ICYMI: 2026-05-14
Latest Headlines
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Enhancing Data Center Security Without Sacrificing Performance
New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation
Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere
Akamai to Acquire AI and Browser Security Firm LayerX for $205 Million
Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns
Hackers Targeted PraisonAI Vulnerability Hours After Disclosure
Sandworm Hackers Pivot From Compromised IT Systems Toward Critical OT Assets
Chinese APT Hackers Exploit Microsoft Exchange to Breach Energy Sector Network
New Malware Framework Enables Screen Control, Browser Artifact Access, and UAC Bypass
node-ipc npm Package with 822K Weekly Downloads Compromised in Supply Chain Attack
Anthropic’s Mythos AI Reportedly Found macOS Vulnerabilities that Could Bypass Apple Security
Hackers Compromise 170 npm Packages to Steal GitHub, npm, AWS, and Kubernetes Secrets
Critical Canon MailSuite Vulnerability Enables Remote Code Execution Attacks
TeamPCP and BreachForums Hackers Running $1,000 Contest for Supply Chain Attacks
Amazon Quick Bug Exposed AI Chat Agents to Users Blocked by Custom Permissions
New Critical Exim Mailer Allows Remote Attacker to Execute Arbitrary Code
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
OpenAI confirms security breach in TanStack supply chain attack
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
KongTuke hackers now use Microsoft Teams for corporate breaches
Dell confirms its SupportAssist software causes Windows BSOD crashes
New Fragnesia Linux flaw lets attackers gain root privileges
– MTZ