ICYMI: 2026-05-22
Latest Headlines
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective
Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
Hackers Abuse Middle East Telecom Networks for Large-Scale Command-and-Control Operations
World Cup Phishing Campaign Nearly Triples With 203 Unique IP Addresses
Russian Threat Groups Use RDP, VPN, Supply Chain Attacks, and Social Engineering for Initial Access
Hackers Backdoor Popular art-template npm Package to Launch Watering-Hole Attacks
Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
Hackers Use NF-e Invoice Lures to Deliver Banana RAT Through Malicious Batch Files
Ubiquiti Patches Critical UniFi OS Vulnerabilities Allowing Remote Privilege Escalation
LiteSpeed cPanel Plugin 0-Day Exploited in the wild to Gain Server Root Access
CISA adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
Deleted Google API Keys Continue Accessing Gemini, BigQuery, and Maps APIs
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
Former US execs plead guilty to aiding tech support scammers
Trend Micro warns of Apex One zero-day exploited in the wild
Ubiquiti patches three max severity UniFi OS vulnerabilities
US and Canada arrest and charge suspected Kimwolf botnet admin
– MTZ