x86.se

2 Min Read

May 23, 2026

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a re…

2 Min Read

May 23, 2026

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

A new "coordinated" supply chain attack campaign has impacted eight…

3 Min Read

May 23, 2026

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Anthropic on Friday disclosed that Project Glasswing has helped uncover…

3 Min Read

May 23, 2026

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

Cybersecurity researchers have flagged a fresh software supply chain…

2 Min Read

May 23, 2026

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw,…

2 Min Read

May 23, 2026

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to…

3 Min Read

May 22, 2026

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal…

2 Min Read

May 22, 2026

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151) has been observed using lures related to Prometheus, a…

4 Min Read

May 22, 2026

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561…

36 Min Read

May 22, 2026

Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective

1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode…

2 Min Read

May 22, 2026

Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks

The U.S. Department of Justice (DoJ) on Thursday announced the arrest of a Canadian man in connection with allegedly operating a distributed…

2 Min Read

May 22, 2026

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex…

1 Min Read

May 22, 2026

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote…

3 Min Read

May 21, 2026

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a…

18 Min Read

May 21, 2026

ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

This week starts small. A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the…

2 Min Read

May 21, 2026

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild.…

4 Min Read

May 21, 2026

When Identity is the Attack Path

Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key…

2 Min Read

May 21, 2026

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The…

3 Min Read

May 21, 2026

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device…

2 Min Read

May 21, 2026

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to…

2 Min Read

May 20, 2026

Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development

Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial…

3 Min Read

May 20, 2026

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system…

3 Min Read

May 20, 2026

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors…

3 Min Read

May 20, 2026

Agent AI is Coming. Are You Ready?

New Industry Data Just Released Suggests Not. On May 19th, 2026, Orchid Security released the results of our Identity Gap: Snapshot 2026.…

6 Min Read

May 20, 2026

Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem

AI-generated lookalike domains are now embedded inside the third-party scripts running on your web properties. Here's why your current stack…

2 Min Read

May 20, 2026

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The…

2 Min Read

May 20, 2026

Grafana GitHub Breach Exposes Source Code via TanStack npm Attack

Grafana Labs, on May 19, 2026, said an investigation into its recent breach found no evidence of customer production systems or operations…

4 Min Read

May 20, 2026

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP…

3 Min Read

May 19, 2026

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users.…

4 Min Read

May 19, 2026

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local…

5 Min Read

May 19, 2026

The New Phishing Click: How OAuth Consent Bypasses MFA

In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340…

2 Min Read

May 19, 2026

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare

Drupal has issued an alert stating that it intends to release a "core security release" for all supported branches on May 20, 2026, from 5-9…

3 Min Read

May 19, 2026

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access

Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that…

4 Min Read

May 19, 2026

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio…

2 Min Read

May 19, 2026

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials

In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper,…

4 Min Read

May 19, 2026

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated…

4 Min Read

May 18, 2026

INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests

INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and…

11 Min Read

May 18, 2026

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were…

6 Min Read

May 18, 2026

How to Reduce Phishing Exposure Before It Turns into Business Disruption

What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click?…

5 Min Read

May 18, 2026

Developer Workstations Are Now Part of the Software Supply Chain

Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes…

4 Min Read

May 18, 2026

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to…

2 Min Read

May 18, 2026

MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems

Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a…

2 Min Read

May 18, 2026

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the…

3 Min Read

May 18, 2026

Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations

A new analysis of the Lua-based fast16 malware has confirmed that it was a cyber sabotage tool designed to tamper with nuclear weapons testing…

2 Min Read

May 17, 2026

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public…

2 Min Read

May 17, 2026

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment…

Explore Trending Topics