← Latest brief

Security news.

·Afternoon Brief

Today's cybersecurity landscape highlights a surge in AI-assisted attacks and supply chain compromises, alongside critical vulnerabilities requiring immediate attention. Several botnets and malware campaigns are actively targeting developers and users, underscoring the persistent threat from sophisticated cybercriminal groups.

CISAKEV
May 27READ

CISA Adds Three Actively Exploited Vulnerabilities to KEV Catalog

CISA has added CVE-2026-8398 (Daemon Tools Lite), CVE-2026-45321 (TanStack), and CVE-2026-48027 (Nx Console) to its Known Exploited Vulnerabilities Catalog, urging immediate patching.

BLEEPINGEXPLOIT
May 27READ

CISA Mandates Patch for Actively Exploited LiteSpeed cPanel Plugin Flaw

Federal agencies have four days to patch a critical privilege escalation vulnerability (CVE-2026-48172) in the LiteSpeed cPanel user-end plugin, which is under active exploitation.

BLEEPINGZERO-DAY
May 26READ

KnowledgeDeliver Zero-Day Exploited to Install Web Shells

A critical zero-day vulnerability in the KnowledgeDeliver learning management system (LMS) has been exploited to deploy Godzilla web shells.

THNSUPPLY CHAIN
May 27READ

GlassWorm Botnet Disrupted, Developer Supply Chain Attacks Halted

The GlassWorm botnet, which targeted software developers via malicious packages and extensions, has been disrupted after its resilient command-and-control infrastructure was taken down.

DARK READINGAI
May 27READ

AI-Assisted Exploit Development Outpaces Scanner Detection

New research indicates that attackers are leveraging AI to significantly reduce the time needed to develop working exploits for CVEs, posing a challenge for traditional scanner detection methods.

THNSUPPLY CHAIN
May 27READ

Malicious npm Package Stole Files from Claude AI User Directory

A new malicious npm package, "mouse5212-super-formatter," was discovered stealing files from the dedicated user-data directory of Anthropic's Claude AI tool.

THNMALWARE
May 27READ

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

Banking trojan campaigns are infecting Windows and Android devices in Latin America and Europe with Grandoreiro and BTMOB malware, primarily targeting companies in Spain, Portugal, Mexico, and mobile users in Brazil.

THNVULN
May 27READ

Gitea Vulnerability Exposes Private Container Images Without Authentication

A security flaw (CVE-2026-27771) in Gitea allows unauthenticated attackers to pull private container images from deployments without credentials, affecting versions prior to 1.26.2.

Generated twice daily from public security RSS feeds. Informational only.