-17https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-43hc-5g2m-cqff
- github.cominlineBigBlueButton — GHSA-7959-pf2v-xc4hhttps://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-7959-pf2v-xc4h
- github.cominlineBBB GHSA-xqm3-6q7q-4v5h, 2026-05-17https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-xqm3-6q7q-4v5h
- github.cominlineComposer GitHub Security Advisory GHSA-q468-rwj9-r734https://github.com/composer/composer/security/advisories/GHSA-q468-rwj9-r734
- github.cominlineGHSA-fcmw-wx57-9p75https://github.com/mautic/mautic/security/advisories/GHSA-fcmw-wx57-9p75
- github.cominlineGitHub GHSA-2ww3-72rp-wpp4https://github.com/microsoft/semantic-kernel/security/advisories/GHSA-2ww3-72rp-wpp4
- github.cominlineGitHub GHSA-xjw9-4gw8-4rqxhttps://github.com/microsoft/semantic-kernel/security/advisories/GHSA-xjw9-4gw8-4rqx
- github.cominlinen8n GHSA-57g9-58c2-xjg3https://github.com/n8n-io/n8n/security/advisories/GHSA-57g9-58c2-xjg3
- github.cominlinen8n GHSA-c8xv-5998-g76hhttps://github.com/n8n-io/n8n/security/advisories/GHSA-c8xv-5998-g76h
- github.cominlinen8n GHSA-hqr4-h3xv-9m3rhttps://github.com/n8n-io/n8n/security/advisories/GHSA-hqr4-h3xv-9m3r
- github.cominlinen8n GHSAhttps://github.com/n8n-io/n8n/security/advisories/GHSA-q5f4-99jv-pgg5
- github.cominlinen8n GHSA-wrwr-h859-xh2rhttps://github.com/n8n-io/n8n/security/advisories/GHSA-wrwr-h859-xh2r
- github.cominlineGHSA-mp6x-g55j-w9jw, 2026-05-12https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mp6x-g55j-w9jw
- github.cominlineGHSA-c9j4-9m59-847w, 2026-05-18https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w
- github.cominlinePHP GHSA-85c2-q967-79q5https://github.com/php/php-src/security/advisories/GHSA-85c2-q967-79q5
- github.cominlineGHSA-hmxp-6pc4-f3vvhttps://github.com/php/php-src/security/advisories/GHSA-hmxp-6pc4-f3vv
- github.cominlineGHSA-m33r-qmcv-p97qhttps://github.com/php/php-src/security/advisories/GHSA-m33r-qmcv-p97q
- github.cominlineGHSA-rrmm-9v76-h3p4https://github.com/portainer/portainer/security/advisories/GHSA-rrmm-9v76-h3p4
- github.cominline`CVE-2026-41053` (CVSS 8.8, GHSA-4j6x-2764-m8gh)https://github.com/rancher/rancher/security/advisories/GHSA-4j6x-2764-m8gh
- github.cominlineGHSA-mhc6-2gfq-xx62https://github.com/rancher/rancher/security/advisories/GHSA-mhc6-2gfq-xx62
- github.cominline`CVE-2026-41052` (CVSS 8.4, GHSA-vx8h-4prv-g744)https://github.com/rancher/rancher/security/advisories/GHSA-vx8h-4prv-g744
- github.cominlineGitHub Security Advisory GHSA-c9ph-gxww-7744, 2026-04-29https://github.com/thymeleaf/thymeleaf/security/advisories/GHSA-c9ph-gxww-7744
- gizmodo.cominlineGizmodo, 2026-05-19https://gizmodo.com/the-worst-leak-that-ive-witnessed-u-s-cybersecurity-agency-leaves-its-digital-keys-out-in-public-on-github-2000760330
- global.toshibainlineToshiba, 2026-06-02https://www.global.toshiba/jp/top/info-20260602.html
- globalpolicywatch.cominlineCovington — Cybersecurity Act 2, 2026-01-23https://www.globalpolicywatch.com/2026/01/european-commission-proposes-cybersecurity-act-2-new-eu-supply-chain-rules-and-certification-reforms/
- globalsecurity.orginlineDOJ via GlobalSecurityhttps://www.globalsecurity.org/security/library/news/2026/06/sec-260612-doj01.htm
- globenewswire.cominlineVerizon, 2026-05-19https://www.globenewswire.com/news-release/2026/05/19/3297614/0/en/Vulnerability-Exploitation-Top-Breach-Entry-Point-2026-Industry-Wide-DBIR-Finds.html
- godaddy.cominlineGoDaddy Security, 2026-05-28https://www.godaddy.com/resources/news/malware-targeting-wordpress-abuses-steam-community-profiles
- grafana.cominlineGrafana Labs, 2026-05-19https://grafana.com/blog/grafana-labs-security-update-latest-on-tanstack-npm-supply-chain-ransomware-incident/
- groupe3r.chinlineGroupe 3R victim statement, 2026-04-30https://www.groupe3r.ch/fr/information-importante-perturbation-de-nos-services-7268/
- gtlaw.cominlineGreenberg Traurig analysishttps://www.gtlaw.com/en/insights/2026/5/eus-20th-russia-sanctions-package-key-changes-and-compliance-implications
- hackread.cominlineHackread, 2026-05-16https://hackread.com/pwn2own-berlin-2026-hits-capacity-hackers-0-days/
- hadrian.ioinlineHadrian Securityhttps://hadrian.io/blog/cve-2026-45829----chromadb-python-server-hands-you-rce-before-it-asks-who-you-are
- haveibeenpwned.cominlineHave I Been Pwnedhttps://haveibeenpwned.com/Breach/Charter
- heise.deinlineheise Securityhttps://www.heise.de/en/news/Too-many-zero-days-Microsoft-threatens-legal-action-11310736.html
- heise.deinlineheise Security, 2026-06-03https://www.heise.de/news/Angriffe-auf-Burst-Statistics-Plugin-fuer-WordPress-11317017.html
- heise.deinlineHeise Security, 2026-06-16https://www.heise.de/news/Datenschutzvorfall-in-Muenchen-120-000-sensible-Schuldaten-im-Darknet-11333920.html
- heise.deinlineHeise Security, 2026-05-27https://www.heise.de/news/Hackback-Erlaubnis-Kabinett-macht-Weg-frei-11308323.html
- heise.deinlineHeise Security, 2026-05-18https://www.heise.de/news/Niedersachsen-Datenabfluss-bei-Wirtschaftsprueferverein-im-Gesundheitswesen-11297772.html
- heise.deinlineheise Security — "Pressure Cooker: Europols geheime Datenverarbeitung ohne Aufsicht" ("Europol's secret data processing without oversight"), 2026-05-06https://www.heise.de/news/Pressure-Cooker-Europols-geheime-Datenverarbeitung-ohne-Aufsicht-11283466.html
- heise.deinlineHeise, 2026-05-27https://www.heise.de/news/Roundcube-Webmail-Instanzen-mit-Schadcode-attackierbar-11307545.html
- heise.deinlineheise, 2026-06-05https://www.heise.de/news/Warten-auf-Sicherheitspatch-Zugangsdaten-von-Acer-Wave-7-Router-einsehbar-11318035.html
- heise.deinlineheise Security (DE) — "DNS-Probleme: .de-Domains nicht erreichbar" ("DNS issues: .de domains unreachable"), 2026-05-05https://www.heise.de/security/
- helpnetsecurity.cominlineHelp Net Security, 2025-05-06https://www.helpnetsecurity.com/2025/05/06/exploited-vulnerability-software-managing-samsung-digital-displays-cve-2024-7399/
- helpnetsecurity.cominlineHelp Net Security — European Commission Ivanti EPMM vulnerabilities, 2026-02-09https://www.helpnetsecurity.com/2026/02/09/european-commission-ivanti-epmm-vulnerabilities/
- helpnetsecurity.cominlineHelp Net Security, 2026-04-29https://www.helpnetsecurity.com/2026/04/29/windows-cve-2026-32202-exploited/
- helpnetsecurity.cominlineHelp Net Securityhttps://www.helpnetsecurity.com/2026/05/04/critical-moveit-automation-auth-bypass-vulnerability-fixed-cve-2026-4670/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-04https://www.helpnetsecurity.com/2026/05/04/digicert-breach-code-signing-certificates-malware/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-04https://www.helpnetsecurity.com/2026/05/04/france-titres-data-breach-teen-suspect/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-04https://www.helpnetsecurity.com/2026/05/04/multiple-threat-actors-actively-exploit-cpanel-vulnerability-cve-2026-41940/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-06https://www.helpnetsecurity.com/2026/05/06/daemon-tools-compromised-backdoors-supply-chain-attack/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-08https://www.helpnetsecurity.com/2026/05/08/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-08https://www.helpnetsecurity.com/2026/05/08/ivanti-epmm-zero-day-cve-2026-6973/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-11https://www.helpnetsecurity.com/2026/05/11/germany-crimenetwork-marketplace-shut-down/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-11https://www.helpnetsecurity.com/2026/05/11/google-ai-vulnerability-exploitation/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-12https://www.helpnetsecurity.com/2026/05/12/microsoft-may-2026-patch-tuesday/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-14https://www.helpnetsecurity.com/2026/05/14/fragnesia-cve-2026-46300-linux-lpe-vulnerability/
- helpnetsecurity.cominlineHelp Net Security — Sophos 2026 identity-breach costs reporthttps://www.helpnetsecurity.com/2026/05/14/sophos-2026-identity-breach-costs-report/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-18https://www.helpnetsecurity.com/2026/05/18/interpol-mena-cybercrime-operation-ramz-201-arrests/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-20https://www.helpnetsecurity.com/2026/05/20/github-breached-teampcp/
- helpnetsecurity.cominlineHelp Net Securityhttps://www.helpnetsecurity.com/2026/05/20/verizon-2026-dbir-findings/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-21https://www.helpnetsecurity.com/2026/05/21/github-grafana-breach-root-cause-nx-console/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-21https://www.helpnetsecurity.com/2026/05/21/operation-saffron-first-vpn-takedown/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-22https://www.helpnetsecurity.com/2026/05/22/deleted-google-api-keys-risk/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-22https://www.helpnetsecurity.com/2026/05/22/kali365-microsoft-365-phishing-fbi-warning/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-26https://www.helpnetsecurity.com/2026/05/26/sharepoint-vulnerability-cve-2026-45659/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-27https://www.helpnetsecurity.com/2026/05/27/fbi-silent-ransom-group-law-firms-social-engineering/
- helpnetsecurity.cominlineHelp Net Securityhttps://www.helpnetsecurity.com/2026/05/28/carnival-corporation-data-breach/
- helpnetsecurity.cominlineHelp Net Securityhttps://www.helpnetsecurity.com/2026/06/01/windows-netlogon-rce-exploited-cve-2026-41089/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-02https://www.helpnetsecurity.com/2026/06/02/ai-agents-edr-evasion-techniques/
- helpnetsecurity.cominlineHelp Net Securityhttps://www.helpnetsecurity.com/2026/06/02/android-vulnerability-exploited-cve-2025-48595/
- helpnetsecurity.cominlineHelp Net Securityhttps://www.helpnetsecurity.com/2026/06/05/cisco-sd-wan-cve-2026-20245-0-day-exploited/
- helpnetsecurity.cominlineHelp Net Security forecasthttps://www.helpnetsecurity.com/2026/06/05/june-2026-patch-tuesday-forecast/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-08https://www.helpnetsecurity.com/2026/06/08/check-point-cve-2026-50751-qilin-ransomware/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-09https://www.helpnetsecurity.com/2026/06/09/tchap-french-government-secure-messaging-platform-breach/
- helpnetsecurity.cominlineHelp Nethttps://www.helpnetsecurity.com/2026/06/12/cve-2026-50751-poc-exploit/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-15https://www.helpnetsecurity.com/2026/06/15/chinese-hackers-redcap-medical-research-institutions-breach/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-16https://www.helpnetsecurity.com/2026/06/16/dragonforce-microsoft-teams-malware-backdoor-turn/
- helpnetsecurity.cominlineHelp Nethttps://www.helpnetsecurity.com/2026/06/16/fortisandbox-vulnerabilities-cve-2026-39813-cve-2026-39808-cve-2026-25089/
- helpx.adobe.cominlineAdobe PSIRT APSB26-64https://helpx.adobe.com/security/products/coldfusion/apsb26-64.html
- herodevs.cominlineHeroDevs analysis, 2026-05-08https://www.herodevs.com/blog-posts/cve-2026-40982-critical-spring-cloud-config-server-directory-traversal-cvss-9-8
- hkcert.orginlineHKCERT Advisory 20260522https://www.hkcert.org/security-bulletin/trend-micro-apex-one-multiple-vulnerabilities_20260522
- homeland.house.govinlineHouse Homeland Security Committee letter, 2026-05-11https://homeland.house.gov/2026/05/11/chairman-garbarino-seeks-information-from-canvas-developer-after-cyberattacks-impact-schools-and-universities-nationwide/
- horizon3.aiinlineHorizon3.ai, 2026-06-12https://horizon3.ai/attack-research/disclosures/cve-2026-48558-simplehelp-authentication-bypass-iocs/
- httpd.apache.orginlineApache HTTP Server security pagehttps://httpd.apache.org/security/vulnerabilities_24.html
- huntress.cominlineHuntress Labs' 2026-05-21 IR reporthttps://www.huntress.com/blog/the-gentlemen-ransomware-defense-evasion-ttps
- ibm.cominlineIBM Security Bulletin node/7274065https://www.ibm.com/support/pages/node/7274065
- ic3.govinlineFBI IC3 PSA260527https://www.ic3.gov/PSA/2026/PSA260527
- ictjournal.chinlineICTjournal.ch, 2026-05-06https://www.ictjournal.ch/news/2026-05-06/le-reseau-radiologique-romand-a-nouveau-victime-dune-cyberattaque-ses-systemes
- igj.nlinlineIGJ inspection reporthttps://www.igj.nl/actueel/nieuws/2026/05/13/clinical-diagnostics-voldeed-niet-aan-wettelijke-norm-voor-informatiebeveiliging
- imperva.cominlineImperva, 2026-05-21https://www.imperva.com/blog/imperva-customers-protected-against-cve-2026-9082-in-drupal-core/
- industrialcyber.coinlineIndustrial Cyber, 2026-06-05https://industrialcyber.co/regulation-standards-and-compliance/eu-council-to-examine-cybersecurity-package-focused-on-enisa-nis2-simplification-and-supply-chain-security/
- industrialcyber.coinlineIndustrial Cyber, 2026-05-13https://industrialcyber.co/threats-attacks/symantec-uncovers-iran-linked-seedworm-espionage-campaign-targeting-airport-government-manufacturing-sectors/
- infosecurity-magazine.cominlineInfosecurity Magazinehttps://www.infosecurity-magazine.com/news/chinese-hackers-exploit-iran-war/
- infosecurity-magazine.cominlineInfosecurity Magazine, 2026-06-01https://www.infosecurity-magazine.com/news/gamaredon-worm-ntfs-data-streams/
- infosecurity-magazine.cominlineInfosecurity Magazine, 2026-05-20https://www.infosecurity-magazine.com/news/github-confirms-breach-vs-code/
- infosecurity-magazine.cominlineInfosecurity Magazine, 2026-05-11https://www.infosecurity-magazine.com/news/shinyhunters-escalates-canvas/
- insidehighered.cominlineInside Higher Ed, 2026-05-11https://www.insidehighered.com/news/tech-innovation/administrative-tech/2026/05/11/instructure-pays-ransom-canvas-hackers
- interpol.intinlineINTERPOL, 2026-05-18https://www.interpol.int/en/News-and-Events/News/2026/201-arrests-in-first-of-its-kind-cybercrime-operation-in-MENA-region
- investor.adt.cominlineSEC 8-K filing, 2026-04-24https://investor.adt.com/financials/sec-filings/default.aspx
- ioctl.failinlineioctl.fail, 2026-06-11https://ioctl.fail/preliminary-analysis-of-aur-malware/
- ip.networkinlineIP.network Blog, 2026-05-05https://www.ip.network/blog/de-domain-dnssec-outage-may-2026
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-25https://isc.sans.edu/diary/33016
- isc.sans.eduinlineSANS ISC, 2026-06-02https://isc.sans.edu/diary/33040
- isc.sans.eduinlineSANS ISC Diary, 2026-05-04https://isc.sans.edu/diary/Cleartext+Passwords+in+MS+Edge+In+2026/32954/
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-18https://isc.sans.edu/diary/rss/32994
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-27https://isc.sans.edu/diary/rss/33024
- isc.sans.eduinlineSANS ISC, 2026-06-01https://isc.sans.edu/diary/rss/33034
- ivanti.cominlineIvanti PSIRThttps://www.ivanti.com/blog/may-2026-epmm-security-update
- ivanti.cominlineIvanti PSIRT May 2026 advisory batchhttps://www.ivanti.com/blog/may-2026-security-update
- joomlacontenteditor.netinlineWidget Factory / JCE, 2026-06-03https://www.joomlacontenteditor.net/news/jce-security-update-and-a-free-patch-for-older-sites
- jpcert.or.jpinlineJPCERT/CC at260014, 2026-05-22https://www.jpcert.or.jp/english/at/2026/at260014.html
- justice.govinlineU.S. Department of Justice, 2026-05-21https://www.justice.gov/usao-ak/pr/canadian-man-arrested-international-authorities-charged-administrating-kimwolf-ddos
- kaspersky.cominlineKaspersky press release, 2026-05-05https://www.kaspersky.com/about/press-releases/kaspersky-identifies-ongoing-supply-chain-attack-on-official-daemon-tools-website-distributing-backdoor-malware
- kaspersky.cominlineKaspersky Securelisthttps://www.kaspersky.com/blog/daemon-tools-supply-chain-attack/55691/
- kb.isc.orginlineISC, 2026-05-20https://kb.isc.org/docs/cve-2026-5946
- keycloak.orginlineKeycloak Projecthttps://www.keycloak.org/2026/05/keycloak-2662-released
- kodemsecurity.cominlineKodem Security frames the AI-agent escalation pathhttps://www.kodemsecurity.com/resources/vm2-sandbox-escape-vulnerabilities-the-2026-cve-wave-turning-ai-agents-into-host-rce-vectors
- krebsonsecurity.cominlineKrebsOnSecurity, 2026-05-22https://krebsonsecurity.com/2026/05/alleged-kimwolf-botmaster-dort-arrested-charged-in-u-s-and-canada/
- krebsonsecurity.cominlineKrebs on Security — CISA GovCloud keyshttps://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/
- krebsonsecurity.cominlineKrebs on Security, 2026-05-12https://krebsonsecurity.com/2026/05/patch-tuesday-may-2026-edition/
- krebsonsecurity.cominlineKrebs on Security, 2026-06-01https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
- krebsonsecurity.cominlineKrebsOnSecurity, 2026-06-10https://krebsonsecurity.com/2026/06/who-runs-the-ransomware-group-the-gentlemen/
- labs.cloudsecurityalliance.orginlineCSA research notehttps://labs.cloudsecurityalliance.org/research/csa-research-note-shai-hulud-megalodon-supply-chain-cascade/
- labs.infoguard.chinlineInfoGuard, 2026-06-09https://labs.infoguard.ch/posts/ghost-sender/
- labs.infoguard.chinlineInfoGuard Labshttps://labs.infoguard.ch/posts/seppmail_secure_e-mail_gateway_rce_vulnerabilities_cve-2026-2743_cve-2026-7864_cve-2026-44127_cve-2026-44128/
- labs.watchtowr.cominlinewatchTowr Labshttps://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/
- labs.watchtowr.cominlinewatchTowr Labshttps://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/
- labs.watchtowr.cominlinewatchTowr Labs, 2026-06-12https://labs.watchtowr.com/why-use-app-level-auth-when-every-database-has-auth-splunk-enterprise-cve-2026-20253-pre-auth-rce/
- labs.withsecure.cominlineWithSecure Labs — GREYVIBEhttps://labs.withsecure.com/publications/greyvibe
- learn.microsoft.cominlineASR rules referencehttps://learn.microsoft.com/en-us/defender-endpoint/attack-surface-reduction-rules-reference
- legalcheek.cominlineLegal Cheek, 2026-06-03https://www.legalcheek.com/2026/06/weil-reportedly-pays-up-to-20-million-after-hackers-steal-client-data/
- lhm-services.deinlineLHM-Services GmbH press release, 2026-06-15https://lhm-services.de/wp-content/uploads/2026/06/Pressemitteilung_LHM-Services-GmbH_15.06.2026-1.pdf
- lumen.cominlineLumen Black Lotus Labs — Showboathttps://www.lumen.com/blog/en-us/introducing-showboat-a-new-malware-family-taunts-defenses-and-targets-international-telecom-firms
- maine.govinlineMaine AGhttps://www.maine.gov/ag/news-and-library/press-releases/statement-office-maine-attorney-general-abuse-data-breach-reporting
- maine.govinlineMaine AG breach notification, 2026-05-01https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/4fe778c0-a3a9-4dbe-8e79-2c229ac5c36b.html
- maine.govinlineMaine AG data-breach filinghttps://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/d6729ef2-7bb3-42d3-abdd-99a1dd8f2415.html
- malwarebytes.cominlineMalwarebytes, 2026-03https://www.malwarebytes.com/blog/news/2026/03/fake-claude-code-install-pages-hit-windows-and-mac-users-with-infostealers
- malwarebytes.cominlineMalwarebytes — Shub Stealer earlier wave, 2026-03https://www.malwarebytes.com/blog/threat-intel/2026/03/fake-cleanmymac-site-installs-shub-stealer-and-backdoors-crypto-wallets
- mariadb.cominlineMariaDB CVE listhttps://mariadb.com/docs/server/security/cve/community-server
- mariadb.orginlineMariaDB Foundation, 2026-06-02https://mariadb.org/mariadb-community-server-corrective-releases/
- mi5.gov.ukinlineMI5https://www.mi5.gov.uk/five-eyes-joint-bulletin-safeguarding-our-secrets
- microsoft.cominlineMicrosoft Threat Intelligence, 2021-03-02https://www.microsoft.com/en-us/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-01https://www.microsoft.com/en-us/security/blog/2026/05/01/cve-2026-31431-copy-fail-vulnerability-enables-linux-root-privilege-escalation/
- microsoft.cominlineMicrosoft Security Blog 2026-05-04https://www.microsoft.com/en-us/security/blog/2026/05/04/breaking-the-code-multi-stage-code-of-conduct-phishing-campaign-leads-to-aitm-token-compromise/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-06https://www.microsoft.com/en-us/security/blog/2026/05/06/clickfix-campaign-uses-fake-macos-utilities-lures-deliver-infostealers/
- microsoft.cominlineMicrosoft Security Bloghttps://www.microsoft.com/en-us/security/blog/2026/05/07/prompts-become-shells-rce-vulnerabilities-ai-agent-frameworks/
- microsoft.cominlineMicrosoft Security Bloghttps://www.microsoft.com/en-us/security/blog/2026/05/08/active-attack-dirty-frag-linux-vulnerability-expands-post-compromise-risk/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-12https://www.microsoft.com/en-us/security/blog/2026/05/12/defense-at-ai-speed-microsofts-new-multi-model-agentic-security-system-finds-16-new-vulnerabilities/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-12https://www.microsoft.com/en-us/security/blog/2026/05/12/undermining-the-trust-boundary-investigating-a-stealthy-intrusion-through-third-party-compromise/
- microsoft.cominlineMicrosoft Security Bloghttps://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-18https://www.microsoft.com/en-us/security/blog/2026/05/18/storm-2949-turned-compromised-identity-into-cloud-wide-breach/
- microsoft.cominlineMicrosoft Threat Intelligence — Fox Tempesthttps://www.microsoft.com/en-us/security/blog/2026/05/19/exposing-fox-tempest-a-malware-signing-service-operation/
- microsoft.cominlineMicrosoft Security Blog — search-poisoning cryptojackinghttps://www.microsoft.com/en-us/security/blog/2026/05/26/poisoned-search-results-gpu-mining-cryptojacking-campaign-abusing-screenconnect-microsoft-net-utilities/
- microsoft.cominlineMicrosoft Threat Intelligence, 2026-05-28https://www.microsoft.com/en-us/security/blog/2026/05/28/the-gentlemen-ransomware-dissecting-a-self-propagating-go-encryptor/
- microsoft.cominlineMicrosoft, 2026-05-30https://www.microsoft.com/en-us/security/blog/2026/05/29/33-malicious-npm-packages-abuse-dependency-confusion-profile-developer-environments/
- microsoft.cominlineMicrosoft, 2026-06-08https://www.microsoft.com/en-us/security/blog/2026/06/08/ai-brands-as-bait-how-threat-actors-are-using-the-ai-hype-in-social-engineering/
- moselwal.cominlineMoselwal technical write-uphttps://moselwal.com/blog/dirtydecrypt-linux-kernel-rxgk-cve-2026-31635
- msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41089
- msrc.microsoft.cominlineMSRC CVE-2026-41091https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41091
- msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-42897
- msrc.microsoft.cominline2026-05-19https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45584
- msrc.microsoft.cominlineMSRC update guide entry, published 2026-05-19https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45585
- msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45659
- msrc.microsoft.cominlineMicrosoft MSRC — CVE-2026-32202https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202
- msrc.microsoft.cominlineMSRC Security Update Guidehttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41089
- msrc.microsoft.cominlineMSRC Security Update Guidehttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096
- msrc.microsoft.cominlineMSRC Security Update Guidehttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41103
- msrc.microsoft.cominlineMSRC Security Update Guidehttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42898
- msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585
- my.f5.cominlineF5 K000160932, 2026-05-14https://my.f5.com/manage/s/article/K000160932
- my.f5.cominlineF5 PSIRT advisory K000161019https://my.f5.com/manage/s/article/K000161019
- ncsc.admin.chinlineNCSC Switzerland — Im Fokus / "In Focus", 2026-05-05https://www.ncsc.admin.ch/ncsc/de/home/aktuell/im-fokus.html
- ncsc.admin.chinlineNCSC Switzerland Im Fokus, 2026-05-01https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2026/einschtzung_mythos_2026.html
- ncsc.admin.chinlineNCSC Switzerland, 2026-06-01https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2026/massnahmen-grossanlaesse-konferenzen-g7.html
- ncsc.admin.chinlineNCSC-CHhttps://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2026/wochenrueckblick_23.html
- ncsc.gov.ukinlineNCSC-UK blog, 2026-05-11https://www.ncsc.gov.uk/blogs/10-questions-ask-using-ai-models-find-vulnerabilities
- news.risky.bizinlineRisky Business News bulletinhttps://news.risky.biz/risky-bulletin-dutch-police-take-down-giant-botnet-of-17-million-devices/
- news.risky.bizinlineRisky Biz News, 2026-06-01https://news.risky.biz/risky-bulletin-russia-greatly-expands-sorm-surveillance-requirements/
- newsroom.adt.cominlineADT Newsroom, 2026-04-24https://newsroom.adt.com/corporate-news/adt-detects-cybersecurity-incident
- nextcloud.cominlineNextcloud security advisory NC-SA-2026-029https://nextcloud.com/security/advisory/?id=NC-SA-2026-029
- nlnetlabs.nlinlineNLnet Labs, 2026-05-20https://nlnetlabs.nl/downloads/unbound/CVE-2026-33278.txt
- nltimes.nlinlineNL Times, 2026-04-29https://nltimes.nl/2026/04/29/chipsoft-hackers-destroyed-stolen-patient-data-leaks
- nltimes.nlinlineNL Times — Canvas hack: student data from 44 Dutch universities and schools takenhttps://nltimes.nl/2026/05/05/canvas-hack-student-data-44-dutch-universities-schools-taken-massive-breach
- nltimes.nlinlineNL Times — Dutch universities disconnect Canvashttps://nltimes.nl/2026/05/09/dutch-universities-disconnect-canvas-hackers-claim-continued-access
- nltimes.nlinlineNL Times, 2026-05-26https://nltimes.nl/2026/05/26/man-35-arrested-hack-targeting-ajax-app-fan-data
- nltimes.nlinlineNL Times English summaryhttps://nltimes.nl/2026/05/28/ncsc-dutch-police-disrupt-global-botnet-controlled-via-netherlands-based-servers
- noscope.cominlineNoScope, 2026-05-25https://www.noscope.com/blog/gitea-instances-exposing-private-container
- nottingham.ac.ukinlineUniversity of Nottinghamhttps://www.nottingham.ac.uk/currentstudents/news/student-and-alumni-data-has-been-compromised-in-a-data-security-incident
- novonordisk.cominlineNovo Nordisk, 2026-06-15https://www.novonordisk.com/news-and-media/latest-news/incident-update.html
- novonordisk.cominlineNovo Nordisk, 2026-06-11https://www.novonordisk.com/news-and-media/news-and-ir-materials/news-details.html?id=916571
- numerique.gouv.frinlineDINUM, 2026-06-08https://www.numerique.gouv.fr/sinformer/espace-presse/incident-tchap/
- nvd.nist.govinlineCVE-2023-33241https://nvd.nist.gov/vuln/detail/CVE-2023-33241
- nvd.nist.govinlineNVD CVE-2024-57726https://nvd.nist.gov/vuln/detail/CVE-2024-57726
- nvd.nist.govinlineNVD CVE-2024-57728https://nvd.nist.gov/vuln/detail/CVE-2024-57728
- nvd.nist.govinlineNVD CVE-2024-7399https://nvd.nist.gov/vuln/detail/CVE-2024-7399
- nvd.nist.govinlineCVE-2025-29927https://nvd.nist.gov/vuln/detail/CVE-2025-29927
- nvd.nist.govinlineCVE-2025-48703https://nvd.nist.gov/vuln/detail/CVE-2025-48703
- nvd.nist.govinlineCVE-2025-55182https://nvd.nist.gov/vuln/detail/CVE-2025-55182
- nvd.nist.govinlineCVE-2025-9501https://nvd.nist.gov/vuln/detail/CVE-2025-9501
- nvd.nist.govinlineCVE-2026-1357https://nvd.nist.gov/vuln/detail/CVE-2026-1357
- nvd.nist.govinlineNVD CVSS 6.5https://nvd.nist.gov/vuln/detail/CVE-2026-20262
- nvd.nist.govinlineNVD — CVE-2026-5787https://nvd.nist.gov/vuln/detail/CVE-2026-5787
- nvd.nist.govinlineNVD — CVE-2026-6973https://nvd.nist.gov/vuln/detail/CVE-2026-6973
- nvd.nist.govinlineNVD entry CVE-2026-9170https://nvd.nist.gov/vuln/detail/CVE-2026-9170
- nx.devinlineNx postmortem, 2026-05-19https://nx.dev/blog/nx-console-v18-95-0-postmortem
- oag.ca.govinlineCalifornia OAG, 2026-05-28https://oag.ca.gov/news/press-releases/attorney-general-bonta-sues-chrome-holding-co-formerly-known-23andme-over-2023
- oasis.securityinlineOasis Security 2026-05-07https://www.oasis.security/blog/cline-kanban-websocket-hijack
- obsidiansecurity.cominlineObsidian Security, 2026-06-15https://www.obsidiansecurity.com/blog/litellm-privilege-escalation-rce
- onapsis.cominlineOnapsishttps://onapsis.com/blog/sap-security-patch-day-june-2026
- onapsis.cominlineOnapsis, 2026-05-12https://onapsis.com/blog/sap-security-patch-day-may-2026/
- onvista.deinlineonvista / dpa, 2026-05-27https://www.onvista.de/news/2026/05-27-kabinett-billigt-gesetz-fuer-offensive-cyberabwehr-0-20-26515861
- openclaw.orginlineOpenClaw security advisory OC-SA-2026-001https://openclaw.org/security/OC-SA-2026-001
- opensourcemalware.cominlineOpenSourceMalwarehttps://opensourcemalware.com/blog/miasma-reaches-azure
- openssf.orginlineOpenSSF policy blog, 2026-06-03https://openssf.org/policy/2026/06/03/updates-from-europe-single-reporting-platform-public-consultations-new-publications/
- openwall.cominlineoss-security, 2026-05-12https://www.openwall.com/lists/oss-security/2026/05/12/4
- openwall.cominlineoss-security / V12 Security, 2026-05-19https://www.openwall.com/lists/oss-security/2026/05/19/6
- openwall.cominlineSamba-team announcement on oss-securityhttps://www.openwall.com/lists/oss-security/2026/05/27/6
- openwall.cominlineOSSA-2026-020 via oss-security, 2026-06-03https://www.openwall.com/lists/oss-security/2026/06/03/14
- openwall.cominlineoss-security, 2026-06-03https://www.openwall.com/lists/oss-security/2026/06/03/3
- optinmonster.cominlineOptinMonster, 2026-06-14https://optinmonster.com/security-incident-tampered-script-served-via-optinmonster-and-trustpulse/
- oracle.cominlineOracle security alerthttps://www.oracle.com/security-alerts/alert-cve-2026-35273.html
- oracle.cominlineOracle CPUhttps://www.oracle.com/security-alerts/cpujul2024.html
- osservatorionessuno.orginlineOsservatorio Nessuno — Spyrtacus, 2026-04-09https://osservatorionessuno.org/blog/2026/04/italian-spyware-maker-sio-still-developing-and-distributing-spyrtacus/
- osservatorionessuno.orginlineOsservatorio Nessuno — Morpheus, 2026-04-23https://osservatorionessuno.org/blog/2026/04/morpheus-a-new-spyware-linked-to-ips-intelligence/
- ox.securityinlineOX Security, 2026-05-21https://www.ox.security/blog/megalodon-cicd-malware-github/
- ox.securityinlineOX Security — TeamPCP copycatshttps://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/
- panelica.cominlinePanelica, 2026-05-08https://panelica.com/blog/cpanel-cve-2026-29201-29202-29203-may-2026-tsr-advisory
- patchstack.cominlinePatchstack, 2026-06-15https://patchstack.com/articles/supply-chain-attack-on-optinmonster-trustpulse-and-pushengage-tampered-cdn-scripts-auto-creating-rogue-admins/
- patchstack.cominlinePatchstack — Kirki advisoryhttps://patchstack.com/database/wordpress/plugin/kirki/vulnerability/wordpress-kirki-plugin-6-0-0-6-0-6-unauthenticated-privilege-escalation-via-handle-forgot-password-vulnerability
- penligent.aiinlinePenligent/Barghest researchhttps://www.penligent.ai/hackinglabs/cve-2026-0073-android-adbd-zero-click-shell-through-wireless-adb/
- permiso.ioinlinePermiso Security — ChatGPhishhttps://permiso.io/blog/chatgpt-markdown-rendering-vulnerability
- php.netinlinePHP 8 ChangeLoghttps://www.php.net/ChangeLog-8.php
- php.watchinlinephp.watch — PHP 8.5.6 releasehttps://php.watch/versions/8.5/releases/8.5.6
- policia.esinlinePolicía Nacional, 2026-06-01https://policia.es/_es/comunicacion_prensa_detalle.php?ID=16895
- politie.nlinlineCybercrime Team of the Dutch Politie Unit The Hague and the NCSC.nl jointly took down the Asocks residential-proxy infrastructurehttps://www.politie.nl/nieuws/2026/mei/28/06-politie-en-ncsc-halen-groot-botnetwerk-offline.html
- posthogstatus.cominlinePostHog status, 2026-05-30https://www.posthogstatus.com/incidents/01KSV6HJYKG5QJAP8HVTSQVSM1
- postquantum.cominlinePostQuantum.com — EU PQC NIS2, 2026-02-13https://postquantum.com/security-pqc/eu-pqc-nis2/
- prnewswire.cominlineCarnival Corporation — Notice of Data Breachhttps://www.prnewswire.com/news-releases/carnival-corporation-notice-of-data-breach-302783524.html
- pushsecurity.cominlinePush Security, 2026-05https://pushsecurity.com/blog/installfix
- pushsecurity.cominlinePush Security — LLMSharehttps://pushsecurity.com/blog/llmshare-malvertising-campaign
- pwc.cominlinePwC Threat Intelligencehttps://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/red-lamassu-open-season.html
- rapid7.cominlineRapid7https://www.rapid7.com/blog/post/etr-active-exploitation-of-oracle-peoplesoft-zero-day-cve-2026-35273/
- rapid7.cominlineRapid7https://www.rapid7.com/blog/post/etr-critical-check-point-vpn-zero-day-exploited-in-the-wild-cve-2026-50751/
- rapid7.cominlineRapid7 ETRhttps://www.rapid7.com/blog/post/etr-cve-2026-41940-cpanel-whm-authentication-bypass/
- rapid7.cominlineRapid7 ETR — observed exploitationhttps://www.rapid7.com/blog/post/etr-rapid7-observed-exploitation-of-pan-os-globalprotect-authentication-bypass-vulnerability-cve-2026-0257/
- rapid7.cominlineRapid7 — Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomwarehttps://www.rapid7.com/blog/post/tr-muddying-tracks-state-sponsored-shadow-behind-chaos-ransomware/
- rapid7.cominlineRapid7, 2026-05-14https://www.rapid7.com/blog/post/ve-cve-2026-20182-critical-authentication-bypass-cisco-catalyst-sd-wan-controller-fixed/
- recordedfuture.cominlineRecorded Future Insikt Group, 2025-06https://www.recordedfuture.com/research/one-step-ahead-stark-industries-solutions-preempts-eu-sanctions
- redcanary.cominlineRed Canary — Entra Agent IDhttps://redcanary.com/blog/threat-detection/entra-id-ai-workflows/
- redis.ioinlineRedis, 2026-05-05https://redis.io/blog/security-advisory-cve202623479-cve202625243-cve-2026-25588-cve202625589-cve-2026-23631/
- research.checkpoint.cominlineCheck Point Research DFIR Report, 2026-04-20https://research.checkpoint.com/2026/dfir-report-the-gentlemen/
- research.checkpoint.cominlineCheck Point Research, 2026-06-03https://research.checkpoint.com/2026/impersonation-click-hijacking-and-tds-inside-a-malware-distribution-ecosystem/
- research.checkpoint.cominlineCheck Point Research, 2026-05-13https://research.checkpoint.com/2026/thus-spoke-the-gentlemen/
- research.jfrog.cominlineJFrog Security Research — IronWormhttps://research.jfrog.com/post/iron-worm-shai-hulud-rustier-cousin/
- roundcube.netinlineRoundcubehttps://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
- safedep.ioinlineSafeDephttps://safedep.io/megalodon-mass-github-repo-backdooring-ci-workflows/
- samba.orginlineSambahttps://www.samba.org/samba/security/CVE-2026-4408.html
- samba.orginlineSamba Project — CVE-2026-4480https://www.samba.org/samba/security/CVE-2026-4480.html
- sansec.ioinlineSansec researchhttps://sansec.io/research/funnelkit-woocommerce-vulnerability-exploited
- sansec.ioinlineSansec, 2026-06-13https://sansec.io/research/optinmonster-supply-chain-attack
- sansec.ioinlineSansec, 2026-06-04https://sansec.io/research/stripe-api-skimmer-infrastructure
- scworld.cominlineSC Media — expanded victim listhttps://www.scworld.com/brief/multiple-other-companies-purportedly-breached-by-shinyhunters-over-9m-record-leak-warned
- sec.cloudapps.cisco.cominlineCisco PSIRThttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy
- sec.cloudapps.cisco.cominlineCisco PSIRT, 2026-06-03https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW
- sec.cloudapps.cisco.cominlineCisco PSIRT, 2026-06-15https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ
- sec.cloudapps.cisco.cominlineCisco PSIRThttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx
- sec.cloudapps.cisco.cominlineCisco PSIRThttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW
- sec.cloudapps.cisco.cominlineCisco PSIRThttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy
- sec.govinlineSEC EDGAR 8-K/A, 2026-05-20https://www.sec.gov/Archives/edgar/data/0000105770/000010577026000077/wst-20260507.htm
- sec.govinlineSEC EDGAR — WST 8-K, 2026-05-11https://www.sec.gov/Archives/edgar/data/105770/000010577026000068/wst-20260507.htm
- seclists.orginlineFull Disclosure, 2026-02-16https://seclists.org/fulldisclosure/2026/Feb/16
- seclists.orginlineoss-securityhttps://seclists.org/oss-sec/2026/q2/790
- secretservice.govinlineUS Secret Servicehttps://www.secretservice.gov/newsroom/releases/2026/06/two-charged-connection-cryptocurrency-money-laundering-service-allegedly
- securelist.cominlineSecurelist (Kaspersky), 2026-05-12https://securelist.com/state-of-ransomware-in-2026/119761/
- securelist.cominlineKaspersky Securelist, 2026-05-05https://securelist.com/tr/daemon-tools-backdoor/119654/
- security-hub.ncsc.admin.chinlineNCSC.ch post 12548https://security-hub.ncsc.admin.ch/#/posts/12548
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12558, 2026-05-12https://security-hub.ncsc.admin.ch/#/posts/12558
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12565, 2026-05-12https://security-hub.ncsc.admin.ch/#/posts/12565
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12569, 2026-05-13https://security-hub.ncsc.admin.ch/#/posts/12569
- security-hub.ncsc.admin.chinlineNCSC.ch Security Hub #12574https://security-hub.ncsc.admin.ch/#/posts/12574
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub post #12575https://security-hub.ncsc.admin.ch/#/posts/12575
- security-hub.ncsc.admin.chinlineNCSC.ch Security Hub #12577https://security-hub.ncsc.admin.ch/#/posts/12577
- security-hub.ncsc.admin.chinlineNCSC-CH 12579https://security-hub.ncsc.admin.ch/#/posts/12579
- security-hub.ncsc.admin.chinlineNCSC-CH, 2026-05-22https://security-hub.ncsc.admin.ch/#/posts/12584
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub, 2026-05-21https://security-hub.ncsc.admin.ch/#/posts/12588
- security-hub.ncsc.admin.chinlineNCSC-CH post 12594https://security-hub.ncsc.admin.ch/#/posts/12594
- security-hub.ncsc.admin.chinlineNCSC.ch Security Hub post 12596https://security-hub.ncsc.admin.ch/#/posts/12596
- security-hub.ncsc.admin.chinlineNCSC.ch Security Hub post 12599https://security-hub.ncsc.admin.ch/#/posts/12599
- security-hub.ncsc.admin.chinlineNCSC.ch Security Hub post 12601https://security-hub.ncsc.admin.ch/#/posts/12601
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub, 2026-06-16https://security-hub.ncsc.admin.ch/#/posts/12605
- security-hub.ncsc.admin.chinlineNCSC-CH advisory 12610https://security-hub.ncsc.admin.ch/#/posts/12610
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hubhttps://security-hub.ncsc.admin.ch/#/posts/12615
- security-hub.ncsc.admin.chinlineNCSC-CH, 2026-06-09https://security-hub.ncsc.admin.ch/#/posts/12619
- security-hub.ncsc.admin.chinlineNCSC-CH, 2026-06-09https://security-hub.ncsc.admin.ch/#/posts/12620
- security-hub.ncsc.admin.chinlineNCSC-CH GovCERThttps://security-hub.ncsc.admin.ch/#/posts/12621
- security-hub.ncsc.admin.chinlineNCSC-CH CSH, 2026-06-11https://security-hub.ncsc.admin.ch/#/posts/12622
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hubhttps://security-hub.ncsc.admin.ch/#/posts/12627
- security-hub.ncsc.admin.chinlineNCSC-CH 12547https://security-hub.ncsc.admin.ch/api/posts/12547/details
- security-hub.ncsc.admin.chinlineNCSC-CH 12548, 2026-05-08https://security-hub.ncsc.admin.ch/api/posts/12548/details
- security-hub.ncsc.admin.chinlineNCSC-CH 12550, 2026-05-08https://security-hub.ncsc.admin.ch/api/posts/12550/details
- security-hub.ncsc.admin.chinlineNCSC.ch Security Hub #12551https://security-hub.ncsc.admin.ch/api/posts/12551/details
- security-hub.ncsc.admin.chinlineNCSC.ch Security Hub #12577https://security-hub.ncsc.admin.ch/api/posts/12577/details
- security.paloaltonetworks.cominlinePAN PSIRThttps://security.paloaltonetworks.com/CVE-2026-0257
- security.paloaltonetworks.cominlinePalo Alto PSIRThttps://security.paloaltonetworks.com/CVE-2026-0300
- securityaffairs.cominlineSecurityAffairs, 2026-05-08https://securityaffairs.com/191859/cyber-crime/zara-data-breach-197000-customers-exposed-in-third-party-security-incident.html
- securityaffairs.cominlineSecurity Affairs, 2026-05-12https://securityaffairs.com/192003/malware/android-banking-trojan-trickmo-evolves-using-ton-network-for-c2.html
- securityaffairs.cominlineSecurity Affairs, 2026-05-14https://securityaffairs.com/192132/hacking/nginx-rift-an-18-year-old-flaw-in-the-worlds-most-deployed-web-server-just-came-to-light.html
- securityaffairs.cominlineSecurity Affairs, 2026-05-18https://securityaffairs.com/192336/data-breach/shinyhunters-hack-7-eleven-franchisee-data-and-salesforce-records-exposed.html
- securityaffairs.cominlineSecurity Affairs, 2026-05-20https://securityaffairs.com/192415/cyber-crime/carding-site-b1acks-stash-dumps-4-6-million-stolen-cards-for-free.html
- securityaffairs.cominlineSecurity Affairs, 2026-05-30https://securityaffairs.com/192907/uncategorized/shinyhunters-leaks-charter-communications-data-potentially-impacting-5-million-customers.html
- securityaffairs.cominlineSecurity Affairs — NIS360https://securityaffairs.com/193002/reports/enisa-nis360-2026-progress-across-the-board-but-the-sectors-that-matter-most-are-still-falling-short.html
- securityaffairs.cominlineSecurity Affairs, 2026-06-02https://securityaffairs.com/193027/security/u-s-cisa-adds-oracle-weblogic-flaw-to-its-known-exploited-vulnerabilities-catalog.html
- securityaffairs.cominlineSecurity Affairs, 2026-06-05https://securityaffairs.com/193215/cyber-crime/silent-ransom-group-srg-switching-to-dns-fast-flux-infrastructure.html
- securityaffairs.cominlineSecurityAffairshttps://securityaffairs.com/193530/hacking/cve-2026-10520-exploited-ivanti-sentry-gateways-compromised-shortly-after-patch-release.html
- securityaffairs.cominlineSecurity Affairshttps://securityaffairs.com/193557/security/u-s-cisa-adds-ivanti-sentry-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-patching-by-june-14.html
- securityaffairs.cominlineSecurity Affairs, 2026-06-12https://securityaffairs.com/193565/uncategorized/iran-linked-handala-breached-a-california-water-utility-it-could-have-done-worse-and-it-knows-that.html
- securityaffairs.cominlineSecurity Affairs, 2026-06-15https://securityaffairs.com/193650/security/novo-nordisk-confirms-data-theft-what-attackers-took-and-what-they-didnt.html
- securityaffairs.cominlineSecurity Affairshttps://securityaffairs.com/193709/ai/fortinet-warned-as-three-critical-fortisandbox-bugs-come-under-attack.html
- securityaffairs.cominlineSecurity Affairs, 2026-06-08https://www.securityaffairs.com/193307/ai/meta-ai-recovery-tool-flaw-exposed-20000-instagram-accounts.html
- securityboulevard.cominlineSecurity Boulevard, 2026-04-24https://securityboulevard.com/2026/04/cisa-warns-of-multiple-simplehelp-vulnerabilities-exploited-in-attacks/
- securityboulevard.cominlineSecurity Boulevard, 2026-05-04https://securityboulevard.com/2026/05/ransomware-group-claims-breach-of-pro-orban-hungarian-media-firm/
- securitylabs.datadoghq.cominlineDatadog Security Labshttps://securitylabs.datadoghq.com/articles/shai-hulud-open-source-framework-static-analysis/
- securitymagazine.cominlineSecurity Magazine, 2026-06-12https://www.securitymagazine.com/articles/102368-security-experts-discuss-validity-of-handalas-cal-water-hacking-claim
- securityonline.infoinlineSecurityOnlinehttps://securityonline.info/mariadb-security-flaw-cvss-10/
- securityweek.cominlineSecurityWeek — 7-Eleven / ShinyHuntershttps://www.securityweek.com/7-eleven-data-breach-confirmed-after-shinyhunters-ransom-demand/
- securityweek.cominlineSecurityWeek, 2026-05-08https://www.securityweek.com/ai-firm-braintrust-prompts-api-key-rotation-after-data-breach/
- securityweek.cominlineSecurityWeek — BWH Hotels reservation datahttps://www.securityweek.com/bwh-hotels-says-hackers-had-access-to-reservation-data-for-6-months/
- securityweek.cominlineSecurityWeek, 2026-05-11https://www.securityweek.com/checkmarx-jenkins-ast-plugin-compromised-in-supply-chain-attack/
- securityweek.cominlineSecurityWeek, 2026-06-15https://www.securityweek.com/chinese-hackers-target-medical-military-and-ai-research-in-north-america/
- securityweek.cominlineSecurityWeekhttps://www.securityweek.com/chrome-149-patches-429-vulnerabilities/
- securityweek.cominlineSecurityWeek, 2026-05-15https://www.securityweek.com/cisco-patches-another-sd-wan-zero-day-the-sixth-exploited-in-2026/
- securityweek.cominlineSecurityWeek, 2026-04-16https://www.securityweek.com/claude-code-gemini-cli-github-copilot-agents-vulnerable-to-prompt-injection-via-comments/
- securityweek.cominlineSecurityWeek, 2026-05-05https://www.securityweek.com/critical-high-severity-vulnerabilities-patched-in-apache-mina-http-server/
- securityweek.cominlineSecurityWeek, 2026-05-04https://www.securityweek.com/digicert-revokes-certificates-after-support-portal-hack/
- securityweek.cominlineSecurityWeek, 2026-05-19https://www.securityweek.com/drupal-to-patch-highly-critical-vulnerability-at-risk-of-quick-exploitation/
- securityweek.cominlineSecurityWeek, 2026-05-04https://www.securityweek.com/edtech-firm-instructure-discloses-data-breach/
- securityweek.cominlineSecurityWeek, 2026-06-02https://www.securityweek.com/exclusive-how-one-line-of-code-put-billions-of-microsoft-android-app-downloads-at-risk/
- securityweek.cominlineSecurityWeek, 2026-05-14https://www.securityweek.com/f5-patches-over-50-vulnerabilities/
- securityweek.cominline2026-05-13https://www.securityweek.com/fortinet-ivanti-patch-critical-vulnerabilities/
- securityweek.cominlineSecurityWeek, 2026-05-11https://www.securityweek.com/google-detects-first-ai-generated-zero-day-exploit/
- securityweek.cominlineSecurityWeek — Grafana confirms breachhttps://www.securityweek.com/grafana-confirms-breach-after-hackers-claim-they-stole-data/
- securityweek.cominlineSecurityWeekhttps://www.securityweek.com/greatxml-zero-day-exploit-bypasses-bitlocker/
- securityweek.cominlineSecurityWeek, 2026-06-03https://www.securityweek.com/hackers-target-global-stock-exchange-in-espionage-operation/
- securityweek.cominlineSecurityWeekhttps://www.securityweek.com/http-2-bomb-exploit-knocks-web-servers-offline-in-seconds/
- securityweek.cominlineSecurityWeek — Iranian APT intrusion masquerades as Chaos ransomware attackhttps://www.securityweek.com/iranian-apt-intrusion-masquerades-as-chaos-ransomware-attack/
- securityweek.cominlineSecurityWeek, 2026-06-12https://www.securityweek.com/iranian-cyber-group-handala-claims-cal-water-hack/
- securityweek.cominlineSecurityWeek, 2026-05-08https://www.securityweek.com/ivanti-patches-epmm-zero-day-exploited-in-targeted-attacks/
- securityweek.cominlineSecurityWeekhttps://www.securityweek.com/kirki-burst-statistics-wordpress-plugin-flaws-in-attackers-crosshairs/
- securityweek.cominlineSecurityWeek, 2026-06-10https://www.securityweek.com/new-windows-zero-day-exploit-rogueplanet-released/
- securityweek.cominlineSecurityWeek, 2026-06-11https://www.securityweek.com/oracle-addresses-peoplesoft-vulnerability-amid-reports-of-zero-day-attacks/
- securityweek.cominlineSecurityWeek, 2026-05-08https://www.securityweek.com/pcpjack-worm-removes-teampcp-infections-steals-credentials/
- securityweek.cominlineSecurityWeek — Polish security agency reports ICS breaches at five water treatment plantshttps://www.securityweek.com/polish-security-agency-reports-ics-breaches-at-five-water-treatment-plants/
- securityweek.cominlineSecurityWeek, 2026-05-05https://www.securityweek.com/reports-massive-dns-outages-germany/
- securityweek.cominlineSecurityWeekhttps://www.securityweek.com/russia-linked-greyvibe-attackers-use-ai-to-supercharge-cyberattacks/
- securityweek.cominlineSecurityWeek, 2026-05-12https://www.securityweek.com/sap-patches-critical-s-4hana-commerce-vulnerabilities/
- securityweek.cominlineSecurityWeek, 2026-06-15https://www.securityweek.com/shinyhunters-claims-council-of-europe-hack/
- securityweek.cominlineSecurityWeek, 2026-05-11https://www.securityweek.com/skoda-data-breach-hits-online-shop-customers/
- securityweek.cominlineSecurityWeek, 2026-05-04https://www.securityweek.com/sophisticated-quasar-linux-rat-targets-software-developers/
- securityweek.cominlineSecurityWeek — Traveler information stolen in Eurail data breachhttps://www.securityweek.com/traveler-information-stolen-in-eurail-data-breach/
- securityweek.cominlineSecurityWeek, 2026-05-23https://www.securityweek.com/underminr-vulnerability-lets-attackers-hide-malicious-connections-behind-trusted-domains/
- securityweek.cominlineSecurityWeekhttps://www.securityweek.com/verizon-dbir-2026-vulnerability-exploitation-overtakes-credential-theft-as-top-breach-vector/
- sentinelone.cominlineSentinelLabs, 2026-05-07https://www.sentinelone.com/labs/cloud-worm-evicts-teampcp-and-steals-credentials-at-scale/
- simple-help.cominlineSimpleHelp, 2026-06-12https://simple-help.com/security/simplehelp-security-update-2026-05
- skadden.cominlineSkadden, 2026-03-27https://www.skadden.com/insights/publications/2026/03/european-commission-announces-potential-nis2-cybersecurity-reform
- skoda-auto.deinlineHeise Securityhttps://www.skoda-auto.de/unternehmen/sicherheitsvorfall-skoda-shop
- slcyber.ioinlineSearchlight Cyber write-uphttps://slcyber.io/research-center/keys-to-the-kingdom-anonymous-sql-injection-in-drupal-core-cve-2026-9082/
- socket.devinlineSocket, 2026-05-13https://socket.dev/blog/gemstuffer
- socket.devinlineSocket, 2026-05-23https://socket.dev/blog/laravel-lang-compromise
- socket.devinlineSocket, 2026-05-22https://socket.dev/blog/malicious-postinstall-hook-found-across-700-github-repos
- socket.devinlineSockethttps://socket.dev/blog/mini-shai-hulud-campaign-hits-red-hat-cloud-services-npm-packages
- socket.devinlineSonatype security advisory — node-ipc backdoorhttps://socket.dev/blog/node-ipc-package-compromised
- socket.devinlineSocket, 2026-05-24https://socket.dev/blog/trapdoor-crypto-stealer-npm-pypi-crates
- socradar.ioinlineSOCRadar, 2026-05-18https://socradar.io/blog/b1acks-stash-4-6-million-stolen-credit-cards-free/
- solarwinds.cominlineSolarWindshttps://www.solarwinds.com/trust-center/security-advisories/cve-2026-28318
- sonatype.cominlineSonatype, 2026-06-11https://www.sonatype.com/blog/atomic-arch-npm-campaign-adds-malicious-dependency
- sonatype.cominlineSonatype, 2026-05-28https://www.sonatype.com/blog/inside-a-176-package-npm-campaign-built-to-beat-your-internal-dependencies
- sophos.cominlineSophos X-Ops, 2026-06-02https://www.sophos.com/en-us/blog/pointing-a-cursor-at-evading-detection
- sophos.cominlineSophos bloghttps://www.sophos.com/en-us/blog/sophos-state-of-identity-security-2026
- sophos.cominlineSophos press releasehttps://www.sophos.com/en-us/press/press-releases/2026/05/71-percent-organizations-suffered-identity-breach-state-of-identity-security-2026
- source.android.cominlineAndroid Security Bulletin May 2026https://source.android.com/docs/security/bulletin/2026/2026-05-01
- source.android.cominlineAndroid Bulletinhttps://source.android.com/docs/security/bulletin/2026/2026-06-01
- spring.ioinlineSpring.iohttps://spring.io/security/cve-2026-40982
- squirepattonboggs.cominlineSquire Patton Boggs analysishttps://www.squirepattonboggs.com/insights/publications/the-20th-eu-sanctions-package-against-russia-scope-entry-into-force-and-compliance-implications-for-operators/
- stepsecurity.ioinlineStepSecurity, 2026-05-18https://www.stepsecurity.io/blog/actions-cool-issues-helper-github-action-compromised-all-tags-point-to-imposter-commit-that-exfiltrates-ci-cd-credentials
- stepsecurity.ioinlineStepSecurity, 2026-05-22https://www.stepsecurity.io/blog/laravel-lang-supply-chain-attack
- stepsecurity.ioinlineStepSecurityhttps://www.stepsecurity.io/blog/miasma-worm-hits-microsoft-again-azure-functions-action-and-72-other-repositories-disabled-after-supply-chain-attack-targeting-ai-coding-agents
- stepsecurity.ioinlineStepSecurity, 2026-05-21https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem
- stepsecurity.ioinlineStepSecurity, 2026-05-14https://www.stepsecurity.io/blog/node-ipc-npm-supply-chain-attack
- strongswan.orginlinestrongSwan, 2026-06-08https://www.strongswan.org/blog/2026/06/08/strongswan-vulnerability-(cve-2026-47895
- success.trendmicro.cominlineKA-0023430https://success.trendmicro.com/en-US/solution/KA-0023430
- support.adamnet.worksinlineADAMnetworks, 2026-05-21https://support.adamnet.works/t/underminr-information-share-official-release/1584
- support.sap.cominlineSAP, 2026-06-09https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2026.html
- support.sap.cominlineSAP Security Patch Day May 2026https://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2026.html
- surf.nlinlineSURF Security Advisory — Canvas Extortion Updatehttps://www.surf.nl/actualiteiten/2026/canvas-security-update
- sysdig.cominlineSysdig TRT — LLM-agent post-exploitationhttps://www.sysdig.com/blog/ai-agent-at-the-wheel-how-an-attacker-used-llms-to-move-from-a-cve-to-an-internal-database-in-4-pivots
- t-online.deinlinet-online, 2026-05-27https://www.t-online.de/nachrichten/deutschland/id_101271406/kabinett-gibt-bsi-und-polizei-befugnisse-zur-cyberabwehr.html
- tanstack.cominlineTanStack post-mortem, 2026-05-12https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
- techcommunity.microsoft.cominlineMicrosoft Exchange Team bloghttps://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498
- techcommunity.microsoft.cominlineMicrosoft, 2021-09-28https://techcommunity.microsoft.com/blog/exchange/new-security-feature-in-september-2021-cumulative-update-for-exchange-server/2783477
- techcrunch.cominlineTechCrunch, 2026-04-22https://techcrunch.com/2026/04/22/france-confirms-data-breach-at-government-agency-that-manages-citizens-ids/
- techcrunch.cominlineTechCrunch, 2026-05-05https://techcrunch.com/2026/05/05/hackers-steal-students-data-during-breach-at-education-tech-giant-instructure/
- techcrunch.cominlineTechCrunch, 2026-05-06https://techcrunch.com/2026/05/06/ai-evaluation-startup-braintrust-confirms-breach-tells-every-customer-to-rotate-sensitive-keys/
- techcrunch.cominlineTechCrunch, 2026-05-14https://techcrunch.com/2026/05/14/openai-says-hackers-stole-some-data-after-latest-code-security-issue/
- techcrunch.cominlineTechCrunch, 2026-05-26https://techcrunch.com/2026/05/26/iranian-hackers-blamed-for-breach-of-los-angeles-transit-system-that-took-weeks-to-recover/
- techcrunch.cominlineTechCrunch — UK Visa Portal leakhttps://techcrunch.com/2026/05/27/uk-visa-portal-spilled-thousands-of-applicants-passports-and-selfies-online-and-hasnt-fixed-the-leak/
- techcrunch.cominlineTechCrunch, 2026-06-01https://techcrunch.com/2026/06/01/hackers-hijacked-instagram-accounts-by-tricking-meta-ai-support-chatbot-into-granting-access/
- techcrunch.cominlineTechCrunch, 2026-06-02https://techcrunch.com/2026/06/02/password-manager-dashlane-says-hackers-stole-some-customers-password-vaults/
- techcrunch.cominlineTechCrunch, 2026-06-10https://techcrunch.com/2026/06/10/cybercriminals-claim-breach-of-oracle-peoplesoft-servers-at-100-plus-organizations/
- techcrunch.cominlineTechCrunch, 2026-06-10https://techcrunch.com/2026/06/10/servicenow-tells-customers-a-bug-left-some-of-their-data-exposed-to-the-internet/
- techpolicy.pressinlineTechPolicy.Presshttps://techpolicy.press/what-the-eu-ai-omnibus-deal-changes-for-the-ai-act-and-what-lies-ahead/
- techradar.cominlineTechRadarhttps://www.techradar.com/pro/security/uk-visa-portal-website-leaks-thousands-of-user-passport-data-and-photos-online
- techtimes.cominlineTechTimes, 2026-06-12https://www.techtimes.com/articles/318287/20260612/japan-data-breach-kyushu-electric-loses-unencrypted-ssd-109-million-customer-records.htm
- techzine.euinlineTechzine, 2026-02-16https://www.techzine.eu/news/security/138806/data-breach-at-odido-responsibility-and-compensation-under-discussion/
- techzine.euinlineTechzine EUhttps://www.techzine.eu/news/security/141149/dutch-university-disconnects-canvas-systems-after-instructure-hack/
- techzine.euinlineTechzine EU, 2026-06-03https://www.techzine.eu/news/security/141806/dozens-of-dutch-hotels-affected-by-data-breach/
- tenable.cominlineTenable, 2026-05-12https://www.tenable.com/blog/microsofts-may-2026-patch-tuesday-addresses-118-cves-cve-2026-41103
- tenable.cominlineTenable TRA-2026-26, 2026-03-27https://www.tenable.com/security/research/tra-2026-26
- tenable.cominlineTenable TRA-2026-44https://www.tenable.com/security/research/tra-2026-44
- tenetsecurity.aiinlineTenet Security, 2026-06-12https://tenetsecurity.ai/blog/agentjacking-coding-agents-with-fake-sentry-errors/
- thedfirreport.cominlineThe DFIR Report's 2026-05-11 alerthttps://thedfirreport.com/2026/05/11/flash-alert-etherrat-and-tuktuk-c2-end-in-the-gentleman-ransomware/
- thedp.cominlineThe Daily Pennsylvanian, 2026-05https://www.thedp.com/article/2026/05/penn-cybercrime-shiny-hunters-canvas-hack-students
- thehackernews.cominlineThe Hacker News, 2026-05-27https://thehackernews.com/2026/05/ai-chatbot-recommendations-redirect.html
- thehackernews.cominlineThe Hacker News, 2026-05-29https://thehackernews.com/2026/05/chatgphish-vulnerability-turns-chatgpt.html
- thehackernews.cominlineThe Hacker News, 2026-05-01https://thehackernews.com/2026/05/cisa-adds-actively-exploited-linux-root.html
- thehackernews.cominlineThe Hacker News, 2026-05-19https://thehackernews.com/2026/05/compromised-nx-console-18950-targeted.html
- thehackernews.cominlineThe Hacker News, 2026-05-09https://thehackernews.com/2026/05/cpanel-whm-patch-3-new-vulnerabilities.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/05/dirtydecrypt-poc-released-for-linux.html
- thehackernews.cominlineThe Hacker News, 2026-05-19https://thehackernews.com/2026/05/drupal-to-release-urgent-core-security.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/four-malicious-npm-packages-deliver.html
- thehackernews.cominlineThe Hacker News, 2026-05-15https://thehackernews.com/2026/05/four-openclaw-flaws-enable-data-theft.html
- thehackernews.cominlineThe Hacker News, 2026-05-16https://thehackernews.com/2026/05/funnel-builder-flaw-under-active.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/05/ghostwriter-targets-ukrainian.html
- thehackernews.cominlineThe Hacker News, 2026-05-27https://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html
- thehackernews.cominlineThe Hacker News, 2026-05-19https://thehackernews.com/2026/05/github-actions-supply-chain-attack.html
- thehackernews.cominlineThe Hacker News, 2026-05-20https://thehackernews.com/2026/05/github-investigating-teampcp-claimed.html
- thehackernews.cominlineThe Hacker News — CoinbaseCartel / Grafana breachhttps://thehackernews.com/2026/05/grafana-github-token-breach-led-to.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/05/grandoreiro-malware-and-btmob-rat.html
- thehackernews.cominlineThe Hacker News, 2026-05-11https://thehackernews.com/2026/05/hackers-used-ai-to-develop-first-known.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/interpol-operation-ramz-disrupts-mena.html
- thehackernews.cominlineThe Hacker News — Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitationhttps://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/ivanti-fortinet-sap-vmware-n8n-patch.html
- thehackernews.cominlineThe Hacker News, 2026-05-29https://thehackernews.com/2026/05/kimsuky-deploys-httpspy-expands-arsenal.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/05/kimwolf-ddos-botnet-operator-arrested.html
- thehackernews.cominlineThe Hacker News, 2026-05-23https://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html
- thehackernews.cominlineThe Hacker News, 2026-05-22https://thehackernews.com/2026/05/megalodon-github-attack-targets-5561.html
- thehackernews.cominlineThe Hacker News, 2026-05-19https://thehackernews.com/2026/05/mini-shai-hulud-pushes-malicious-antv.html
- thehackernews.cominlineThe Hacker News, 2026-05-26https://thehackernews.com/2026/05/muddywater-uses-dll-side-loading-in.html
- thehackernews.cominlineThe Hacker News, 2026-05-12https://thehackernews.com/2026/05/new-exim-bdat-vulnerability-exposes.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/05/new-russian-linked-greyvibe-targets.html
- thehackernews.cominlineThe Hacker News, 2026-05-12https://thehackernews.com/2026/05/new-trickmo-variant-uses-ton-c2-and.html
- thehackernews.cominlineThe Hacker News, 2026-05-17https://thehackernews.com/2026/05/nginx-cve-2026-42945-exploited-in-wild.html
- thehackernews.cominlineThe Hacker News, 2026-05-15https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html
- thehackernews.cominlineThe Hacker News, 2026-05-23https://thehackernews.com/2026/05/packagist-supply-chain-attack-infects-8.html
- thehackernews.cominlineThe Hacker News, 2026-05-07https://thehackernews.com/2026/05/pcpjack-credential-stealer-exploits-5.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/pre-stuxnet-fast16-malware-tampered.html
- thehackernews.cominlineThe Hacker News 2026-05-04https://thehackernews.com/2026/05/progress-patches-critical-moveit.html
- thehackernews.cominlineThe Hacker News, 2026-05-05https://thehackernews.com/2026/05/scarcruft-hacks-gaming-platform-to.html
- thehackernews.cominlineThe Hacker News, 2026-05-19https://thehackernews.com/2026/05/seppmail-secure-e-mail-gateway.html
- thehackernews.cominlineThe Hacker News, 2026-05-21https://thehackernews.com/2026/05/showboat-linux-malware-hits-middle-east.html
- thehackernews.cominlineThe Hacker News, 2026-05-14https://thehackernews.com/2026/05/stealer-backdoor-found-in-3-node-ipc.html
- thehackernews.cominlineThe Hacker News, 2026-05-11https://thehackernews.com/2026/05/teampcp-compromises-checkmarx-jenkins.html
- thehackernews.cominlineThe Hacker News, 2026-05-25https://thehackernews.com/2026/05/trapdoor-supply-chain-attack-spreads.html
- thehackernews.cominlineThe Hacker News, 2026-05-04https://thehackernews.com/2026/05/trellix-confirms-source-code-breach.html
- thehackernews.cominlineThe Hacker News — Turla Kazuarhttps://thehackernews.com/2026/05/turla-turns-kazuar-backdoor-into.html
- thehackernews.cominline2026-05-19https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html
- thehackernews.cominlineThe Hacker News, 2026-05-20https://thehackernews.com/2026/05/webworm-deploys-echocreep-and-graphworm.html
- thehackernews.cominlineThe Hacker News, 2026-06-12https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html
- thehackernews.cominlineThe Hacker News, 2026-06-06https://thehackernews.com/2026/06/ai-agent-uncovers-21-zero-days-in.html
- thehackernews.cominlineThe Hacker News, 2026-06-03https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html
- thehackernews.cominlineThe Hacker News, 2026-06-04https://thehackernews.com/2026/06/china-linked-ta4922-expands-phishing.html
- thehackernews.cominlineThe Hacker News, 2026-06-04https://thehackernews.com/2026/06/claude-code-github-action-flaw-let-one.html
- thehackernews.cominlineThe Hacker News, 2026-06-01https://thehackernews.com/2026/06/critical-wp-maps-pro-flaw-actively.html
- thehackernews.cominlineThe Hacker News, 2026-06-02https://thehackernews.com/2026/06/dashlane-discloses-brute-force-attack.html
- thehackernews.cominlineThe Hacker News, 2026-06-05https://thehackernews.com/2026/06/fifa-world-cup-2026-scams-are-already.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/06/github-to-disable-npm-install-scripts.html
- thehackernews.cominlineThe Hacker News, 2026-06-12https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html
- thehackernews.cominlineThe Hacker News, 2026-06-05https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html
- thehackernews.cominlineThe Hacker News, 2026-06-15https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/06/miasma-worm-hits-73-microsoft-github.html
- thehackernews.cominlineThe Hacker News, 2026-06-03https://thehackernews.com/2026/06/microsoft-365-android-apps-let-any-app.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/06/new-http2-bomb-vulnerability-allows.html
- thehackernews.cominlineThe Hacker News, 2026-06-08https://thehackernews.com/2026/06/one-character-linux-kernel-flaw-enables.html
- thehackernews.cominlineThe Hacker News, 2026-06-02https://thehackernews.com/2026/06/oracle-weblogic-cve-2024-21182-added-to.html
- thehackernews.cominlineThe Hacker News, 2026-06-10https://thehackernews.com/2026/06/servicenow-flaw-exploited-to-gain.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html
- thehackernews.cominlineThe Hacker News, 2026-06-11https://thehackernews.com/2026/06/the-gentlemen-ransomware-claims-478.html
- thenextweb.cominlineThe Next Web — largest education data breach in historyhttps://thenextweb.com/news/the-largest-education-data-breach-in-history-was-not-an-attack-on-a-school-it-was-an-attack-on-a-vendor
- therecord.mediainlineThe Record, 2026-05-22https://therecord.media/canadian-man-arrested-charged-running-kimwolf-botnet
- therecord.mediainlineThe Record, 2026-04-09https://therecord.media/chipsoft-ransomware-attack-disrupts-dutch-hospitals
- therecord.mediainlineThe Recordhttps://therecord.media/cruise-giant-carnival-confirms-data-breach-affecting-6-million
- therecord.mediainlineThe Recordhttps://therecord.media/dutch-police-arrest-man-over-cyber-breach-ajax-football
- therecord.mediainlineThe Record, 2026-05-27https://therecord.media/fbi-warns-hackers-visit-law-firms-to-steal-data
- therecord.mediainlineThe Record, 2026-05-22https://therecord.media/fbi-warns-of-kali365-phishing-attacks
- therecord.mediainlineThe Record, 2026-06-03https://therecord.media/five-eyes-warns-chinese-spies-are-using-job-sites-to-recruit-insiders
- therecord.mediainlineThe Record, 2026-05-20https://therecord.media/github-confirms-teampcp-hack-customers-unaffected
- therecord.mediainlineThe Record, 2026-05-06https://therecord.media/hackers-compromise-daemon-tools-global-supply-chain-attack
- therecord.mediainline2026-05-19https://therecord.media/huawei-zero-day-behind-last-year-luxembourg-telecom-outage
- therecord.mediainlineThe Record, 2026-05-12https://therecord.media/instructure-pays-ransom-canvas-incident-congress-investigation
- therecord.mediainlineThe Record — Iranian intelligence behind LA transit hackhttps://therecord.media/iranian-intelligence-behind-hack-of-la-transit-system
- therecord.mediainlineThe Record, 2026-05-29https://therecord.media/microsoft-calls-zero-day-releases-never-justifiable-as-researcher-threatens-more
- therecord.mediainlineThe Record, 2026-05-19https://therecord.media/microsoft-disrupts-fox-tempest-malware-signing-service
- therecord.mediainlineTHORChainhttps://therecord.media/more-than-10-million-stolen-crypto-platform-thorchain
- therecord.mediainlineThe Record, 2026-05-14https://therecord.media/openai-asks-macos-users-to-update-tanstack-npm
- therecord.mediainlineThe Record, 2026-05-04https://therecord.media/ransomware-group-claims-breach-of-pro-orban-media-firm
- therecord.mediainlineThe Record, 2026-06-12https://therecord.media/south-korea-data-breach-record-fine-coupang
- therecord.mediainlineThe Record, 2026-06-11https://therecord.media/university-of-nottingham-cyber-incident-shiny-hunters
- theregister.cominlineThe Register, 2026-02-27https://www.theregister.com/2026/02/27/odido_shinyhunters_leaks/
- theregister.cominlineThe Register, 2026-04-30https://www.theregister.com/2026/04/30/french_gov_mega_breach_suspect/
- theregister.cominlineThe Register, 2026-05-05https://www.theregister.com/2026/05/05/shinyhunters_dump_puts_119k_vimeo/
- theregister.cominlineThe Register, 2026-05-11https://www.theregister.com/ai-ml/2026/05/11/google-says-criminals-used-ai-built-zero-day-in-planned-mass-hack-spree/5237982
- theregister.cominlineThe Register, 2026-05-12https://www.theregister.com/cyber-crime/2026/05/12/congress-investigates-canvas-breach-after-instructure-cuts-deal-with-shinyhunters/5238927
- theregister.cominlineThe Register, 2026-05-18https://www.theregister.com/cyber-crime/2026/05/18/grafana-labs-admits-attackers-downloaded-its-codebase-from-github/5241686
- theregister.cominlineThe Register, 2026-05-22https://www.theregister.com/cyber-crime/2026/05/22/fbi-warns-of-kali365-as-device-code-phishing-soars/5245024
- theregister.cominlineThe Registerhttps://www.theregister.com/cyber-crime/2026/05/28/carnival-shinyhunters-cruised-off-with-6m-customer-records/5247808
- theregister.cominlineThe Register, 2026-06-15https://www.theregister.com/cyber-crime/2026/06/15/council-of-europe-hacked-in-shinyhunters-peoplesoft-heist/5255757
- theregister.cominlineThe Register, 2026-05-29https://www.theregister.com/legal/2026/05/29/rob-bonta-sues-23andmes-new-owners-over-2023-breach/5248565
- theregister.cominlineThe Register, 2026-05-13https://www.theregister.com/patches/2026/05/13/doozy-of-a-patch-tuesday-includes-30-critical-microsoft-cves/5239224
- theregister.cominlineThe Registerhttps://www.theregister.com/patches/2026/06/15/cisco-sd-wan-make-me-root-bug-under-attack/5255916
- theregister.cominlineThe Register — Best Western confirms web-app breachhttps://www.theregister.com/security/2026/05/11/best-western-hotels-confirms-web-app-data-breach/5238020
- theregister.cominlineThe Register, 2026-05-12https://www.theregister.com/security/2026/05/12/double-canvas-intrusion-confirmed-as-shinyhunters-resets-leak-deadline/5238361
- theregister.cominlineThe Register, 2026-05-13https://www.theregister.com/security/2026/05/13/disgruntled-researcher-releases-two-more-microsoft-zero-days/5239758
- theregister.cominlineThe Register, 2026-05-19https://www.theregister.com/security/2026/05/19/drupal-warns-admins-to-brace-for-highly-critical-core-patch/5242728
- theregister.cominlineThe Registerhttps://www.theregister.com/security/2026/05/21/cisco-serves-up-yet-another-perfect-10-bug-with-secure-workload-admin-flaw/5244012
- theregister.cominlineThe Register, 2026-06-06https://www.theregister.com/security/2026/06/06/oxford-university-data-pwned-again-by-career-platform-breach/5251754
- theregister.cominlineThe Register, 2026-06-09https://www.theregister.com/security/2026/06/09/france-probes-compromise-of-gov-messaging-platform-after-account-hijack/5252717
- theregister.cominlineThe Register, 2026-06-11https://www.theregister.com/security/2026/06/11/nightmare-eclipse-drops-claimed-bitlocker-bypass-for-microsoft-windows/5254371
- theregister.cominlineThe Registerhttps://www.theregister.com/security/2026/06/12/novo-nordisk-says-hackers-stole-clinical-trial-data/5254812
- thewatch.centreon.cominlineCentreon security bulletin, 2026-05-12https://thewatch.centreon.com/latest-security-bulletins-64/april-2026-monthly-security-bulletin-for-centreon-infra-monitoring-high-5660
- thezdi.cominlineZDI, 2026-05-12https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review
- thezdi.cominlineZDI, 2026-05-13https://www.thezdi.com/blog/2026/5/13/pwn2own-berlin-2026-day-one-results
- thezdi.cominlineZDI Pwn2Own Day Twohttps://www.thezdi.com/blog/2026/5/15/pwn2own-berlin-2026-day-two-results
- thezdi.cominlineZDI Day 3, 2026-05-16https://www.thezdi.com/blog/2026/5/16/pwn2own-berlin-2026-day-three-results-and-master-of-pwn
- threatfabric.cominlineThreatFabric, 2026-05-11https://www.threatfabric.com/blogs/new-trickmo-variant-device-take-over-malware-targeting-banking-fintech-wallet-auth-app
- threatfabric.cominlineThreatFabrichttps://www.threatfabric.com/blogs/own-goal-piracy-as-an-attack-vector-to-target-football-fans
- trendmicro.cominlineTrend Micro Research, 2026-05-05https://www.trendmicro.com/en_us/research/26/e/installfix-and-claude-code.html
- trendmicro.cominlineTrend Micro Research, 2026-05-04https://www.trendmicro.com/en_us/research/26/e/quasar-linux-qlnx-a-silent-foothold-in-the-software-supply-chain.html
- trmlabs.cominlineTRM Labs, 2026-05-15https://www.trmlabs.com/resources/blog/thorchain-exploit-drains-usd-11m-across-at-least-nine-chains-what-trm-knows-now
- troyhunt.cominlineTroy Hunt's Weekly Update 505, 2026-05-24https://www.troyhunt.com/weekly-update-505/
- typo3.orginlineTYPO3https://typo3.org/security/advisory/typo3-core-sa-2026-006
- ubuntu.cominlineUbuntuhttps://ubuntu.com/blog/copy-fail-vulnerability-fixes-available
- ubuntu.cominlineUbuntu — Dirty Frag fixes-availablehttps://ubuntu.com/blog/dirty-frag-linux-vulnerability-fixes-available
- ubuntu.cominlineUbuntu Securityhttps://ubuntu.com/security/CVE-2026-23111
- unit42.paloaltonetworks.cominlineUnit 42, 2026-05-11https://unit42.paloaltonetworks.com/active-directory-certificate-services-exploitation/
- unit42.paloaltonetworks.cominlineUnit 42, 2026-06-09https://unit42.paloaltonetworks.com/active-exploitation-of-pan-os-cve-2026-0257/
- unit42.paloaltonetworks.cominlineUnit 42 primary research, 2026-05-06https://unit42.paloaltonetworks.com/captive-portal-zero-day/
- unit42.paloaltonetworks.cominlineUnit 42https://unit42.paloaltonetworks.com/cve-2022-0492-cgroups/
- unit42.paloaltonetworks.cominlineUnit 42 — Copy Failhttps://unit42.paloaltonetworks.com/cve-2026-31431-copy-fail/
- unit42.paloaltonetworks.cominlineUnit 42https://unit42.paloaltonetworks.com/monitoring-npm-supply-chain-attacks/
- unit42.paloaltonetworks.cominlineUnit 42 — Screening Serpenshttps://unit42.paloaltonetworks.com/tracking-iran-apt-screening-serpens/
- unr.eduinlineUniversity of Nevada Reno president message, 2026-05-06https://www.unr.edu/nevada-today/news/president-messages/2026-05-06-cybersecurity-incident
- veeam.cominlineVeeam shipped KB4852 / Backup & Replication patch version 13.0.2.29 on 2026-05-27https://www.veeam.com/kb4852
- verizon.cominlineVerizon — 2026 DBIR announcementhttps://www.verizon.com/about/news/breach-industry-wide-dbir-finds
- verizon.cominlineVerizon DBIR landing pagehttps://www.verizon.com/business/resources/reports/dbir/
- vimeo.cominlineVimeo official blog, 2026-04-27https://vimeo.com/blog/post/anodot-third-party-security-incident
- vulnerability.circl.luinlineCIRCL vulnerability.circl.luhttps://vulnerability.circl.lu/vuln/cve-2026-44128
- watchguard.cominlineWatchGuard — Grandoreiro Europe/LatAmhttps://www.watchguard.com/wgrd-security-hub/secplicity-blog/grandoreiro-malware-campaign-targets-europe-and-latin-america
- wbf.admin.chinlineSwiss EAERhttps://www.wbf.admin.ch/en/newnsb/Byvj7-WGL93MiOgIL-f2p
- welivesecurity.cominlineESET WeLiveSecurity — APT Activity Report Q4 2025–Q1 2026https://www.welivesecurity.com/en/eset-research/eset-apt-activity-report-q4-2025-q1-2026/
- welivesecurity.cominlineWeLiveSecurity (ESET), 2026-05-07https://www.welivesecurity.com/en/eset-research/fake-call-logs-real-payments-how-callphantom-tricks-android-users/
- welivesecurity.cominlineESET WeLiveSecurity, 2026-06-16https://www.welivesecurity.com/en/eset-research/fishmongers-arsenal-upgraded-sprysocks-windows/
- welivesecurity.cominlineESET WeLiveSecurityhttps://www.welivesecurity.com/en/eset-research/frostyneighbor-fresh-mischief-digital-shenanigans/
- welivesecurity.cominlineESET WeLiveSecurity, 2026-06-11https://www.welivesecurity.com/en/eset-research/oceanlotus-external-espionage-domestic-targeting/
- welivesecurity.cominlineESET WeLiveSecurity, 2026-05-05https://www.welivesecurity.com/en/eset-research/rigged-game-scarcruft-compromises-gaming-platform-supply-chain-attack/
- welivesecurity.cominlineESET WeLiveSecurity — Webwormhttps://www.welivesecurity.com/en/eset-research/webworm-new-burrowing-techniques/
- welivesecurity.cominlineESET WeLiveSecurity — BTMOBhttps://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
- wid.cert-bund.deinlineBSI advisory WID-SEC-2026-1100https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1100
- wid.cert-bund.deinlineBSI WID-SEC-2026-1232https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1232
- wid.cert-bund.deinlineBSI WID-SEC-2026-1435, 2026-05-08https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1435
- wid.cert-bund.deinlineBSI WID-SEC-2026-1517, 2026-05-13https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1517
- wid.cert-bund.deinlineBSI WID-SEC-2026-1536, 2026-05-14https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1536
- wid.cert-bund.deinlineBSI WID-SEC-2026-1568, 2026-05-18https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1568
- wid.cert-bund.deinlineBSI CERT-Bundhttps://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1579
- wid.cert-bund.deinlineBSI WID-SEC-2026-1583https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1583
- wid.cert-bund.deinlineBSI CERT-Bund WID-SEC-2026-1612https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1612
- wid.cert-bund.deinlineBSI CERT-Bund WID-SEC-2026-1689, 2026-05-27https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1689
- wid.cert-bund.deinlineBSI advisory WID-SEC-2026-1716https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1716
- wid.cert-bund.deinlineBSI CERT-Bund WID-SEC-2026-1724, 2026-05-29https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1724
- wid.cert-bund.deinlineBSI CERT-Bund WID-SEC-2026-1740, 2026-06-01https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1740
- wid.cert-bund.deinlineBSI CERT-Bund WID-SEC-2026-1778, 2026-06-02https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1778
- wid.cert-bund.deinlineBSI WID-SEC-2026-1800https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1800
- wid.cert-bund.deinlineBSI CERT-Bund, 2026-06-09https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1832
- wid.cert-bund.deinlineBSI CERT-Bund, 2026-06-09https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1835
- windowsforum.cominlineWindowsForum, 2026-04-24https://windowsforum.com/threads/cisa-adds-4-kev-flaws-patch-samsung-magicinfo-simplehelp-d-link-dragonforce-ransomware-april-2026/
- wiz.ioinlineWiz Researchhttps://www.wiz.io/blog/dirty-frag-linux-kernel-local-privilege-escalation-via-esp-and-rxrpc
- wiz.ioinlineWiz, 2026-05-20https://www.wiz.io/blog/durabletask-teampcp-supply-chain-attack
- wiz.ioinlineLinux kernel security advisory CVE-2026-46300https://www.wiz.io/blog/fragnesia-linux-kernel-local-privilege-escalation-via-esp-in-tcp
- wiz.ioinlineWizhttps://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packages
- wiz.ioinlineWiz Bloghttps://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
- wiz.ioinlineWiz Research — Mini Shai-Hulud hits @antvhttps://www.wiz.io/blog/mini-shai-hulud-teampcp-hits-antv-supply-chain
- wordfence.cominlineWordfence, 2026-06-06https://www.wordfence.com/blog/2026/06/attackers-actively-exploiting-critical-vulnerability-in-everest-forms-pro-plugin/
- wpscan.cominlineWPScan, 2026-06-11https://wpscan.com/vulnerability/68addf8c-9ea6-4b62-9f85-e95350b3992e/
- xbow.cominlineXBOW research, 2026-05-12https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim
- xenbits.xen.orginlineXSA-490https://xenbits.xen.org/xsa/advisory-490.html
- yeswehack.cominlineYesWeHack, 2026-06-16https://www.yeswehack.com/news/rce-joomla-content-editor-extension
- zendata.securityinlineZENDATA, 2026-05-03https://zendata.security/2026/05/03/g7-evian-2026-the-cyber-risk-map-and-recommendations/
- zeroday.cloudinlineZeroDay.Cloud, 2026-06-02https://www.zeroday.cloud/blog/redis-cve-2026-23479-deep-dive
- zerodayinitiative.cominlineZero Day Initiative, 2026-05-15https://www.zerodayinitiative.com/blog/2026/5/15/pwn2own-berlin-2026-day-two-results
- zerofox.cominlineZeroFox Q1 2026 Wrap-Up, 2026-04-17https://www.zerofox.com/intelligence/q1-2026-ransomware-wrap-up/
- zetter-zeroday.cominlineKim Zetter / ZERO DAY, 2026-05-16https://www.zetter-zeroday.com/experts-confirm-the-fast16-malware-was-sabotaging-nuclear-weapons-tests-likely-in-iran/
- zimperium.cominlineZimperium zLabs, 2026-06-16https://zimperium.com/blog/rokarolla-android-banker-with-complete-device-takeover-capabilities
Items in briefs about K7 Security K7RKScan.sys vulnerable kernel driver — DragonForce BYOVD chain
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.