Show Notes - 2026-05-16
Stories Covered
- 2026-05-16
- Today:
- Cisco SD-WAN Authentication Bypass Zero-Day (CVE-2026-20182) [Critical Alerts]
- Microsoft Exchange Server Zero-Day (CVE-2026-42897) [Critical Alerts]
- BlackFile (UNC6671) Targets Microsoft 365 and Okta via Vishing [Ransomware & Extortion]
- node-ipc npm Package Compromised with Credential Stealer [Business & Infrastructure Threats]
- OpenClaw Vulnerabilities Allow Data Theft and Privilege Escalation [Business & Infrastructure Threats]
- TanStack Supply Chain Attack Hits OpenAI [Business & Infrastructure Threats]
- Pwn2Own Berlin 2026: Microsoft Exchange, Windows 11 Hacked [Business & Infrastructure Threats]
- REMUS Infostealer Malware-as-a-Service Operation [General Security News]
- AI Agents Used to Discover and Exploit Zero-Days [General Security News]
- Microsoft Edge to Stop Loading Passwords into Memory on Startup [General Security News]
- WordPress Avada Builder Plugin Flaws [Vulnerability Disclosures]
- WordPress Funnel Builder Plugin Exploited for Credit Card Theft [Vulnerability Disclosures]
- PostgreSQL Multiple Vulnerabilities [Vulnerability Disclosures]
- Additional CVEs [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-20122, CVE-2026-20127, CVE-2026-20128, CVE-2026-20133, CVE-2026-20182, CVE-2026-40460, CVE-2026-42897, CVE-2026-43490, CVE-2026-44112, CVE-2026-44113, CVE-2026-44115, CVE-2026-44118, CVE-2026-44431, CVE-2026-44662, CVE-2026-44673, CVE-2026-46333, CVE-2026-4782, CVE-2026-4798, CVE-2026-6472, CVE-2026-6473, CVE-2026-6474, CVE-2026-6475, CVE-2026-6477, CVE-2026-6478, CVE-2026-6479, CVE-2026-6637, CVE-2026-6638
Indicators of Compromise
Domains:
enrollms[.]com, passkeyms[.]com, setupsso[.]com, setupsso[.]com., sh[.]azurestaticprovider, bt[.]node, azurestaticprovider[.]net, node[.]js, analytics-reports[.]com, protect-wss[.]com
IP Addresses:
3.15.0.3
Fler avsnitt av Cyber Threat Brief
Visa alla avsnitt av Cyber Threat BriefCyber Threat Brief med Carolina Clear Tech, LLC finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
