← Latest brief

Security news.

·Afternoon Brief

Today's security news highlights active exploitation of critical vulnerabilities in Ghost CMS and Drupal Core, alongside significant supply chain attacks targeting Laravel Lang and Packagist packages. Authorities have also made strides against cybercrime, disrupting a major piracy app and a botnet operator.

BLEEPINGEXPLOIT
May 24READ

Ghost CMS SQL Injection Flaw Exploited in ClickFix Campaign

A critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS is being actively exploited to inject malicious JavaScript for ClickFix attacks.

BLEEPINGBREACH
May 23READ

Laravel Lang Packages Hijacked for Credential Stealing Malware

A supply chain attack has compromised Laravel Lang localization packages, using GitHub version tags to distribute credential-stealing malware via Composer.

THNSUPPLY CHAIN
May 23READ

Packagist Supply Chain Attack Infects 8 Packages with Linux Malware

A coordinated supply chain attack on Packagist has infected eight packages with malicious code designed to deploy a Linux binary from GitHub Releases.

THNZERO-DAY
May 23READ

LiteSpeed cPanel Plugin Zero-Day (CVE-2026-48172) Actively Exploited

A maximum-severity vulnerability in the LiteSpeed User-End cPanel Plugin (CVE-2026-48172) is under active exploitation, allowing arbitrary script execution with root privileges.

THNKEV
May 23READ

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

A critical SQL injection vulnerability (CVE-2026-9082) in Drupal Core is being actively exploited and has been added to CISA's Known Exploited Vulnerabilities Catalog.

BLEEPINGZERO-DAY
May 22READ

Trend Micro Warns of Apex One Zero-Day Exploited in the Wild

Trend Micro has patched a zero-day directory traversal vulnerability (CVE-2026-34926) in Apex One (on-premise) that is being actively exploited in attacks targeting Windows systems.

THNRANSOMWARE
May 22READ

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

European and North American authorities have dismantled "First VPN Service," a criminal VPN used by dozens of ransomware groups and other cybercriminals.

BLEEPINGMALWARE
May 22READ

US and Canada Arrest and Charge Suspected Kimwolf Botnet Admin

A Canadian man has been arrested and charged by US and Canadian authorities for operating the Kimwolf DDoS botnet, which infected nearly two million devices.

Generated twice daily from public security RSS feeds. Informational only.