@cyber.netsecops.io@rss-parrot.net
I'm an automated parrot! I relay a website's RSS feed to the Fediverse. Every time a new post appears in the feed, I toot about it. Follow me to get all new posts in your Mastodon timeline! Brought to you by the RSS Parrot.
---
Latest cybersecurity threat intelligence articles from the past 3 days
Site URL: cyber.netsecops.io/
Feed URL: cyber.netsecops.io/rss/all.xml
Posts: 33
Followers: 1
CISA Contractor Leaks AWS GovCloud Keys and Internal System Credentials on Public GitHub Repo
Published: May 24, 2026 00:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is under congressional investigation after a contractor exposed highly sensitive credentials on a public GitHub repository. The repository, named 'Private-CISA,' contained plaintext…
TeamPCP Threat Actor Breaches TanStack in 'Mini Shai-Hulud' Supply Chain Campaign
Published: May 24, 2026 00:00
The financially motivated threat group 'TeamPCP' has been identified as the actor behind the 'Mini Shai-Hulud' supply chain campaign, which recently compromised the popular TanStack open-source library. The attack, which also targeted the npm and PyPI…
‘Megalodon’ Campaign Hits 5,500+ GitHub Repos in Automated CI/CD Supply Chain Attack
Published: May 24, 2026 00:00
A massive, automated supply chain attack dubbed 'Megalodon' has compromised over 5,500 public GitHub repositories in just six hours. The attackers pushed thousands of malicious commits that altered CI/CD workflow files, backdooring the build processes of…
Akamai Report: Financial Sector Under Siege from AI-Powered Botnets and Escalating DDoS Attacks
Published: May 24, 2026 00:00
According to a new 'State of the Internet' report from Akamai, the financial services sector is facing a growing threat from increasingly sophisticated cyberattacks. The report highlights the use of AI-empowered botnets that operate with greater speed and…
'Trapdoor' Android Ad Fraud Campaign Used 455 Malicious Apps to Hijack Millions of Devices
Published: May 24, 2026 00:00
A sophisticated and large-scale Android ad fraud operation named 'Trapdoor' has been uncovered by security researchers. The campaign involved a network of 455 malicious apps, downloaded over 24 million times from the Google Play Store, that worked together…
Trump Mobile API Flaw Exposes Personal Data of 27,000 Smartphone Pre-Order Customers
Published: May 24, 2026 00:00
Trump Mobile is investigating a significant data exposure incident affecting approximately 27,000 customers who pre-ordered the company's T1 smartphone. A security researcher discovered an unprotected API endpoint that allowed public access to customer…
New 'Underminr' Flaw in CDNs Puts 88 Million Domains at Risk of Evasive Attacks
Published: May 23, 2026 00:00
A newly disclosed vulnerability named 'Underminr' affects shared Content Delivery Network (CDN) infrastructure, enabling a sophisticated form of domain fronting. The flaw allows attackers to hide malicious command-and-control (C2) traffic behind an…
Laravel-Lang Supply Chain Attack Injects Credential Stealer into 233 Package Versions
Published: May 23, 2026 00:00
A major supply chain attack has targeted the popular Laravel-Lang project, used for language localization in the Laravel PHP framework. Attackers compromised 233 version tags across three key repositories, injecting a multi-stage credential-stealing…
Critical Unauthenticated SQLi Flaw in Drupal Core Hits PostgreSQL Sites
Published: May 23, 2026 00:00
The Drupal project has released security updates to patch a critical SQL injection vulnerability, tracked as CVE-2026-9082. The flaw affects Drupal Core sites that use a PostgreSQL database backend. It can be exploited by an unauthenticated, anonymous…
Packagist Supply Chain Attack Uses Clever Evasion to Infect PHP Projects with Linux Malware
Published: May 23, 2026 00:00
A coordinated supply chain attack has compromised at least eight packages on Packagist, the main PHP package repository. The attackers modified the packages to download and execute a Linux binary hosted on GitHub. In a clever evasion tactic, the malicious…
Gartner Names LinkShadow a 'Visionary' in 2026 Magic Quadrant for Network Detection and Response
Published: May 23, 2026 00:00
The technology research firm Gartner has positioned LinkShadow in the Visionaries Quadrant of its 2026 Magic Quadrant for Network Detection and Response (NDR). This recognition highlights LinkShadow's completeness of vision and ability to execute in the…
CISA KEV Catalog Updated: Actively Exploited Langflow and Trend Micro Flaws Demand Urgent Patching
Published: May 22, 2026 00:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, confirming they are under active exploitation. The flaws are CVE-2025-34291, an Origin Validation Error…
New 'Aur0ra' Ransomware Emerges with Stealthy Dual-Extortion Tactics
Published: May 22, 2026 00:00
A new ransomware strain named Aur0ra has been identified, employing a dual-extortion model that is becoming standard for modern ransomware. The malware encrypts files, making them inaccessible, and claims to have exfiltrated sensitive data before…
Vietnam Government Systems Breached, SOCs Fail to Detect Intrusions
Published: May 22, 2026 00:00
Vietnamese cybersecurity authorities are investigating major data breaches at two unnamed ministry-level agencies, where hackers have allegedly stolen millions of user records. According to the Vietnam National Cyber Emergency Response Team (VNCERT), the…
Iranian APT 'Screening Serpens' Intensifies Espionage with New RATs Targeting US, Israel, and UAE
Published: May 22, 2026 00:00
The Iran-nexus advanced persistent threat (APT) group known as Screening Serpens (also UNC1549, Smoke Sandstorm) has escalated its cyber-espionage activities, according to researchers at Unit 42. The campaigns, which ran from mid-February to April 2026,…
Industrial Giants Under Siege: Foxconn and Škoda Auto Suffer Major Cyberattacks
Published: May 22, 2026 00:00
Two major multinational corporations, electronics manufacturer Foxconn and automaker Škoda Auto, have been targeted in separate, significant cyberattacks in May 2026. Foxconn's North American facility was struck by the Nitrogen ransomware group, resulting…
AI Amplifies Supply Chain Threats, Creating New and Complex Cyber Risks
Published: May 22, 2026 00:00
The rapid integration of Artificial Intelligence (AI) into global supply chains is creating a new and complex risk landscape. While AI offers benefits in automation and analytics, it also introduces a new attack surface for threat actors. Malicious actors…
Massive HIPAA Breach Wave Hits U.S. Healthcare, Exposing Thousands of Patient Records
Published: May 22, 2026 00:00
Multiple U.S. healthcare organizations, including the World Trade Center Health Program and LHC Group, have disclosed significant data breaches throughout May 2026. These incidents, some orchestrated by ransomware groups like TridentLocker, have resulted…
Iranian APT Screening Serpens Unleashes New RATs in Espionage Campaign Against US, Israel, and UAE
Published: May 22, 2026 00:00
Unit 42 has identified a series of cyberespionage campaigns conducted by the Iran-nexus Advanced Persistent Threat (APT) group Screening Serpens (also known as UNC1549) between February and April 2026. The attacks, which align with regional conflicts,…
Germany Becomes Epicenter of European Cyber Conflict with 124% Surge in Attacks
Published: May 22, 2026 00:00
Cyberattacks in the DACH region (Germany, Austria, Switzerland) surged by 124% in 2025, with Germany bearing the brunt, accounting for 82% of all incidents. According to research from Check Point, this dramatic increase is fueled by a dual threat:…
Nation-State Actors Weaponize Open-Source ROADtools for Azure Cloud Attacks, Bypassing MFA and Persisting in Networks
Published: May 22, 2026 00:00
Nation-state threat actors, including Midnight Blizzard and Curious Serpens, are increasingly misusing ROADtools, a legitimate open-source framework for Azure and Entra ID security research, to conduct sophisticated cloud attacks. According to Unit 42,…
Warning: Microsoft Defender Flaws Actively Exploited to Gain SYSTEM Privileges
Published: May 21, 2026 00:00
Microsoft has confirmed that two vulnerabilities in its Microsoft Defender antivirus solution, CVE-2026-41091 and CVE-2026-45498, are being actively exploited in the wild. The more severe flaw, CVE-2026-41091, is a local privilege escalation (LPE)…
CrowdStrike: North Korea Stole Billions in Crypto, Financial Sector Attacks Up 43%
Published: May 21, 2026 00:00
CrowdStrike's 2026 Financial Services Threat Landscape Report, released May 20, 2026, details a massive escalation in cyberattacks against the financial sector, driven by North Korean state actors and organized eCrime groups. DPRK-nexus adversaries, such…
CISA Adds Seven New Vulnerabilities to 'Must-Patch' KEV Catalog
Published: May 21, 2026 00:00
On May 20, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This action, under Binding Operational Directive (BOD) 22-01, mandates that Federal…
Supply Chain in Crisis: Exploits Now Arrive Before Companies Know They're Vulnerable
Published: May 21, 2026 00:00
A May 2026 report from Black Kite warns of a deepening supply chain security crisis, characterized by 'Velocity Without Visibility.' With over 48,000 CVEs published in 2025, the speed of exploitation has now surpassed the speed of discovery for many…
CISA Opens KEV Catalog to Public Submissions to Speed Up Threat Response
Published: May 21, 2026 00:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has launched a new public-facing submission process for its Known Exploited Vulnerabilities (KEV) catalog. Announced on May 21, 2026, the initiative allows security researchers, vendors, and…
BWH Hotels Breach: Attackers Had Access for Six Months, Exposing Guest Data
Published: May 20, 2026 00:00
BWH Hotels, the parent company of major brands like Best Western, WorldHotels, and SureStay, has confirmed a significant data breach involving sensitive guest reservation information. The breach was discovered on April 22, but investigations revealed that…
Six Windows Zero-Day Exploits Leaked by Threat Actor 'Nightmare-Eclipse'
Published: May 20, 2026 00:00
A threat actor operating under the alias 'Nightmare-Eclipse' has released a series of six zero-day exploits targeting Microsoft Windows. The campaign, which appears to be a personal vendetta against Microsoft rather than financially motivated, includes…
Chinese APT 'Webworm' Uses Discord and MS Graph API for C2 in New Backdoor Attacks
Published: May 20, 2026 00:00
The China-aligned threat actor known as 'Webworm' has been observed deploying two new, sophisticated backdoors named 'EchoCreep' and 'GraphWorm'. These tools represent an evolution in the group's tactics, using legitimate and widely-used services for…
Global Consulting Services Breach Exposes PII of 1,320 Individuals
Published: May 20, 2026 00:00
Global Consulting Services & Software Development, a California-based IT firm, has disclosed a data breach that exposed the personally identifiable information (PII) of 1,320 individuals. The breach occurred in early January 2026 when an unauthorized third…
Ransomware Attack on West Pharmaceutical Services Disrupts Global Operations
Published: May 20, 2026 00:00
West Pharmaceutical Services, a leading global manufacturer of pharmaceutical packaging and drug delivery systems, has suffered a ransomware attack that disrupted its global business operations. The company detected unusual network activity on May 4 and…
NYC Health + Hospitals Breach May Affect 1.8 Million Patients and Employees
Published: May 20, 2026 00:00
NYC Health + Hospitals Corporation, the largest public health system in the United States, has reported a massive data breach that may have compromised the personal and protected health information (PHI) of approximately 1.8 million people. The breach,…
TamperedChef Malware: Trojanized Apps Masquerade as Productivity Tools to Deploy Stealthy Payloads
Published: May 20, 2026 00:00
Unit 42 has identified and analyzed several clusters of malware activity collectively known as TamperedChef. This threat involves trojanized productivity applications, such as PDF editors and file converters, distributed through malicious advertising…