← Latest brief

Security news.

·Morning Brief

Today's security brief highlights a surge in supply chain attacks and active exploitation of critical vulnerabilities. Multiple data breaches affecting healthcare and legal sectors have also been disclosed, alongside warnings about new phishing-as-a-service platforms.

THNEXPLOIT
May 25READ

Ghost CMS SQL Injection Flaw Exploited in ClickFix Attacks

Threat actors are actively exploiting CVE-2026-26980, a critical SQL injection vulnerability in Ghost CMS, to hijack over 700 sites and inject malicious JavaScript for ClickFix attacks.

BLEEPINGPHISHING
May 25READ

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Accounts

The FBI has issued a warning about the Kali365 phishing-as-a-service platform, which abuses OAuth device code authentication to steal session tokens and bypass MFA for Microsoft 365 account compromise.

SECURITYWEEKMALWARE
May 25READ

Laravel-Lang Packages Poisoned for Malware Delivery

A supply chain attack has compromised Laravel-Lang packages, injecting backdoors to exfiltrate CI secrets and deliver credential-stealing malware to developers.

SECURITYWEEKSUPPLY CHAIN
May 25READ

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

The 'Megalodon' supply chain attack has infected over 5,500 GitHub repositories by injecting fake automated commits with GitHub Actions workflows designed to steal credentials and secrets.

THNSUPPLY CHAIN
May 25READ

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

A new coordinated "TrapDoor" supply chain attack campaign is distributing credential-stealing malware through over 34 malicious packages across npm, PyPI, and Crates.io.

THNNATION-STATE
May 25READ

Lazarus Group Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

The North Korea-linked Lazarus Group is using a new cross-platform, memory-only RAT called RemotePE in multi-stage attacks targeting financial and cryptocurrency organizations.

SECURITYWEEKBREACH
May 25READ

266,000 Affected by Data Breach at Radiology Associates of Richmond

Threat actors stole files containing names and protected health information from the healthcare organization’s systems, impacting 266,000 individuals.

SECURITYWEEKBREACH
May 25READ

DocketWise Data Breach Impacts 143,000

Hackers accessed names, addresses, Social Security numbers, financial information, and medical data from third-party partner repositories, affecting 143,000 individuals.

Generated twice daily from public security RSS feeds. Informational only.