05/21
05/22
05/23
10 Posts

StubZero: $148,337 RCE in Google Cloud Production · Brutecat

https://brutecat.com/articles/google-cloud-rce/
StubZero: $148,337 RCE in Google Cloud Production · Brutecat
6 Posts

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

https://thehackernews.com/2026/05/cisco-patches-cvss-100-secure-workload.html
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
4 Posts

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

https://thehackernews.com/2026/05/megalodon-github-attack-targets-5561.html
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
4 Posts

Ubiquiti patches three max severity UniFi OS vulnerabilities

https://www.bleepingcomputer.com/news/security/ubiquiti-patches-three-max-severity-unifi-os-vulnerabilities/
Ubiquiti patches three max severity UniFi OS vulnerabilities
3 Posts

Drupal: Critical SQL injection flaw now targeted in attacks

https://www.bleepingcomputer.com/news/security/drupal-critical-sql-injection-flaw-now-targeted-in-attacks/
Drupal: Critical SQL injection flaw now targeted in attacks
3 Posts

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

https://thehackernews.com/2026/05/cisa-adds-exploited-langflow-and-trend.html
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
3 Posts

'First VPN' Cybercrime Service Disrupted, Administrator Arrested - SecurityWeek

https://www.securityweek.com/first-vpn-cybercrime-service-disrupted-administrator-arrested/
'First VPN' Cybercrime Service Disrupted, Administrator Arrested - SecurityWeek
3 Posts

Striga: Lifting x86 to LLVM IR with Python | secret club

https://secret.club/2026/05/21/striga.html
Striga: Lifting x86 to LLVM IR with Python | secret club
3 Posts

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack - SecurityWeek

https://www.securityweek.com/grafana-says-codebase-and-other-data-stolen-via-tanstack-supply-chain-attack/
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack - SecurityWeek
3 Posts

TrendAI Patches Apex One Zero-Day Exploited in the Wild - SecurityWeek

https://www.securityweek.com/trendai-patches-apex-one-zero-day-exploited-in-the-wild/
TrendAI Patches Apex One Zero-Day Exploited in the Wild - SecurityWeek
3 Posts

Russian researcher claims state-backed MAX app secretly records users and monitors VPNs | TechRadar

https://www.techradar.com/vpn/vpn-privacy-security/russian-researcher-claims-state-backed-max-app-secretly-records-users-and-monitors-vpns
Russian researcher claims state-backed MAX app secretly records users and monitors VPNs | TechRadar
3 Posts

Canadian Man Arrested for Operating Kimwolf Botnet - SecurityWeek

https://www.securityweek.com/canadian-man-arrested-for-operating-kimwolf-botnet/
Canadian Man Arrested for Operating Kimwolf Botnet - SecurityWeek