Show Notes - 2026-05-02
Stories Covered
- May 2, 2026
- Today:
- CVE-2026-31431: Linux Kernel Copy Fail Privilege Escalation (CISA KEV) [Critical Alerts]
- CVE-2026-41940: Critical cPanel Remote Code Execution Under Active Exploitation [Critical Alerts]
- Two Cybersecurity Professionals Sentenced for BlackCat Ransomware Deployment [Ransomware & Extortion]
- Cordial Spider and Snarky Spider: Rapid SaaS Extortion Through Vishing and SSO Abuse [Ransomware & Extortion]
- New York DFS Secures $2.25 Million Settlement from Delta Dental Over MOVEit Breach [Ransomware & Extortion]
- ClickFix Campaign Delivers CastleLoader and NetSupportRAT via Fake Background Removal Sites [IOCs & Detection]
- MacSync Stealer Distributed Through Malicious Homebrew Ads [IOCs & Detection]
- 30,000 Facebook Accounts Compromised in Vietnamese Google AppSheet Phishing Operation [Business & Infrastructure Threats]
- China-Aligned Espionage Campaign Targets Asian Governments, NATO Member, Journalists [Business & Infrastructure Threats]
- Instructure (Canvas LMS) Discloses Cybersecurity Incident [Business & Infrastructure Threats]
- Trellix Confirms Source Code Breach With Unauthorized Repository Access [Business & Infrastructure Threats]
- AI Coding Agents Deleting Production Databases [Business & Infrastructure Threats]
- Microsoft Agent 365 Now Generally Available for Agent Security and Governance [Windows / AD Security]
- Microsoft Allows Dynamic Removal of Pre-Installed Store Apps via GPO [Windows / AD Security]
- Microsoft Fixes Remote Desktop Security Warning Display Bug [Windows / AD Security]
- CISA and International Partners Release Agentic AI Security Guidance [General Security News]
- UK NCSC Warns of AI-Driven Patch Tsunami [General Security News]
- OpenAI Restricts GPT-5.5-Cyber Access After Criticizing Anthropic for Same Approach [General Security News]
- Social Engineering Evolves Beyond Traditional Phishing [General Security News]
- 15-Year-Old Detained Over French Government Agency Data Breach [General Security News]
- Cisco Releases Open Source Model Provenance Kit [General Security News]
- CVE-2026-4948: Firewalld D-Bus Authorization Bypass [Vulnerability Disclosures]
- CVE-2026-28532: FRRouting Integer Overflow in OSPF TLV Parser [Vulnerability Disclosures]
- CVE-2025-55182: React2Shell Vulnerability Used by China-Aligned Espionage Group [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-55182, CVE-2026-28532, CVE-2026-31431, CVE-2026-41940, CVE-2026-4948
Indicators of Compromise
Domains:
cheeshomireciple[.]com, trindastal[.]com, google[.]com, glowmedaesthetics[.]com, glowmedaesthetics[.]com.
Hashes:
a4fcfecc5ac8fa57614b23928a0e9b7aa4f4a3b2b3a8c1772487b46277125571, 0d58616c750fc8530a7e90eee18398ddedd08cc0f4908c863ab650673b9819dd, 86d0c50cab4f394c58976c44d6d7b67a7dfbbb813fbcf622236e183d94fd944f
Fler avsnitt av Cyber Threat Brief
Visa alla avsnitt av Cyber Threat BriefCyber Threat Brief med Carolina Clear Tech, LLC finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
