← Latest brief

Security news.

·Afternoon Brief

Today's security landscape is marked by critical vulnerabilities under active exploitation, particularly in NGINX and Microsoft Exchange, alongside evolving phishing tactics targeting Microsoft 365. The rise of AI-generated code and AI agents also presents new challenges for defenders, capable of discovering and exploiting obscure flaws.

THNEXPLOIT
May 17READ

NGINX CVE-2026-42945 Actively Exploited

A critical heap buffer overflow (CVE-2026-42945) in NGINX Plus and NGINX Open, affecting versions 0.6.27 through 1.30.0, is under active exploitation, potentially leading to worker crashes and RCE.

BLEEPINGPHISHING
May 17READ

Tycoon2FA Phishing Kit Targets Microsoft 365

The Tycoon2FA phishing kit has been updated to support device-code phishing attacks, leveraging Trustifi click-tracking URLs to hijack Microsoft 365 accounts.

GIZMODO SECURITYBREACH
May 17READ

THORChain Halts Trading After $10 Million Theft

The THORChain crypto exchange temporarily halted trading following a $10 million theft, though the company claims end-user funds were not affected.

DARK READINGEXPLOIT
May 18READ

AI Agents Posing New Exploitation Risks

The emergence of AI agents capable of discovering and exploiting obscure vulnerabilities, coupled with the proliferation of AI-generated code, is forcing cybersecurity defenders to adapt.

THNBREACH
May 17READ

Grafana GitHub Token Breach

Grafana disclosed that an unauthorized party obtained a GitHub token, allowing access to their environment and codebase download, though no customer data was impacted.

BLEEPINGVULN
May 16READ

Microsoft Rejects Azure Vulnerability Report

A security researcher claims Microsoft quietly fixed a critical Azure Backup for AKS vulnerability after rejecting his report and without issuing a CVE, a claim Microsoft disputes.

THNEXPLOIT
May 16READ

Funnel Builder Flaw Exploited for WooCommerce Skimming

A critical vulnerability in the WordPress Funnel Builder plugin is being actively exploited to inject malicious JavaScript into WooCommerce checkout pages to steal payment data.

SECURITYWEEKZERO-DAY
May 15READ

Microsoft Exchange Server Zero-Day Exploited

Microsoft has warned of active exploitation of a cross-site scripting vulnerability (CVE-2026-42897) in on-premise Exchange Server, with CISA adding it to its KEV catalog.

Generated twice daily from public security RSS feeds. Informational only.