← Latest brief

Security news.

·Morning Brief

Today's security news highlights active exploitation of critical vulnerabilities, including a WordPress plugin flaw used for credit card skimming and a Microsoft Exchange zero-day. Supply chain attacks continue to be a concern, with incidents affecting Grafana and OpenAI, alongside the evolution of sophisticated backdoors into P2P botnets.

THNEXPLOIT
May 16READ

Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming

A critical vulnerability in the Funnel Builder WordPress plugin is being actively exploited to inject malicious JavaScript into WooCommerce checkout pages to steal payment data.

SECURITYWEEKVULN
May 16READ

PoC Code Published for Critical NGINX Vulnerability

Proof-of-concept code has been published for a critical NGINX vulnerability, patched this week in NGINX Plus and NGINX open source, that was introduced in 2008.

THNBREACH
May 17READ

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Grafana disclosed that an unauthorized party obtained a token to access its GitHub environment and download its codebase, though no customer data was accessed.

BREACH
READ

Microsoft Exchange, Windows 11 Hacked on Second Day of Pwn2Own

Competitors at Pwn2Own Berlin 2026 exploited 15 unique zero-day vulnerabilities in products including Windows 11 and Microsoft Exchange, earning $385,750.

BLEEPINGBREACH
May 15READ

Popular node-ipc npm package compromised to steal credentials

Credential-stealing malware was injected into new versions of the popular node-ipc npm package in a supply chain attack.

SECURITYWEEKZERO-DAY
May 15READ

Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild

Microsoft has issued mitigations for CVE-2026-42897, a high-severity Exchange Server cross-site scripting (XSS) vulnerability actively exploited in attacks.

CISAKEV
May 15READ

CISA Adds Microsoft Exchange Server XSS Vulnerability to KEV Catalog

CISA has added CVE-2026-42897, a Microsoft Exchange Server Cross-Site Scripting Vulnerability, to its Known Exploited Vulnerabilities Catalog due to active exploitation.

THNMALWARE
May 15READ

Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

The Russian state-sponsored hacking group Turla has evolved its Kazuar backdoor into a modular peer-to-peer (P2P) botnet for stealthy, persistent access.

Generated twice daily from public security RSS feeds. Informational only.