May, 2026 - Cybernoz

Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini May 24, 2026 A new round of the weekly Security Affairs newsletter…

May 24, 2026 Cybernoz 2 min read

ThreatIntelligence-IncidentResponse

One Year Later | Huntress

It’s hard to believe, but it’s been a year since the Colonial Pipeline ransomware attack. In case your memory’s fuzzy, this was the incident that…

May 24, 2026 Cybernoz 4 min read

Bleeping Computer

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The…

May 24, 2026 Cybernoz 2 min read

TheHackerNews

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Ravie LakshmananMay 21, 2026Web Security / Vulnerability Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that could be exploited…

May 24, 2026 Cybernoz 2 min read

Securityaffairs

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Popular node-ipc npm Package…

May 24, 2026 Cybernoz 1 min read

Mix

Negative-Days with Vulnerability Spoiler Alert: Three Months Later

When I published Discovering Negative-Days with LLM Workflows three months ago, I got a lot of great feedback and interest. Since then, the waves have…

May 24, 2026 Cybernoz 5 min read

ThreatIntelligence-IncidentResponse

Evicting the Adversary | Huntress

There are plenty of articles and cheat sheets advising defenders how to monitor, hunt and detect the adversary in their environment. But sometimes, it feels…

May 24, 2026 Cybernoz 8 min read

CyberSecurityNews

Hackers Backdoor Popular art-template npm Package to Launch Watering-Hole Attacks

A widely-used JavaScript templating library called art-template has been weaponized to deliver a sophisticated iOS browser exploit kit through a supply chain attack. The backdoored…

May 24, 2026 Cybernoz 5 min read

HelpnetSecurity

Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: TeamPCP breached GitHub’s internal codebase via poisoned VS Code extensionFollowing…

May 24, 2026 Cybernoz 5 min read

TheHackerNews

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Ravie LakshmananMay 23, 2026Vulnerability / Website Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal…

May 24, 2026 Cybernoz 2 min read

Securityaffairs

Anthropic’s Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious

Anthropic’s Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious Pierluigi Paganini May 24, 2026 Anthropic said…

May 24, 2026 Cybernoz 4 min read

ThreatIntelligence-IncidentResponse

Huntress API Is Now in Public Beta!

In June 2021, Huntress unveiled the new Huntress Managed Security Platform, which focused on enabling continuous updates and adaptation with reduced management and procurement overhead.…

May 24, 2026 Cybernoz 2 min read