Keepnet contributes voice and SMS phishing data to the 2026 Verizon DBIR
Keepnet, an Extended Human Risk Management (xHRM) platform, today announced that its voice and SMS phishing simulation data contributed to the 2026 Verizon Data Breach…
Author: Cybernoz
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Ravie LakshmananMay 23, 2026Supply Chain Attack / Malware Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages…
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
Grafana this week revealed that the unauthorized access to the Grafana Labs GitHub repositories disclosed earlier this month was the result of the TanStack supply…
Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets
Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets Pierluigi Paganini May 23, 2026 Ghostwriter targeted Ukrainian government agencies with…
Foul play: Scams target soccer fans with fake World Cup tickets, merchandise
Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data 22 May 2026 • ,…
Microsoft says it’s making AI ‘safe for work’ in your browser
And a new tab page will pull together calendar entries, files and Copilot prompts, reducing the need to switch between tools, it said. A key…
Recap: Navigating the NIST Cybersecurity Framework
As the security landscape evolves, matures and becomes more complex, organizations need a trusted framework they can easily adopt and integrate into their existing security…
Drupal: Critical SQL injection flaw now targeted in attacks
Drupal is warning that hackers are attempting to exploit a “highly critical” SQL injection vulnerability announced earlier this week. The content management system (CMS) project…
Hackers Compromised 233 Versions of Laravel-Lang Packages by Hacking 700 GitHub Repos
A highly sophisticated supply chain attack has compromised the Laravel-Lang ecosystem, injecting credential-stealing remote code execution backdoors into 233 package versions across 700 GitHub repositories.…
Claude Mythos Preview Discovers 10,000+ 0-Days in Glasswing
Anthropic has published an update on Project Glasswing, its collaborative AI-powered vulnerability discovery initiative launched last month, revealing that Claude Mythos, the company’s most capable…
Proton Pass adds monitored credential sharing for AI agents
Proton Pass, a secure, end-to-end encrypted password manager, added credential sharing through AI access tokens, allowing users to give AI agents access to selected items…
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
Ravie LakshmananMay 22, 2026Vulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend…