ICYMI: 2026-05-28
Latest Headlines
Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More
JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware
The Pentagon Knew Enemies Could Track Troops’ Phones for Years. Now They Are
Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks
Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks
Geordie Raises $30 Million for AI Security and Governance Platform
Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks
IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell”
New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails
Raising the Cybersecurity Stakes: Ante up for the Agentic Era
Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks
The CISO Whisperer’s Watch List For The Gartner Security & Risk Management Summit 2026
Hackers Use LLM Agent to Move From Marimo RCE to Internal Database in Four Pivots
VaultJacking Attack Steals Entire Google Password Manager Vault With One Captured PIN
AI-Generated npm Malware Accidentally Exposes Threat Actor’s Private GitHub Token
Claude Opus 4.8 Released With Ability to Work as an Experienced Engineer
New Gogs 0-Day Vulnerability Lets Attackers Run Malicious Code on the Server Remotely
Critical OpenVPN Connect for macOS Vulnerability Let Attackers Execute Arbitrary Commands
Hackers Deploy VIP Keylogger Through Phishing Emails Masquerading as Business Documents
ClearFake Uses BSC Testnet Smart Contracts for Takedown-Resistant Command and Control
New Linux CIFSwitch Kernel Vulnerability Allows Attackers to Gain Root Access
BTMOB Android malware service generates custom phishing payloads
FBI warns of fake FIFA websites running World Cup fraud schemes
Hackers exploit FortiClient EMS flaw to push infostealer malware
New Gogs zero-day flaw lets hackers get remote code execution
Romanian gets 5 years in prison for hacking Oregon govt network
Carnival Cruise confirms data breach affecting nearly 6 million people
Sextortionist sentenced to 33 years for targeting 145 children
– MTZ