infosec

Multi-Stage PyInstaller Loader Weaponizes AMSI Patching to Deploy XWorm RAT NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Multi-Stage PyInstaller Loader Weaponizes AMSI Patching to Deploy XWorm RAT

Ddos May 20, 2026

A comprehensive deep dive by the research team at Point Wild has laid bare the internal mechanics...

The Missed Token: Grafana Labs Suffers Source Code Theft via Shai-Hulud npm Worm Campaign CVE-2023-1550 Grafana Labs Cyberattack Mini Shai-Hulud npm Worm

CVE-2023-1550 Grafana Labs Cyberattack Mini Shai-Hulud npm Worm

The Missed Token: Grafana Labs Suffers Source Code Theft via Shai-Hulud npm Worm Campaign

Ddos May 20, 2026

Grafana Labs has broken its silence regarding a targeted corporate cyberattack that culminated in the theft of...

Critical ZKTeco CCTV Flaw (CVE-2026-8598) Leaks Admin Credentials Without Authentication ZKTeco CCTV Vulnerability CVE-2026-8598 Patch

ZKTeco CCTV Vulnerability CVE-2026-8598 Patch

Critical ZKTeco CCTV Flaw (CVE-2026-8598) Leaks Admin Credentials Without Authentication

Ddos May 20, 2026

A newly disclosed, critical vulnerability in ZKTeco CCTV cameras is serving as a reminder that the devices...

Keys to the Kingdom: Critical 9.9 CVSS Budibase Flaw Allows Total Tenant Takeover bui

bui

Keys to the Kingdom: Critical 9.9 CVSS Budibase Flaw Allows Total Tenant Takeover

Ddos May 20, 2026

Budibase, the popular open-source operations platform known for saving engineers hundreds of hours building secure Agents, Apps,...

Details and PoC Exploit Code Released: Critical Cockpit RCE Flaw Grants Instant Root Shells Cockpit RCE Vulnerability CVE-2026-4802 PoC Exploit

Cockpit RCE Vulnerability CVE-2026-4802 PoC Exploit

Details and PoC Exploit Code Released: Critical Cockpit RCE Flaw Grants Instant Root Shells

Ddos May 20, 2026

A severe vulnerability has been uncovered in Cockpit, the widely used web-based Linux server administration tool developed...

Critical 9.8 CVSS: NVIDIA Triton Inference Server Authentication Bypass Threatens AI Workloads NVIDIA Driver Security Update CVE-2026-24187 Linux

NVIDIA Driver Security Update CVE-2026-24187 Linux

Critical 9.8 CVSS: NVIDIA Triton Inference Server Authentication Bypass Threatens AI Workloads

Ddos May 20, 2026

NVIDIA has released a software update for the NVIDIA Triton Inference Server to address a wave of...

VoIP Backbone Exposed: Critical FreePBX Flaw (CVE-2026-46376) Allows Unauthenticated Access to User Portals FreePBX UCP Vulnerability CVE-2026-46376 Hard-Coded Credentials

FreePBX UCP Vulnerability CVE-2026-46376 Hard-Coded Credentials

VoIP Backbone Exposed: Critical FreePBX Flaw (CVE-2026-46376) Allows Unauthenticated Access to User Portals

Ddos May 20, 2026

FreePBX, widely recognized as the world’s most popular open-source IP PBX platform for building customized phone systems,...

Critical 9.9 CVSS Flaw in Arcane Exposes GitOps Secrets to Basic Users Arcane Docker Vulnerability CVE-2026-45625

Arcane Docker Vulnerability CVE-2026-45625

Critical 9.9 CVSS Flaw in Arcane Exposes GitOps Secrets to Basic Users

Ddos May 20, 2026

Arcane, the popular tool billed as “Modern Docker Management, Designed for Everyone”, has disclosed a severe security...

PoC Exploit Code Publicly Released: New “PinTheft” Linux Flaw Overwrites Page Cache for Instant Root PinTheft Linux Exploit Linux LPE PoC Disclosed

PinTheft Linux Exploit Linux LPE PoC Disclosed

PoC Exploit Code Publicly Released: New “PinTheft” Linux Flaw Overwrites Page Cache for Instant Root

Ddos May 20, 2026

A newly detailed vulnerability known as “PinTheft” is giving Linux system administrators serious pause. Discovered by Aaron...

GPU Security Alert: NVIDIA Drivers Hit with Critical 8.8 CVSS Flaw and Enterprise vGPU Bugs NVIDIA Driver Security Update CVE-2026-24187 Linux

NVIDIA Driver Security Update CVE-2026-24187 Linux

GPU Security Alert: NVIDIA Drivers Hit with Critical 8.8 CVSS Flaw and Enterprise vGPU Bugs

Ddos May 19, 2026

NVIDIA has officially rolled out a comprehensive software security update for its GPU Display Driver to address...

Unmasked Origin: Infamous “OrBit” Linux Rootkit Exposed as a Fork of Open-Source Medusa OrBit Linux Rootkit Medusa Userland LD_PRELOAD Hooking

OrBit Linux Rootkit Medusa Userland LD_PRELOAD Hooking

Unmasked Origin: Infamous “OrBit” Linux Rootkit Exposed as a Fork of Open-Source Medusa

Ddos May 19, 2026

In July 2022, security researchers dropped the first analysis of OrBit, a sophisticated, then-undocumented Linux userland rootkit....

Resurgent Tycoon 2FA Adopts OAuth Device Code Phishing to Hijack Microsoft 365 Tycoon 2FA Phishing Kit OAuth Device Code Phishing

Tycoon 2FA Phishing Kit OAuth Device Code Phishing

Resurgent Tycoon 2FA Adopts OAuth Device Code Phishing to Hijack Microsoft 365

Ddos May 19, 2026

Just weeks after a massive international law enforcement operation dismantled its primary server infrastructure, the notorious Tycoon...

Chinese APT FamousSparrow Weaponizes Evolved Deed RAT Against Azerbaijani Energy Infrastructure FamousSparrow Deed RAT ProxyNotShell Exchange Exploitation

FamousSparrow Deed RAT ProxyNotShell Exchange Exploitation

Chinese APT FamousSparrow Weaponizes Evolved Deed RAT Against Azerbaijani Energy Infrastructure

Ddos May 19, 2026

A relentless cyber-espionage operation has targeted an Azerbaijani oil and gas company, demonstrating that advanced persistent threats...

Shai-Hulud Returns: Massive npm Supply Chain Attack Hijacks AntV Ecosystem to Scrape GitHub Runner Memory Mini Shai-Hulud npm Worm AntV Ecosystem Supply Chain Attack

Mini Shai-Hulud npm Worm AntV Ecosystem Supply Chain Attack

Shai-Hulud Returns: Massive npm Supply Chain Attack Hijacks AntV Ecosystem to Scrape GitHub Runner Memory

Ddos May 19, 2026

A massive and highly coordinated supply chain assault is currently ripping through the JavaScript developer ecosystem. Security...

AI “Vibe Coding” Fuels a Phishing Free-For-All: How EvilTokens Bypasses Microsoft 365 MFA Device Code Phishing EvilTokens PhaaS

Device Code Phishing EvilTokens PhaaS

AI “Vibe Coding” Fuels a Phishing Free-For-All: How EvilTokens Bypasses Microsoft 365 MFA

Ddos May 19, 2026

A once-obscure technique for bypassing multifactor authentication is exploding across the threat landscape, supercharged by AI “vibe...

Mass Exploitation Alert: Hardcoded Credentials in Four-Faith Industrial Routers (CVE-2024-9643) Hijacked for Botnets Four-Faith F3x36 Mass Exploitation CVE-2024-9643 Hardcoded Credentials

Four-Faith F3x36 Mass Exploitation CVE-2024-9643 Hardcoded Credentials

Mass Exploitation Alert: Hardcoded Credentials in Four-Faith Industrial Routers (CVE-2024-9643) Hijacked for Botnets

Ddos May 19, 2026

A critical authentication bypass flaw in industrial cellular routers has transitioned into a full-blown mass exploitation campaign,...

Targeting 2 Million Developers: Malicious Nx Console Extension Hijacks VS Code Marketplace Nx Console Extension Supply Chain Attack VS Code Marketplace Malware 2026

Nx Console Extension Supply Chain Attack VS Code Marketplace Malware 2026

Targeting 2 Million Developers: Malicious Nx Console Extension Hijacks VS Code Marketplace

Ddos May 19, 2026

A brief but dangerous supply chain attack briefly hijacked the official Visual Studio Code marketplace, targeting over...

Massive PostgreSQL Update: 11 Vulnerabilities Patched as Version 14 Hits End-of-Life Warning PostgreSQL Security Update 2026 PostgreSQL CVE-2026-6637 Patch CVE-2024-10979 PostgreSQL vulnerability

PostgreSQL Security Update 2026 PostgreSQL CVE-2026-6637 Patch CVE-2024-10979 PostgreSQL vulnerability

Massive PostgreSQL Update: 11 Vulnerabilities Patched as Version 14 Hits End-of-Life Warning

Ddos May 19, 2026

The PostgreSQL Global Development Group has issued a synchronized security update across all actively supported branches, eliminating...

PoC Exploit Publicly Disclosed: 20-Year-Old PostgreSQL pgcrypto Flaw (CVE-2026-2005) Grants Full Superuser RCE PostgreSQL pgcrypto PoC Exploit CVE-2026-2005 Public Disclosure

PostgreSQL pgcrypto PoC Exploit CVE-2026-2005 Public Disclosure

PoC Exploit Publicly Disclosed: 20-Year-Old PostgreSQL pgcrypto Flaw (CVE-2026-2005) Grants Full Superuser RCE

Ddos May 19, 2026

A critical heap buffer overflow vulnerability lurking in PostgreSQL’s core cryptographic extension for over two decades has...

Breaking the AI Sandbox: Critical Flowise Flaw (CVE-2026-46442) Grants Host-Level RCE Flowise Sandbox Escape CVE-2026-46442 Flowise RCE Flowise Auth Bypass, Unauthenticated Registration Flowise RCE, WriteFileTool FlowiseAI, account takeover CVE-2025-58434

Flowise Sandbox Escape CVE-2026-46442 Flowise RCE Flowise Auth Bypass, Unauthenticated Registration Flowise RCE, WriteFileTool FlowiseAI, account takeover CVE-2025-58434

Breaking the AI Sandbox: Critical Flowise Flaw (CVE-2026-46442) Grants Host-Level RCE

Ddos May 19, 2026

A severe vulnerability discovered in the popular open-source generative AI development platform Flowise allows authenticated users to...