9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
https://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html
Striga: Lifting x86 to LLVM IR with Python | secret club
https://secret.club/2026/05/21/striga.html
Flipper One — we need your help
https://blog.flipper.net/flipper-one-we-need-your-help/
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
https://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
https://thehackernews.com/2026/05/showboat-linux-malware-hits-middle-east.html
New NGINX 0-Day RCE "nginx-poolslip" Affects Millions of NGINX Servers
https://cybersecuritynews.com/nginx-0-day-rce-nginx-poolslip/
Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks
https://blog.xlab.qianxin.com/ghost-cms-mass-compromised-via-cve-2026-26980-now-fueling-clickfix-attacks/
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
https://thehackernews.com/2026/05/highly-critical-drupal-core-flaw.html
46k plaintext passwords pwned in Myspace93 breach
https://www.theregister.com/security/2026/05/21/46k-plaintext-passwords-pwned-in-myspace93-breach/5244024
GitHub links repo breach to TanStack npm supply-chain attack
https://www.bleepingcomputer.com/news/security/github-links-repo-breach-to-tanstack-npm-supply-chain-attack/
[Workshop] Anti-Analysis Logic – Inspecting the .cctor & Anti-Debug - YouTube
https://youtu.be/6rcUxmRGhlg![[Workshop] Anti-Analysis Logic – Inspecting the .cctor & Anti-Debug - YouTube](/image/screenshot/b574255a98196c88c09330a0b9b0b2ff.webp)
Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention - SecurityWeek
https://www.securityweek.com/apple-rejected-2-million-app-store-submissions-in-2025-for-security-and-fraud-prevention/
Cisco Patches Critical Vulnerability in Secure Workload - SecurityWeek
https://www.securityweek.com/cisco-patches-critical-vulnerability-in-secure-workload/
Microsoft’s Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks
https://hackread.com/microsoft-retired-ie-tool-mshta-fileless-malware-attack/
Client Challenge
https://www.drupal.org/sa-core-2026-004
Google's Surge in Chrome Vulnerability Discoveries Likely Driven by AI - SecurityWeek
https://www.securityweek.com/googles-surge-in-chrome-vulnerability-discoveries-likely-driven-by-ai/
An unexpected journey into Microsoft Defender's signature World — retooling_
https://retooling.io/blog/an-unexpected-journey-into-microsoft-defenders-signature-world
Zombie user account let hackers control the city’s water
https://www.theregister.com/security/2026/05/21/zombie-user-account-let-hackers-control-the-citys-water/5243724
Claude Code's Network Sandbox Vulnerability Exposes User Credentials and Source Code
https://cybersecuritynews.com/claude-codes-network-sandbox-vulnerability/
Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility - SecurityWeek
https://www.securityweek.com/supply-chain-security-crisis-too-many-vulnerabilities-too-little-visibility/
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox - VoidSec
https://voidsec.com/cve-2026-40369-browser-sandbox-escape/
Microsoft warns of new Defender zero-days exploited in attacks
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks/
Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada – Krebs on Security
https://krebsonsecurity.com/2026/05/alleged-kimwolf-botmaster-dort-arrested-charged-in-u-s-and-canada/
Chinese hackers target telcos with new Linux, Windows malware
https://www.bleepingcomputer.com/news/security/chinese-hackers-target-telcos-with-new-linux-windows-malware/
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days - SecurityWeek
https://www.securityweek.com/microsoft-patches-exploited-undefend-and-redsun-defender-zero-days/