Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
Ravie LakshmananMay 17, 2026Data Breach / Cybercrime Grafana has disclosed that an “unauthorized party” obtained a token that granted them the ability to access the…
Month: May 2026
macOS Support Is Here! | Huntress
As you may have noticed, macOS malware is still very much a thing these days. We covered some of the malware variants that were seen…
Microsoft warns of Exchange zero-day flaw exploited in attacks
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting…
Grafana Labs Security Breach – Hackers Access GitHub and Download Codebase
A threat actor infiltrated Grafana Labs’ GitHub environment, stealing a privileged token to download the company’s private codebase, and then attempted to extort the open-source…
Microsoft Warns HPE Operations Agent Abused in Malware-Free Attacks
Microsoft has revealed a stealthy intrusion campaign where attackers bypassed traditional malware and exploits, instead abusing trusted enterprise tools to silently infiltrate networks. The technique…
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Ravie LakshmananMay 14, 2026Vulnerability / Web Server Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that…
Sovereign AI fund supports Hassabis startup, Isomorphic
Isomorphic Labs, a company founded by Demis Hassabis, which uses frontier artificial intelligence (AI) for drug design and development, has received investment from the UK…
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution Pierluigi Paganini May 16, 2026 Russia-linked APT group Turla turned its Kazuar malware into…
Google entdeckt erstmals KI-basierten Zero-Day-Exploit
Willkommen im neuen, KI-geschwängerten Bedrohungszeitalter. Gorodenkoff / Shutterstock Die Google Threat Intelligence Group (GTIG) warnt davor, dass kriminelle Hacker mittlerweile KI einsetzen – sowohl, um…
Creating macOS Ransomware | Huntress
With the General Availability release of the Huntress macOS agent, we wanted to share some of the Apple-y stuff we’ve been up to behind the…
Microsoft to automatically roll back faulty Windows drivers
Microsoft is introducing a new capability that will allow it to remotely roll back problematic Windows drivers delivered through Windows Update. Called Cloud-Initiated Driver Recovery,…
First Public macOS Kernel Exploit on Apple M5 Prepared Using Mythos Preview in Five Days
Apple’s M5 silicon has reportedly been exploited for the first time in a public macOS kernel memory corruption attack, successfully bypassing the company’s notable hardware-level…