← Latest brief

Security news.

·Afternoon Brief

Today's security brief highlights significant data breaches and ongoing exploitation of vulnerabilities. Several CISA advisories were issued, including a new addition to the KEV catalog, alongside reports of Iranian APTs conducting espionage campaigns.

BLEEPINGBREACH
May 26READ

Charter Communications Confirms Data Breach After ShinyHunters Threat

U.S. telecommunications giant Charter Communications confirmed a data breach following an extortion threat from the ShinyHunters group.

BLEEPINGBREACH
May 26READ

7-Eleven Data Breach Exposes 185,000 Individuals' Personal Information

The ShinyHunters extortion gang is also responsible for a data breach at 7-Eleven, compromising the personal information of over 183,000 people.

CISAKEV
May 26READ

CISA Adds LiteSpeed cPanel Plugin Privilege Escalation to KEV Catalog

CISA has added CVE-2026-48172, a LiteSpeed cPanel Plugin Privilege Escalation Vulnerability, to its Known Exploited Vulnerabilities Catalog, urging federal agencies to patch.

THNNATION-STATE
May 26READ

MuddyWater Uses DLL Side-Loading in Espionage Campaign Across 9 Countries

The Iranian hacking group MuddyWater has been linked to a new campaign targeting industrial, electronics manufacturing, education, public sector, financial, and professional services across nine countries using DLL side-loading.

THNZERO-DAY
May 26READ

KnowledgeDeliver LMS Zero-Day Exploited to Deploy Godzilla and Cobalt Strike

A high-severity flaw (CVE-2026-5426) in Digital Knowledge KnowledgeDeliver LMS was exploited as a zero-day to deploy the Godzilla web shell and Cobalt Strike Beacon.

BLEEPINGEXPLOIT
May 24READ

Ghost CMS SQL Injection Flaw Exploited in Large-Scale ClickFix Campaign

A critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS is being exploited to inject malicious JavaScript code for ClickFix attacks, affecting over 700 websites including major universities.

CISAADVISORY
May 26READ

CISA Advisory: Eppendorf BioFlo 320 Bioreactor Vulnerability

CISA issued an advisory for Eppendorf BioFlo 320 Bioreactor (all versions) regarding a hard-coded password vulnerability that could grant full access to functionality and data.

BLEEPINGBREACH
May 26READ

Microsoft Defender Now Automatically Isolates Hacked Endpoints

Microsoft is testing a new Defender for Endpoint feature that will automatically isolate compromised endpoints to prevent lateral movement by attackers.

Generated twice daily from public security RSS feeds. Informational only.