HIGH

Laravel Lang Supply Chain Advisory

Snyk • May 23, 2026

HIGH

First Shai-Hulud Worm Clones Emerge

SecurityWeek • May 18, 2026

MEDIUM

[local] Windows Snipping Tool - NTLMv2 Hash Hijack

Exploit-DB • May 15, 2026

HIGH

Malicious node-ipc versions published to npm in suspected maintainer account compromise

Snyk • May 15, 2026

HIGH

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

The Hacker News • May 15, 2026

HIGH

OpenAI Hit by TanStack Supply Chain Attack

SecurityWeek • May 15, 2026

MEDIUM

OpenAI caught in TanStack npm supply chain chaos after employee devices compromised

The Register Security • May 15, 2026

HIGH

Dirty Frag gets a sequel as Fragnesia hands Linux attackers root-level access

The Register Security • May 14, 2026

HIGH

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

The Hacker News • May 14, 2026

HIGH

New Fragnesia Linux flaw lets attackers gain root privileges

BleepingComputer • May 14, 2026

MEDIUM

State of ransomware in 2026

Securelist • May 12, 2026

MEDIUM

Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged

The Register Security • May 11, 2026

HIGH

'Dirty Frag' Linux zero-day exposes most distributions to LPE

SC Media • May 08, 2026

CRITICAL

Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain

Tenable Research • May 08, 2026

CRITICAL

[local] Linux nf_tables 6.19.3 - Local Privilege Escalation

Exploit-DB • May 04, 2026

CRITICAL

New Windows flaw stems from incomplete fix for APT28-exploited bugs

SC Media • Apr 29, 2026

HIGH

ShinyHunters Claims Sale of Anthropic Claude Mythos AI Model Data and Internal Documents

Reddit r/netsec • Apr 24, 2026

HIGH

Bitwarden NPM Package Hit in Supply Chain Attack

SecurityWeek • Apr 24, 2026

HIGH

Namastex npm packages compromised in ‘CanisterWorm’ supply chain attack

SC Media • Apr 23, 2026

HIGH

The LiteLLM attack was a warning shot for Agentic AI supply chains

SC Media • Apr 22, 2026

HIGH

New npm supply-chain attack self-spreads to steal auth tokens

BleepingComputer • Apr 22, 2026

CRITICAL

Critical Marimo pre-auth RCE flaw now under active exploitation

BleepingComputer • Apr 12, 2026

HIGH

Russian hacking group targets home and small office routers to spy on users

Malwarebytes Labs • Apr 08, 2026

HIGH

Russian APT28 Hackers Hijack Routers to Steal Credentials, UK Security Agency Warns

Infosecurity Magazine • Apr 07, 2026

HIGH

Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting

Dark Reading • Apr 03, 2026

HIGH

How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM

Snyk • Mar 24, 2026

CRITICAL

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

CSO Online • Mar 27, 2026

CRITICAL

How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM

Reddit r/netsec • Mar 24, 2026

HIGH

Experts warn of a ‘loud and aggressive’ extortion wave following Trivy hack

CyberScoop • Mar 24, 2026

MEDIUM

Offensive Cases about Credential Guard & Detection Strategies

Reddit r/netsec • Mar 17, 2026

MEDIUM

Undetected Discord Malware

The PC Security Channel • Mar 11, 2026

HIGH

Refund scam impersonates Avast to harvest credit card details

Malwarebytes Labs • Feb 24, 2026

CRITICAL

Russian group uses AI to exploit weakly-protected Fortinet firewalls, says Amazon

CSO Online • Feb 24, 2026

HIGH

Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls

Infosecurity Magazine • Feb 23, 2026

MEDIUM

Arkanix Stealer pops up as short-lived AI info-stealer experiment

BleepingComputer • Feb 22, 2026

MEDIUM

Ex-Google engineers charged with orchestrating high-tech secrets extraction

Help Net Security • Feb 20, 2026

HIGH

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Malwarebytes Labs • Feb 20, 2026

HIGH

“ZeroDayRAT” Emergence Signals Advanced Mobile Spyware Threats

Zimperium • Feb 19, 2026

MEDIUM

New 'Massiv' Android banking malware poses as an IPTV app

BleepingComputer • Feb 19, 2026

CRITICAL

Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot

Dark Reading • Feb 18, 2026

CRITICAL

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

The Hacker News • Feb 18, 2026

MEDIUM

Infostealer Targets OpenClaw to Loot Victim’s Digital Life

Infosecurity Magazine • Feb 17, 2026

MEDIUM

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

The Hacker News • Feb 16, 2026

MEDIUM

Infostealer malware found stealing OpenClaw secrets for first time

BleepingComputer • Feb 16, 2026

HIGH

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft

The Hacker News • Feb 16, 2026

HIGH

VoidLink: The Cloud-Native Malware Framework

Web Discovery • Feb 11, 2026

HIGH

Android, iOS device compromise threatened by new ZeroDayRAT spyware

Web Discovery • Feb 10, 2026

HIGH

ZeroDayRAT spyware grants attackers total access to mobile devices

Web Discovery • Feb 10, 2026

HIGH

“ZeroDayRAT” Spyware Targets Android and iOS, Enables Remote Control, Camera and Microphone Access, and OTP Interception - Thailand Computer Emergency Response Team (ThaiCERT)

Web Discovery • Feb 10, 2026

CRITICAL

Multiple Researchers Confirm Active Exploitation of SolarWinds Web Help Desk Instances - RH-ISAC

Web Discovery • Feb 09, 2026

HIGH

North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms

Infosecurity Magazine • Feb 11, 2026

MEDIUM

North Korean hackers use new macOS malware in crypto-theft attacks

BleepingComputer • Feb 10, 2026

CRITICAL

SolarWinds Web Help Desk Exploitation - February 2026

Elastic Security Labs • Feb 10, 2026

MEDIUM

AVEVA PI to CONNECT Agent

CISA All Advisories • Feb 10, 2026

HIGH

ZeroDayRAT malware grants full access to Android, iOS devices

BleepingComputer • Feb 10, 2026

MEDIUM

VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code

Infosecurity Magazine • Feb 09, 2026

CRITICAL

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

The Hacker News • Feb 09, 2026

HIGH

CVE-2026-2103 - Infor Syteline ERP - Keys Included: No Assembly Required

Reddit r/netsec • Feb 09, 2026

CRITICAL

Recent SolarWinds Flaws Potentially Exploited as Zero-Days

SecurityWeek • Feb 09, 2026

CRITICAL

Russian hackers exploited a critical Office bug within days of disclosure

CSO Online • Feb 04, 2026

HIGH

New GlassWorm attack targets macOS via compromised OpenVSX extensions

BleepingComputer • Feb 02, 2026

CRITICAL

149 Million Usernames and Passwords Exposed by Unsecured Database

Wired Security • Jan 23, 2026

CRITICAL

CVE-2025-59102: The web server of the Access Manager offers a functionality to download a backup of the local databa...

NIST NVD • Jan 26, 2026

CRITICAL

CVE-2025-59098: The Access Manager is offering a trace functionality to debug errors and issues with the device. The...

NIST NVD • Jan 26, 2026

HIGH

CVE-2025-59093: Exos 9300 instances are using a randomly generated database password to connect to the configured MS...

NIST NVD • Jan 26, 2026