https://threatdigest.io/article/new-shai-hulud-malware-wave-compromises-600-npm-packages/ Threat Digest en 2026-05-24T16:58:54.342715+00:00 Shai-Hulud Unleashed: 600+ NPM Packages Compromised AI in cybersecurity, Shai-Hulud, cybersecurity, malware, npm, supply chain attack https://threatdigest.io/article/wireshark-466-released-sun-may-24th/ Threat Digest en 2026-05-24T16:56:00.993121+00:00 Wireshark 4.6.6: 1 Fix, 11 Bugs Squashed [Update] bug fix, cybersecurity, network analysis, npcap, vulnerability, wireshark https://threatdigest.io/article/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/ Threat Digest en 2026-05-24T16:09:43.783350+00:00 Ghost CMS Exploited: 700+ Sites Hit [Massive Attack] ClickFix, SQL injection, cve-2026-26980, cybersecurity campaign, ghost cms, malware https://threatdigest.io/article/windows-11-kb5089549-kb5087420-cumulative-updates-released/ Threat Digest en 2026-05-24T14:59:42.439162+00:00 Windows 11 Updates: May 2026 Security Patches Arrive Patch Tuesday, cumulative update, kb5087420, kb5089549, microsoft-security, windows 11 updates https://threatdigest.io/article/hackers-bypass-sonicwall-vpn-mfa-due-to-incomplete-patching/ Threat Digest en 2026-05-24T13:47:10.583557+00:00 SonicWall MFA Bypass: Real Risks for Real Companies MFA bypass, SonicWall, cve-2024-12802, ransomware, vpn security, vulnerability https://threatdigest.io/article/microsoft-may-2026-patch-tuesday-fixes-120-flaws-no-zero-days/ Threat Digest en 2026-05-24T12:31:48.867659+00:00 May 2026 Patch Tuesday: 120 Flaws Patched, No Zero-Days Microsoft Patch Tuesday, Windows vulnerabilities, elevation of privilege, microsoft office, remote code execution, security vulnerabilities https://threatdigest.io/article/cisa-security-leak/ Threat Digest en 2026-05-24T11:02:31.730411+00:00 CISA Leak: GovCloud Credentials Exposed on GitHub [Analysis] AWS, CISA, cybersecurity, data leak, github, govcloud https://threatdigest.io/article/exploits-and-vulnerabilities-in-q1-2026/ Threat Digest en 2026-05-24T10:00:29.146213+00:00 2026 Exploit Kits Target Office, Windows, Linux [Q1 Deep Dive] Q1 2026, Windows vulnerabilities, cve, exploit kits, linux vulnerabilities, microsoft office vulnerabilities https://threatdigest.io/article/in-other-news-industrial-router-exploitation-cisa-kev-nomination-form-gas-station-hacking/ Threat Digest en 2026-05-24T09:16:37.824544+00:00 Gas Station Hacks & CISA Blunders: The Week in Cyber Chaos AI security tools, CISA, CVE-2024-9643, Four-Faith, Iranian hackers, gas station hacking, gas station security, industrial router exploitation, industrial routers, mythos https://threatdigest.io/article/canadian-man-arrested-for-operating-kimwolf-botnet/ Threat Digest en 2026-05-24T09:06:26.302968+00:00 Kimwolf Botnet Takedown: What It Means For You botnet, cybercrime, ddos, justice department, kimwolf, law enforcement https://threatdigest.io/article/grafana-says-codebase-and-other-data-stolen-via-tanstack-supply-chain-attack/ Threat Digest en 2026-05-24T08:53:10.044305+00:00 Grafana Source Code Stolen via TanStack Attack code theft, github, grafana, mini shai-hulud, supply chain attack, tanstack https://threatdigest.io/article/trendai-patches-apex-one-zero-day-exploited-in-the-wild/ Threat Digest en 2026-05-24T08:15:55.441900+00:00 TrendAI Patches Apex One Zero-Day: What It Means for Your Network Trend Micro, apex one, cve-2026-34926, directory traversal, trendai, zero-day https://threatdigest.io/article/what-to-watch-this-week-the-supply-chain-and-ai-nexus-20260524/ Threat Digest en 2026-05-24T08:00:04.113463+00:00 What to Watch This Week: The Supply Chain and AI Nexus analysis, predictions, trends https://threatdigest.io/article/daily-briefing-may-24-2026/ Threat Digest en 2026-05-24T07:00:00.431691+00:00 Daily Briefing: May 24, 2026 https://threatdigest.io/article/zero-chaos-scaling-detection-engineering-at-the-speed-of-software-with-detection-as-code/ Threat Digest en 2026-05-24T05:53:10.798248+00:00 Detection Engineering Gets Code Treatment [New Paradigm] DevSecOps, detection as code, detection engineering, security operations, terraform https://threatdigest.io/article/metasploit-wrap-up-05222026/ Threat Digest en 2026-05-24T05:51:11.686861+00:00 Metasploit Weekly: Cisco Auth Bypass, Barracuda RCE, & More barracuda esg, cisco sd-wan, cpanel whm, exploit, metasploit, vulnerability https://threatdigest.io/article/18th-may-threat-intelligence-report/ Threat Digest en 2026-05-24T05:50:14.502390+00:00 AI Unleashed: Your Digital Life Just Got Weird AI threats, cybersecurity, data breaches, phishing, ransomware, vulnerabilities https://threatdigest.io/article/cisa-adds-exploited-langflow-and-trend-micro-apex-one-vulnerabilities-to-kev/ Threat Digest en 2026-05-24T05:39:21.757491+00:00 CISA KEV: Langflow, Trend Micro Apex One Exploits Hit Gov CISA, KEV, exploit, langflow, trend micro apex one, vulnerability https://threatdigest.io/article/metasploit-wrap-up-05082026/ Threat Digest en 2026-05-24T05:15:34.018275+00:00 Metasploit Update: Who's Really Getting Exploited in 2026? apache shiro, exploit, ftp, metasploit, penetration testing, vulnerability https://threatdigest.io/article/making-vulnerable-drivers-exploitable-without-hardware-the-byovd-perspective/ Threat Digest en 2026-05-23T18:52:45.475499+00:00 Drivers Exploitable Without Hardware? BYOVD, cybersecurity, driver exploitation, vulnerability research, windows kernel drivers https://threatdigest.io/article/friday-squid-blogging-regulating-squid-fishing-in-the-south-pacific/ Threat Digest en 2026-05-23T18:10:25.132184+00:00 Squid Overfishing: A South Pacific Crisis SPRFMO, South Pacific, marine conservation, overfishing, squid fishing https://threatdigest.io/article/how-enverus-secures-salesforce-data-and-prevents-data-breaches-with-varonis/ Threat Digest en 2026-05-23T16:40:21.463116+00:00 Enverus Dodges SaaS Attack [Varonis Insight] SaaS security, Varonis, data breach prevention, enverus, identity threat detection, salesforce security https://threatdigest.io/article/megalodon-github-attack-targets-5561-repos-with-malicious-cicd-workflows/ Threat Digest en 2026-05-23T15:03:38.670171+00:00 GitHub Attack [5,561 Repos] Uses Malicious CI/CD Workflows ci/cd, github attack, malicious workflows, megalodon, secrets exfiltration, supply chain attack https://threatdigest.io/article/verizon-dbir-healthcare-fends-off-increased-social-engineering-attacks/ Threat Digest en 2026-05-23T14:24:29.490053+00:00 Healthcare Under Fire: Social Engineering Dominates Verizon DBIR AI in cyberattacks, Verizon DBIR, data breaches, healthcare cybersecurity, ransomware, social engineering https://threatdigest.io/article/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path/ Threat Digest en 2026-05-23T13:52:20.521525+00:00 Linux Kernel Root Exploit Revealed [CVE-2026-46333] cve-2026-46333, linux kernel, local privilege escalation, ptrace, root access https://threatdigest.io/article/underminr-vulnerability-lets-attackers-hide-malicious-connections-behind-trusted-domains/ Threat Digest en 2026-05-23T12:46:53.918989+00:00 Underminr Flaw Lets Bad Actors Hide in Plain Sight cdn, cybersecurity, domain fronting, malicious connections, underminr, vulnerability https://threatdigest.io/article/laravel-lang-php-packages-compromised-to-deliver-cross-platform-credential-stealer/ Threat Digest en 2026-05-23T11:34:18.296514+00:00 Laravel-Lang Packages Hit by Supply Chain Attack [2026] https://threatdigest.io/article/drupal-vulnerability-in-hacker-crosshairs-shortly-after-disclosure/ Threat Digest en 2026-05-23T10:32:10.077036+00:00 Drupal Exploit Found in the Wild Hours After Patch SQL injection, cve-2026-9082, cyber attack, drupal, postgresql, website security https://threatdigest.io/article/foul-play-fake-fifa-websites-target-soccer-fans-looking-for-world-cup-tickets-merchandise/ Threat Digest en 2026-05-23T08:42:40.981010+00:00 Fake FIFA Sites Fleece Fans FIFA, World Cup 2026, cybersecurity, phishing, scams, typosquatting https://threatdigest.io/article/litespeed-cpanel-plugin-cve-2026-48172-exploited-to-run-scripts-as-root/ Threat Digest en 2026-05-23T07:36:49.298249+00:00 LiteSpeed Plugin Exploited for Root Access CVE-2026-48172, LiteSpeed, cPanel, root access, script execution, vulnerability exploitation https://threatdigest.io/article/daily-briefing-may-23-2026/ Threat Digest en 2026-05-23T07:00:00.420243+00:00 Daily Briefing: May 23, 2026 https://threatdigest.io/article/microsoft-recognized-as-a-leader-in-the-forrester-wavetm-for-workforce-identity-security-platforms/ Threat Digest en 2026-05-23T05:55:51.372221+00:00 Microsoft Entra: Leader in Workforce Identity Security? ai identity, cybersecurity, forrester wave, identity-security, microsoft entra, workforce identity https://threatdigest.io/article/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5-and-confluence/ Threat Digest en 2026-05-23T05:47:34.320649+00:00 Linux Breached via F5 & Confluence [New Tactics] Active Directory compromise, Confluence vulnerability, F5 BIG-IP, Linux intrusion, edge appliance compromise, edge appliance security, identity-centric attacks, multi-stage attack https://threatdigest.io/article/ghostwriter-targets-ukraine-government-entities-with-prometheus-phishing-malware/ Threat Digest en 2026-05-23T05:43:06.442250+00:00 Ghostwriter's Prometheus Play: Ukraine Govt Targeted with New Phishing Malware cobalt strike, cyber warfare, ghostwriter, phishing, prometheus malware, ukraine government https://threatdigest.io/article/microsoft-security-success-stories-how-st-lukes-and-manpowergroup-are-securing-ai-foundations/ Threat Digest en 2026-05-23T05:31:52.197866+00:00 AI Security: St. Luke's & ManpowerGroup Success Stories AI security, ManpowerGroup, Microsoft Security Copilot, St. Luke's University Health Network, cloud security, zero trust https://threatdigest.io/article/metasploit-wrap-up-05222026/ Threat Digest en 2026-05-22T19:02:15.525531+00:00 Metasploit Adds 5 New Exploits, Including Auth Bypass on Cisco SD-WAN Barracuda ESG, Cisco SD-WAN, HUSTOJ, Metasploit, cPanel, cve-2026-20182 https://threatdigest.io/article/netherlands-seizes-800-servers-of-hosting-firm-enabling-cyberattacks/ Threat Digest en 2026-05-22T18:17:50.269412+00:00 Dutch Cops Seize 800 Servers Enabling Cyberattacks FIOD, Netherlands, Stark Industries, WorkTitans B.V., cyberattack hosting, sanctions