Intigriti Bug Bytes #236 – May 2026
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Earning $148K via RCE in Google Cloud How public Google…
Month: May 2026
Cybersecurity trends in SEC filings
The total cost in tokens for development, debugging, and running was around $15, not expensive, but not something I’d likely develop for every project I…
The Top Four CVEs Attackers Exploit
While the move to remote work last year gave many of us comforts such as working in our pajamas and being 10 steps away from…
New CIFSwitch Linux flaw gives root on multiple distributions
A newly discovered local privilege escalation vulnerability dubbed ‘CIFSwitch’ in the Linux kernel could allow attackers to forge CIFS authentication key descriptions, abuse the kernel’s…
Pentest Swarm AI Tool With Live Access to nmap, sqlmap, Burp, Metasploit, and Others
Pentest Swarm AI is the first open-source autonomous penetration testing platform built on a swarm intelligence architecture, not just multiple agents firing in a fixed…
Google Chrome’s DBSC Now Generally Available to Prevent Account Takeovers
Google has officially made Device Bound Session Credentials (DBSC) generally available for the Chrome browser on Windows. This architectural upgrade delivers a robust defense mechanism…
The behavioral signals that sharpen Trojan malware detection
Malware analysts spend a lot of time deciding which signals from a sandbox run are worth keeping. A sample executed in a controlled environment can…
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil’s largest cooperative financial systems,…
Carnival cruise line confirmed as latest ShinyHunters victim
Carnival Corporation, the world’s largest cruise ship operator, has confirmed an extensive data breach in the wake of an April 2026 system compromise claimed by…
Chrome 148 Update Patches 151 Vulnerabilities
Google this week released a fresh Chrome 148 update that resolves 151 vulnerabilities, including 22 critical-severity flaws. Based on the paid bug bounties, the most…
Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys
Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys Pierluigi Paganini May 30, 2026 Attackers are texting Signal users posing as Support,…
The Gentlemen are coming for your files, and then your network
“Modern ransomware is no longer just about encrypting files,” said Paul Reid, vice president of Adversary Research at AttackIQ. “The bigger risk is how quickly…