IBM HTTP Server — RCE in TLS mutual-authentication configurations (CVSS 8.1)
cve · CVE-2026-8855
Coverage timeline
1
first 2026-05-29 → last 2026-05-29
Briefs
1
1 distinct
Sources cited
264
109 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-05-29CTI Daily Brief — 2026-05-29
Source distribution
- attack.mitre.org37 (14%)
- thehackernews.com17 (6%)
- github.com16 (6%)
- bleepingcomputer.com12 (5%)
- security-hub.ncsc.admin.ch11 (4%)
- nvd.nist.gov10 (4%)
- helpnetsecurity.com9 (3%)
- cert.ssi.gouv.fr6 (2%)
- other146 (55%)
External references
All cited sources (264)
- ibm.comprimaryinline`CVE-2026-9170`https://www.ibm.com/support/pages/node/7274065
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0159, 2026-05-15https://advisories.ncsc.nl/advisory?id=NCSC-2026-0159
- aerzteblatt.deinlineDeutsches Ärzteblatt, 2026-05-18https://www.aerzteblatt.de/news/hackerangriff-auf-rezeptprufer-c259a70c-595b-4770-9d84-87f6c8338c0c
- aikido.devinlineAikido, 2026-05-21https://www.aikido.dev/blog/google-api-keys-deletion
- almalinux.orginlineAlmaLinux bloghttps://almalinux.org/blog/2026-05-07-dirty-frag/
- anwalt.deinlineilex Rechtsanwälte case summaryhttps://www.anwalt.de/rechtstipps/phishing-ilex-rechtsanwaelte-erwirkt-haftung-der-apobank-269786.html
- arcticwolf.cominlinein-the-wild campaign abusing CVE-2026-35616https://arcticwolf.com/resources/blog/forticlient-ems-exploited-via-cve-2026-35616-to-deliver-ekz-infostealer-disguised-as-a-fortinet-patch/
- attack.mitre.orginlineT1021.004 Remote Services: SSHhttps://attack.mitre.org/techniques/T1021/004/
- attack.mitre.orginlineT1027https://attack.mitre.org/techniques/T1027/
- attack.mitre.orginlineT1041https://attack.mitre.org/techniques/T1041/
- attack.mitre.orginlineT1056.001https://attack.mitre.org/techniques/T1056/001/
- attack.mitre.orginlineT1059 Command and Scripting Interpreterhttps://attack.mitre.org/techniques/T1059/
- attack.mitre.orginlineT1059.007https://attack.mitre.org/techniques/T1059/007/
- attack.mitre.orginlineT1068 Exploitation for Privilege Escalationhttps://attack.mitre.org/techniques/T1068/
- attack.mitre.orginlineT1070.002 Indicator Removal: Clear Linux or Mac System Logshttps://attack.mitre.org/techniques/T1070/002/
- attack.mitre.orginlineT1071 Application Layer Protocolhttps://attack.mitre.org/techniques/T1071/
- attack.mitre.orginlineT1071.001https://attack.mitre.org/techniques/T1071/001/
- attack.mitre.orginlineT1072 Remote Device Managementhttps://attack.mitre.org/techniques/T1072/
- attack.mitre.orginlineT1078 Valid Accountshttps://attack.mitre.org/techniques/T1078/
- attack.mitre.orginlineT1082https://attack.mitre.org/techniques/T1082/
- attack.mitre.orginlineT1090.001https://attack.mitre.org/techniques/T1090/001/
- attack.mitre.orginlineT1095https://attack.mitre.org/techniques/T1095/
- attack.mitre.orginlineT1098.004 Account Manipulation: SSH Authorized Keyshttps://attack.mitre.org/techniques/T1098/004/
- attack.mitre.orginlineT1105https://attack.mitre.org/techniques/T1105/
- attack.mitre.orginline`T1106`https://attack.mitre.org/techniques/T1106/
- attack.mitre.orginlineT1114.002https://attack.mitre.org/techniques/T1114/002/
- attack.mitre.orginlineT1185https://attack.mitre.org/techniques/T1185/
- attack.mitre.orginline`T1189`https://attack.mitre.org/techniques/T1189/
- attack.mitre.orginlineT1190 Exploit Public-Facing Applicationhttps://attack.mitre.org/techniques/T1190/
- attack.mitre.orginlineT1195.002https://attack.mitre.org/techniques/T1195/002/
- attack.mitre.orginlineT1204https://attack.mitre.org/techniques/T1204/
- attack.mitre.orginlineT1218https://attack.mitre.org/techniques/T1218/
- attack.mitre.orginlineT1496 Resource Hijackinghttps://attack.mitre.org/techniques/T1496/
- attack.mitre.orginline`T1505.003`https://attack.mitre.org/techniques/T1505/003/
- attack.mitre.orginlineT1530 (Data from Cloud Storage)https://attack.mitre.org/techniques/T1530/
- attack.mitre.orginlineT1534https://attack.mitre.org/techniques/T1534/
- attack.mitre.orginlineT1547https://attack.mitre.org/techniques/T1547/
- attack.mitre.orginlineT1555https://attack.mitre.org/techniques/T1555/
- attack.mitre.orginline`nss3.dll`https://attack.mitre.org/techniques/T1555/003/
- attack.mitre.orginline`T1562.001`https://attack.mitre.org/techniques/T1562/001/
- attack.mitre.orginline`T1562.006`https://attack.mitre.org/techniques/T1562/006/
- attack.mitre.orginlineT1562.007 (Impair Defenses: Disable or Modify Cloud Firewall)https://attack.mitre.org/techniques/T1562/007/
- attack.mitre.orginlineT1566.001https://attack.mitre.org/techniques/T1566/001/
- attack.mitre.orginlineT1584.007 Compromise Infrastructure: Certificate Authoritieshttps://attack.mitre.org/techniques/T1584/007/
- bankinfosecurity.cominlineBankInfoSecurity, 2026-05-11https://www.bankinfosecurity.com/tables-turned-gentlemen-ransomware-group-suffers-data-leak-a-31654
- bitdefender.cominlineBitdefender Labs, 2026-05-13https://www.bitdefender.com/en-us/blog/businessinsights/famoussparrow-apt-targets-azerbaijani-oil-gas-industry
- bleepingcomputer.cominlineBleepingComputer, 2026-05-20https://www.bleepingcomputer.com/news/linux/exploit-released-for-new-pintheft-arch-linux-root-escalation-flaw/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-06https://www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/drupal-critical-sql-injection-flaw-now-targeted-in-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-15https://www.bleepingcomputer.com/news/security/funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-24https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-20https://www.bleepingcomputer.com/news/security/grafana-breach-caused-by-missed-token-rotation-after-tanstack-attack/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-07https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-19https://www.bleepingcomputer.com/news/security/max-severity-flaw-in-chromadb-for-ai-apps-allows-server-hijacking/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-22https://www.bleepingcomputer.com/news/security/netherlands-seizes-800-servers-of-hosting-firm-enabling-cyberattacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-21https://www.bleepingcomputer.com/news/security/police-seize-first-vpn-service-used-in-ransomware-data-theft-attacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-15https://www.bleepingcomputer.com/news/security/pwn2own-day-two-hackers-demo-microsoft-exchange-windows-11-red-had-enterprise-linux-zero-days/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-13https://www.bleepingcomputer.com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/
- blog.cloudflare.cominlineCloudflare bloghttps://blog.cloudflare.com/de-tld-outage-dnssec/
- blog.daemon-tools.ccinlineDisc Soft Limited, 2026-05-06https://blog.daemon-tools.cc/post/security-incident
- blog.denic.deinlineDENIC initial report, 2026-05-05https://blog.denic.de/en/denic-reports-dnssec-disruption-affecting-de-domains/
- blog.denic.deinlineDENIC blog post-incident report, 2026-05-08https://blog.denic.de/en/technical-issue-with-de-domains-resolved/
- blog.litespeedtech.cominlineLiteSpeed, 2026-05-21https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/
- blog.talosintelligence.cominlineCisco Taloshttps://blog.talosintelligence.com/from-pdb-strings-to-maas-tracking-a-commodity-badiis-ecosystem/
- borncity.cominlineBorns IT Blog, 2026-05-16https://borncity.com/blog/2026/05/16/cyberangriff-auf-die-arwini-rezeptpruefung-in-niedersachsen-mit-datenabfluss/
- cert.plinlineCERT-PLhttps://cert.pl/en/posts/2026/05/CVE-2026-42096/
- cert.plinlineCERT-PL, 2026-05-15https://cert.pl/en/posts/2026/05/CVE-2026-7182/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0530, 2026-05-05https://www.cert.ssi.gouv.fr/
- cert.ssi.gouv.frinlineCERT-FR — CERTFR-2026-ACT-016, 2026-05-08https://www.cert.ssi.gouv.fr/actualite/CERTFR-2026-ACT-016/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0543, 2026-05-07https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0543/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0552, 2026-05-07https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0552/
- cert.ssi.gouv.frinlineCERTFR-2026-AVI-0576, 2026-05-13https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0576/
- cert.ssi.gouv.frinlineANSSI / CERT-FR advisory CERTFR-2026-AVI-0651https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0651/
- checkmarx.cominlineCheckmarx, 2026-05-12https://checkmarx.com/blog/ongoing-security-updates/
- cisa.govinlineCISA KEV cataloghttps://www.cisa.gov/known-exploited-vulnerabilities-catalog
- cisa.govinlineCISA KEV, 2026-05-21https://www.cisa.gov/news-events/alerts/2026/05/21/cisa-adds-two-known-exploited-vulnerabilities-catalog
- cisa.govinlineCISA Alert AA21-321A, 2021-11-17https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-321a
- cloud.google.cominlineGoogle Threat Intelligence Group, 2026-05-25https://cloud.google.com/blog/topics/threat-intelligence/knowledgedeliver-viewstate-deserialization-vulnerability/
- coveware.cominlineCoveware, 2026-02-02https://www.coveware.com/blog/2026/2/2/nitrogen-ransomware-esxi-malware-has-a-bug
- crowdstrike.cominlineCrowdStrike, 2026-05-27https://www.crowdstrike.com/en-us/blog/inside-crowdstrike-takedown-of-a-developer-targeting-botnet/
- csoonline.cominlineCSO Online, 2026-05-20https://www.csoonline.com/article/4175329/drupal-admins-rushing-to-patch-maximum-severity-sql-injection-vulnerability.html
- cyberkendra.cominlineCyberKendra, 2026-05-07https://www.cyberkendra.com/2026/05/jdownloader-website-hacked-malicious.html
- cyberscoop.cominlineCyberScoop, 2026-05-05https://cyberscoop.com/cpanel-authentication-bypass-vulnerability-cve-2026-41940-exploited/
- cyera.cominlineCyera Research, 2026-05-15https://www.cyera.com/blog/claw-chain-cyera-research-unveil-four-chainable-vulnerabilities-in-openclaw
- dhtmlx.cominlineDHTMLX security advisory DHX-SA-2026-001https://dhtmlx.com/blog/security-advisory-dhx-sa-2026-001/
- downloads.seppmail.cominlineSEPPmail release notes v15.0https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security
- drupal.orginlineDrupal PSA, 2026-05-18https://www.drupal.org/psa-2026-05-18
- drupal.orginlineSA-CORE-2026-004https://www.drupal.org/sa-core-2026-004
- drupal.orginlineDrupal Steward WAFhttps://www.drupal.org/steward
- dutchnews.nlinlineDutchNews.nl, 2026-05-22https://www.dutchnews.nl/2026/05/two-dutch-men-arrested-for-aiding-russian-cyberattacks/
- eurojust.europa.euinlineEurojusthttps://www.eurojust.europa.eu/news/eurojust-coordinated-investigation-shuts-down-criminal-vpn-network
- euvd.enisa.europa.euinlineENISA EUVD EUVD-2026-30537https://euvd.enisa.europa.eu/enisa/eu_vulnerability_database/EUVD-2026-30537
- euvd.enisa.europa.euinlineENISA EUVD-2026-30929 through EUVD-2026-30932https://euvd.enisa.europa.eu/enisa/eu_vulnerability_database/EUVD-2026-30931
- euvd.enisa.europa.euinlineENISA EUVD, 2026-05-27https://euvd.enisa.europa.eu/enisa/eu_vulnerability_database/EUVD-2026-32027
- fiod.nlinlineFIODhttps://www.fiod.nl/fiod-houdt-twee-verdachten-aan-wegens-overtreding-sanctiewetgeving/
- fortiguard.fortinet.cominlineCWE-284 improper-access-control flaw in Fortinet FortiClient EMS 7.4.5 and 7.4.6https://fortiguard.fortinet.com/psirt/FG-IR-26-099
- github.cominlineGitHub `Bedrock-Safeguard/gentlemen-decryptor`https://github.com/Bedrock-Safeguard/gentlemen-decryptor
- github.cominlineGHSA-g7cv-rxg3-hmpx, 2026-05-11https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx
- github.cominlineGitHub Security Advisory GHSA-fwfp-h68w-2hcrhttps://github.com/advisories/GHSA-fwfp-h68w-2hcr
- github.cominlineGitHub Advisory GHSA-fxrh-cwjh-m33v, 2026-05-21https://github.com/advisories/GHSA-fxrh-cwjh-m33v
- github.cominlineGitHub Security Advisory GHSA-w52v-v783-gw97https://github.com/advisories/GHSA-w52v-v783-gw97
- github.cominlineBBB GHSA-43hc-5g2m-cqff, 2026-05-17https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-43hc-5g2m-cqff
- github.cominlineBBB GHSA-7959-pf2v-xc4h, 2026-05-17https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-7959-pf2v-xc4h
- github.cominlineBBB GHSA-xqm3-6q7q-4v5h, 2026-05-17https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-xqm3-6q7q-4v5h
- github.cominlineMandiant Vulnerability Disclosures MNDT-2026-0009https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0009.md
- github.cominlineHealthChecker.ps1https://github.com/microsoft/CSS-Exchange
- github.cominlineGHSA-mp6x-g55j-w9jw, 2026-05-12https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mp6x-g55j-w9jw
- github.cominlineGHSA-c9j4-9m59-847w, 2026-05-18https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w
- github.cominlinePHP GHSA-85c2-q967-79q5, 2026-05-07https://github.com/php/php-src/security/advisories/GHSA-85c2-q967-79q5
- github.cominlineGHSA-hmxp-6pc4-f3vvhttps://github.com/php/php-src/security/advisories/GHSA-hmxp-6pc4-f3vv
- github.cominlineGHSA-m33r-qmcv-p97qhttps://github.com/php/php-src/security/advisories/GHSA-m33r-qmcv-p97q
- github.cominlineProjectDiscovery Nuclei template for CVE-2026-35616https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2026/CVE-2026-35616.yaml
- grafana.cominlineGrafana Labs, 2026-05-19https://grafana.com/blog/grafana-labs-security-update-latest-on-tanstack-npm-supply-chain-ransomware-incident/
- hackread.cominlineHackread, 2026-05-16https://hackread.com/pwn2own-berlin-2026-hits-capacity-hackers-0-days/
- hadrian.ioinlineHadrianhttps://hadrian.io/blog/cve-2026-45829----chromadb-python-server-hands-you-rce-before-it-asks-who-you-are
- heise.deinlineheise online, 2026-05-08https://www.heise.de/news/DNS-Probleme-mit-de-Domains-DENIC-liefert-erste-Erklaerung-11288197.html
- heise.deinlineHeise Security, 2026-05-27https://www.heise.de/news/Hackback-Erlaubnis-Kabinett-macht-Weg-frei-11308323.html
- heise.deinlineHeise Security, 2026-05-18https://www.heise.de/news/Niedersachsen-Datenabfluss-bei-Wirtschaftsprueferverein-im-Gesundheitswesen-11297772.html
- heise.deinlineHeise Security, 2026-05-27https://www.heise.de/news/Roundcube-Webmail-Instanzen-mit-Schadcode-attackierbar-11307545.html
- heise.deinlineheise online, 2026-05-08https://www.heise.de/news/Urteil-gegen-die-Apobank-Finanzinstitut-haftet-fuer-Phishing-Schaden-11288231.html
- helpnetsecurity.cominlineHelp Net Security, 2025-05-06https://www.helpnetsecurity.com/2025/05/06/exploited-vulnerability-software-managing-samsung-digital-displays-cve-2024-7399/
- helpnetsecurity.cominlineHelp Net Security — European Commission Ivanti EPMM vulnerabilities, 2026-02-09https://www.helpnetsecurity.com/2026/02/09/european-commission-ivanti-epmm-vulnerabilities/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-04https://www.helpnetsecurity.com/2026/05/04/multiple-threat-actors-actively-exploit-cpanel-vulnerability-cve-2026-41940/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-06https://www.helpnetsecurity.com/2026/05/06/daemon-tools-compromised-backdoors-supply-chain-attack/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-18https://www.helpnetsecurity.com/2026/05/18/interpol-mena-cybercrime-operation-ramz-201-arrests/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-20https://www.helpnetsecurity.com/2026/05/20/github-breached-teampcp/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-21https://www.helpnetsecurity.com/2026/05/21/github-grafana-breach-root-cause-nx-console/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-21https://www.helpnetsecurity.com/2026/05/21/operation-saffron-first-vpn-takedown/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-26https://www.helpnetsecurity.com/2026/05/26/sharepoint-vulnerability-cve-2026-45659/
- herodevs.cominlineHeroDevs analysis, 2026-05-08https://www.herodevs.com/blog-posts/cve-2026-40982-critical-spring-cloud-config-server-directory-traversal-cvss-9-8
- hkcert.orginlineHKCERT Advisory 20260522https://www.hkcert.org/security-bulletin/trend-micro-apex-one-multiple-vulnerabilities_20260522
- httpd.apache.orginlineApache HTTP Server security pagehttps://httpd.apache.org/security/vulnerabilities_24.html
- ico.org.ukinlineICO notice, 2026-05-11https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2026/05/fine-of-nearly-1m-issued-against-south-staffordshire-plc-and-south-staffordshire-water-plc/
- imperva.cominlineImperva, 2026-05-21https://www.imperva.com/blog/imperva-customers-protected-against-cve-2026-9082-in-drupal-core/
- infosecurity-magazine.cominlineInfosecurity Magazine, 2026-05-20https://www.infosecurity-magazine.com/news/github-confirms-breach-vs-code/
- interpol.intinlineINTERPOLhttps://www.interpol.int/en/News-and-Events/News/2026/201-arrests-in-first-of-its-kind-cybercrime-operation-in-MENA-region
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-18https://isc.sans.edu/diary/rss/32994
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-27https://isc.sans.edu/diary/rss/33024
- ivanti.cominlineIvanti PSIRT — May 2026 EPMM Security Updatehttps://www.ivanti.com/blog/may-2026-epmm-security-update
- ivanti.cominlineMay 2026 Security Updatehttps://www.ivanti.com/blog/may-2026-security-update
- jpcert.or.jpinlineJPCERT/CC at260014, 2026-05-22https://www.jpcert.or.jp/english/at/2026/at260014.html
- justice.govinlineUS DoJhttps://www.justice.gov/usao-ak/pr/canadian-man-arrested-international-authorities-charged-administrating-kimwolf-ddos
- kaspersky.cominlineKaspersky press release, 2026-05-05https://www.kaspersky.com/about/press-releases/kaspersky-identifies-ongoing-supply-chain-attack-on-official-daemon-tools-website-distributing-backdoor-malware
- kaspersky.cominlineKaspersky Securelisthttps://www.kaspersky.com/blog/daemon-tools-supply-chain-attack/55691/
- keycloak.orginlineKeycloak Project, 2026-05-19https://www.keycloak.org/2026/05/keycloak-2662-released
- krebsonsecurity.cominlineKrebsOnSecurityhttps://krebsonsecurity.com/2026/05/alleged-kimwolf-botmaster-dort-arrested-charged-in-u-s-and-canada/
- labs.watchtowr.cominlinewatchTowr Labshttps://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/
- lumen.cominlineLumen Black Lotus Labs, 2026-05-21https://www.lumen.com/blog/en-us/introducing-showboat-a-new-malware-family-taunts-defenses-and-targets-international-telecom-firms
- microsoft.cominlineMicrosoft Threat Intelligence, 2021-03-02https://www.microsoft.com/en-us/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-08https://www.microsoft.com/en-us/security/blog/2026/05/08/active-attack-dirty-frag-linux-vulnerability-expands-post-compromise-risk/
- microsoft.cominlineMicrosoft Threat Intelligence, 2026-05-14https://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/
- microsoft.cominlineMicrosoft Threat Intelligence, 2026-05-18https://www.microsoft.com/en-us/security/blog/2026/05/18/storm-2949-turned-compromised-identity-into-cloud-wide-breach/
- msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-42897
- msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45659
- my.f5.cominlineF5 PSIRT advisory K000161019https://my.f5.com/manage/s/article/K000161019
- news.risky.bizinlineRisky Business News bulletinhttps://news.risky.biz/risky-bulletin-dutch-police-take-down-giant-botnet-of-17-million-devices/
- nextcloud.cominlineNextcloud security advisory NC-SA-2026-029https://nextcloud.com/security/advisory/?id=NC-SA-2026-029
- nltimes.nlinlineNL Times English summaryhttps://nltimes.nl/2026/05/28/ncsc-dutch-police-disrupt-global-botnet-controlled-via-netherlands-based-servers
- noscope.cominlineNoScope, 2026-05-25https://www.noscope.com/blog/gitea-instances-exposing-private-container
- nvd.nist.govinlineNVD CVE-2024-57726https://nvd.nist.gov/vuln/detail/CVE-2024-57726
- nvd.nist.govinlineNVD CVE-2024-57728https://nvd.nist.gov/vuln/detail/CVE-2024-57728
- nvd.nist.govinlineNVD CVE-2024-7399https://nvd.nist.gov/vuln/detail/CVE-2024-7399
- nvd.nist.govinlineCVE-2025-29927https://nvd.nist.gov/vuln/detail/CVE-2025-29927
- nvd.nist.govinlineCVE-2025-48703https://nvd.nist.gov/vuln/detail/CVE-2025-48703
- nvd.nist.govinlineCVE-2025-55182https://nvd.nist.gov/vuln/detail/CVE-2025-55182
- nvd.nist.govinlineCVE-2025-9501https://nvd.nist.gov/vuln/detail/CVE-2025-9501
- nvd.nist.govinlineCVE-2026-1357https://nvd.nist.gov/vuln/detail/CVE-2026-1357
- nvd.nist.govinlineCISA KEV since 2026-04-06https://nvd.nist.gov/vuln/detail/CVE-2026-35616
- nvd.nist.govinlineNVD entry CVE-2026-9170https://nvd.nist.gov/vuln/detail/CVE-2026-9170
- nx.devinlineNx postmortem, 2026-05-19https://nx.dev/blog/nx-console-v18-95-0-postmortem
- onapsis.cominlineOnapsis, 2026-05-12https://onapsis.com/blog/sap-security-patch-day-may-2026/
- onvista.deinlineonvista / dpa, 2026-05-27https://www.onvista.de/news/2026/05-27-kabinett-billigt-gesetz-fuer-offensive-cyberabwehr-0-20-26515861
- openwall.cominlineoss-security / V12 Security, 2026-05-19https://www.openwall.com/lists/oss-security/2026/05/19/6
- openwall.cominlineSamba-team announcement on oss-securityhttps://www.openwall.com/lists/oss-security/2026/05/27/6
- ox.securityinlineOX Security, 2026-05-21https://www.ox.security/blog/megalodon-cicd-malware-github/
- ox.securityinlineOX Security, 2026-05-17https://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/
- panelica.cominlinePanelica technical analysis, 2026-05-08https://panelica.com/blog/cpanel-cve-2026-29201-29202-29203-may-2026-tsr-advisory
- php.netinlinePHP 8 ChangeLoghttps://www.php.net/ChangeLog-8.php
- php.watchinlinephp.watch — PHP 8.5.6 release, 2026-05-07https://php.watch/versions/8.5/releases/8.5.6
- piunikaweb.cominlinePiunikaWeb, 2026-05-08https://piunikaweb.com/2026/05/08/jdownloader-website-hacked-malware/
- politie.nlinlineseize 200 servers and dismantle the Asocks residential-proxy botnethttps://www.politie.nl/nieuws/2026/mei/28/06-politie-en-ncsc-halen-groot-botnetwerk-offline.html
- pwc.cominlinePwC Threat Intelligence, 2026-05-21https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/red-lamassu-open-season.html
- rapid7.cominlineRapid7 ETRhttps://www.rapid7.com/blog/post/etr-cve-2026-41940-cpanel-whm-authentication-bypass/
- rapid7.cominlineRapid7 Labs — Gogs unpatched RCEhttps://www.rapid7.com/blog/post/ve-authenticated-rce-via-argument-injection-gogs-unfixed/
- recordedfuture.cominlineRecorded Future Insikt Group, 2025-06https://www.recordedfuture.com/research/one-step-ahead-stark-industries-solutions-preempts-eu-sanctions
- research.checkpoint.cominlineCheck Point Research, 2026-05-13https://research.checkpoint.com/2026/thus-spoke-the-gentlemen/
- roundcube.netinlineRoundcube Project, 2026-05-24https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
- safedep.ioinlineSafeDep, 2026-05-21https://safedep.io/megalodon-mass-github-repo-backdooring-ci-workflows/
- samba.orginline4.22.10 / 4.23.8 / 4.24.3https://www.samba.org/samba/security/CVE-2026-4408.html
- samba.orginline`CVE-2026-4480`https://www.samba.org/samba/security/CVE-2026-4480.html
- sansec.ioinlineSansec, 2026-05-14https://sansec.io/research/funnelkit-woocommerce-vulnerability-exploited
- securelist.cominlineKaspersky Securelist — CVE-2025-68670, 2026-05-08https://securelist.com/cve-2025-68670/119742/
- securelist.cominlineKaspersky Securelist, 2026-05-05https://securelist.com/tr/daemon-tools-backdoor/119654/
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12565, 2026-05-12https://security-hub.ncsc.admin.ch/#/posts/12565
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12574, 2026-05-14https://security-hub.ncsc.admin.ch/#/posts/12574
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub post #12575https://security-hub.ncsc.admin.ch/#/posts/12575
- security-hub.ncsc.admin.chinlineNCSC.ch Security Hub #12577https://security-hub.ncsc.admin.ch/#/posts/12577
- security-hub.ncsc.admin.chinlineSecurity Hub post 12584https://security-hub.ncsc.admin.ch/#/posts/12584
- security-hub.ncsc.admin.chinlineNCSC-CH post 12594https://security-hub.ncsc.admin.ch/#/posts/12594
- security-hub.ncsc.admin.chinlineNCSC Switzerland, 2026-05-27https://security-hub.ncsc.admin.ch/#/posts/12596
- security-hub.ncsc.admin.chinlineNCSC.ch flagged the advisory as Security Hub post 12601 on 2026-05-28https://security-hub.ncsc.admin.ch/#/posts/12601
- security-hub.ncsc.admin.chinlineNCSC-CH 12548, 2026-05-08https://security-hub.ncsc.admin.ch/api/posts/12548/details
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub post 12550, 2026-05-08https://security-hub.ncsc.admin.ch/api/posts/12550/details
- security-hub.ncsc.admin.chinlineNCSC-CH advisory 12551, 2026-05-08https://security-hub.ncsc.admin.ch/api/posts/12551/details
- securityaffairs.cominlineSecurity Affairs, 2026-05-14https://securityaffairs.com/192132/hacking/nginx-rift-an-18-year-old-flaw-in-the-worlds-most-deployed-web-server-just-came-to-light.html
- securityboulevard.cominlineSecurity Boulevard, 2026-04-24https://securityboulevard.com/2026/04/cisa-warns-of-multiple-simplehelp-vulnerabilities-exploited-in-attacks/
- securityweek.cominlineSecurityWeek, 2026-05-05https://www.securityweek.com/critical-high-severity-vulnerabilities-patched-in-apache-mina-http-server/
- securityweek.cominlineSecurityWeek, 2026-05-19https://www.securityweek.com/drupal-to-patch-highly-critical-vulnerability-at-risk-of-quick-exploitation/
- securityweek.cominline2026-05-13https://www.securityweek.com/fortinet-ivanti-patch-critical-vulnerabilities/
- securityweek.cominlineSecurityWeek, 2026-05-08https://www.securityweek.com/ivanti-patches-epmm-zero-day-exploited-in-targeted-attacks/
- securityweek.cominlineSecurityWeek, 2026-05-08https://www.securityweek.com/pcpjack-worm-removes-teampcp-infections-steals-credentials/
- securityweek.cominlineSecurityWeek, 2026-05-12https://www.securityweek.com/sap-patches-critical-s-4hana-commerce-vulnerabilities/
- sentinelone.cominlineSentinelOne, 2026-05-15https://www.sentinelone.com/blog/living-off-the-pipeline-defending-against-ci-cd-subversion/
- sentinelone.cominlineSentinelLabshttps://www.sentinelone.com/labs/cloud-worm-evicts-teampcp-and-steals-credentials-at-scale/
- slcyber.ioinlineSearchlight Cyber write-uphttps://slcyber.io/research-center/keys-to-the-kingdom-anonymous-sql-injection-in-drupal-core-cve-2026-9082/
- sploit.techinlinesploit.tech, 2026-05-19https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html
- spring.ioinlineSpring.iohttps://spring.io/security/cve-2026-40982
- success.trendmicro.cominlineKA-0023430https://success.trendmicro.com/en-US/solution/KA-0023430
- t-online.deinlinet-online, 2026-05-27https://www.t-online.de/nachrichten/deutschland/id_101271406/kabinett-gibt-bsi-und-polizei-befugnisse-zur-cyberabwehr.html
- techcommunity.microsoft.cominlineMS Exchange Bloghttps://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498
- techcommunity.microsoft.cominlineMicrosoft, 2021-09-28https://techcommunity.microsoft.com/blog/exchange/new-security-feature-in-september-2021-cumulative-update-for-exchange-server/2783477
- techcrunch.cominlineTechCrunch, 2026-05-27https://techcrunch.com/2026/05/27/crowdstrike-and-google-take-down-botnet-used-by-hackers-to-target-software-developers-in-supply-chain-attacks/
- techcrunch.cominlineTechCrunch — UK Visa Portal spilled passports and selfieshttps://techcrunch.com/2026/05/27/uk-visa-portal-spilled-thousands-of-applicants-passports-and-selfies-online-and-hasnt-fixed-the-leak/
- techradar.cominlineTechRadarhttps://www.techradar.com/pro/security/uk-visa-portal-website-leaks-thousands-of-user-passport-data-and-photos-online
- tenable.cominlineTenable, 2026-05-12https://www.tenable.com/blog/microsofts-may-2026-patch-tuesday-addresses-118-cves-cve-2026-41103
- thehackernews.cominlineThe Hacker News, 2026-05-09https://thehackernews.com/2026/05/cpanel-whm-patch-3-new-vulnerabilities.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html
- thehackernews.cominlineThe Hacker News, 2026-05-28https://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/four-malicious-npm-packages-deliver.html
- thehackernews.cominlineThe Hacker News, 2026-05-15https://thehackernews.com/2026/05/four-openclaw-flaws-enable-data-theft.html
- thehackernews.cominlineThe Hacker News, 2026-05-16https://thehackernews.com/2026/05/funnel-builder-flaw-under-active.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/05/ghostwriter-targets-ukrainian.html
- thehackernews.cominlineThe Hacker News, 2026-05-27https://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html
- thehackernews.cominlineThe Hacker News, 2026-05-20https://thehackernews.com/2026/05/github-investigating-teampcp-claimed.html
- thehackernews.cominlineThe Hacker News, 2026-05-27https://thehackernews.com/2026/05/glassworm-malware-takedown-disrupts.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/interpol-operation-ramz-disrupts-mena.html
- thehackernews.cominlineThe Hacker News, 2026-05-17https://thehackernews.com/2026/05/nginx-cve-2026-42945-exploited-in-wild.html
- thehackernews.cominlineThe Hacker News, 2026-05-15https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html
- thehackernews.cominlineThe Hacker News, 2026-05-07https://thehackernews.com/2026/05/pcpjack-credential-stealer-exploits-5.html
- thehackernews.cominlineThe Hacker News, 2026-05-15https://thehackernews.com/2026/05/turla-turns-kazuar-backdoor-into.html
- thehackernews.cominline2026-05-19https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html
- thehackernews.cominlineThe Hacker News, 2026-05-20https://thehackernews.com/2026/05/webworm-deploys-echocreep-and-graphworm.html
- therecord.mediainlineThe Record, 2026-05-20https://therecord.media/github-confirms-teampcp-hack-customers-unaffected
- therecord.mediainlineThe Record, 2026-05-06https://therecord.media/hackers-compromise-daemon-tools-global-supply-chain-attack
- therecord.mediainlineThe Record's reportinghttps://therecord.media/uk-water-company-had-hackers-lurking-for-years
- theregister.cominlineThe Register, 2026-05-11https://www.theregister.com/cyber-crime/2026/05/11/ico-fines-south-staffordshire-963k-over-2022-breach/5237875
- theregister.cominlineThe Register, 2026-05-12https://www.theregister.com/cyber-crime/2026/05/12/foxconn-confirms-cyberattack-after-nitrogen-claims-apple-nvidia-data-theft/5239144
- theregister.cominlineThe Register, 2026-05-13https://www.theregister.com/security/2026/05/13/disgruntled-researcher-releases-two-more-microsoft-zero-days/5239758
- thezdi.cominlineZDI, 2026-05-12https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review
- thezdi.cominlineZDI, 2026-05-13https://www.thezdi.com/blog/2026/5/13/pwn2own-berlin-2026-day-one-results
- thezdi.cominlineZDI Day Twohttps://www.thezdi.com/blog/2026/5/15/pwn2own-berlin-2026-day-two-results
- thezdi.cominlineZDI, 2026-05-16https://www.thezdi.com/blog/2026/5/16/pwn2own-berlin-2026-day-three-results-and-master-of-pwn
- unit42.paloaltonetworks.cominlineUnit 42 — CVE-2024-7399 Samsung MagicINFOhttps://unit42.paloaltonetworks.com/cve-2024-7399-samsung-magicinfo/
- welivesecurity.cominlineESET WeLiveSecurityhttps://www.welivesecurity.com/en/eset-research/frostyneighbor-fresh-mischief-digital-shenanigans/
- welivesecurity.cominlineESET WeLiveSecurity, 2026-05-20https://www.welivesecurity.com/en/eset-research/webworm-new-burrowing-techniques/
- wid.cert-bund.deinlineBSI WID-SEC-2026-1517, 2026-05-13https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1517
- wid.cert-bund.deinlineBSI WID-SEC-2026-1536, 2026-05-14https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1536
- wid.cert-bund.deinlineBSI WID-SEC-2026-1568, 2026-05-18https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1568
- wid.cert-bund.deinlineBSI WID-SEC-2026-1583https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1583
- wid.cert-bund.deinlineBSI CERT-Bund, 2026-05-20https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1612
- windowsforum.cominlineWindowsForum, 2026-04-24https://windowsforum.com/threads/cisa-adds-4-kev-flaws-patch-samsung-magicinfo-simplehelp-d-link-dragonforce-ransomware-april-2026/
- wiz.ioinlineWiz Researchhttps://www.wiz.io/blog/dirty-frag-linux-kernel-local-privilege-escalation-via-esp-and-rxrpc
- wiz.ioinlineWiz, 2026-05-20https://www.wiz.io/blog/durabletask-teampcp-supply-chain-attack
- zerodayinitiative.cominlineZero Day Initiative, 2026-05-15https://www.zerodayinitiative.com/blog/2026/5/15/pwn2own-berlin-2026-day-two-results
Items in briefs about IBM HTTP Server — RCE in TLS mutual-authentication configurations (CVSS 8.1)
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.