ICYMI: 2026-05-25
Latest Headlines
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
266,000 Affected by Data Breach at Radiology Associates of Richmond
Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
InvisibleFerret Malware Now Ships as .pyd and .so Files to Evade Script Detection
Cloud Atlas APT Group Modifies termsrv.dll to Enable Multiple RDP Sessions on Victim Hosts
Cybercriminals Use Telegram Channels to Sell Verified Bank and Fintech Mule Accounts
Hackers Hide Linux Payload Under SSH-Like Filename During Package Installation
Russian Hacker Used Jailbroken Gemini to Steal Admin Credentials and Drain Crypto Wallets
Hackers Abuse Shared CDN Infrastructure to Bypass Domain Reputation Security Controls
KnowledgeDeliver LMS Zero-Day Exploited to Deploy BLUEBEAM Web Shell
Iranian APT Uses SEO Poisoning to Deliver Fake SQL Developer Malware Installer
Kazuar Malware Evolves Into Modular Espionage Ecosystem for Secret Blizzard Operations
Hackers Actives Scanning SonicWall Firewall Interfaces – 597,000 Sessions Observed
Anthropic’s restricted Claude Mythos model may be coming to Claude Code
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
– MTZ