Show Notes - 2026-05-17
Stories Covered
- Today:
- Funnel Builder Plugin Skimming Campaign (Active Exploitation) [Critical Alerts]
- NGINX Heap Overflow (CVE-2026-42945) [Critical Alerts]
- Azure Kubernetes Privilege Escalation (Silent Fix) [Business & Infrastructure Threats]
- BlackFile Vishing Extortion Campaign (UNC6671) [Business & Infrastructure Threats]
- Grafana GitHub Token Compromise and Extortion [Ransomware & Extortion]
- Instructure-ShinyHunters Payment Debate [Ransomware & Extortion]
- Illuminate Education Data Breach Lawsuit [Ransomware & Extortion]
- Russian Kazuar Backdoor Evolves to P2P Botnet [General Security News]
- Medicare Fraud Using Stolen Patient Records [General Security News]
- CVE-2026-46483 (Vim Command Injection) [Vulnerability Disclosures]
- CVE-2026-44283 (etcd RBAC Bypass) [Vulnerability Disclosures]
- CVE-2026-8368 (Perl LWP::UserAgent Header Leak) [Vulnerability Disclosures]
- CVE-2026-8328 (Perl FTP PASV SSRF) [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-42945, CVE-2026-44283, CVE-2026-46483, CVE-2026-8328, CVE-2026-8368
Indicators of Compromise
Domains:
protect-wss[.]com
IP Addresses:
3.15.0.3
Fler avsnitt av Cyber Threat Brief
Visa alla avsnitt av Cyber Threat BriefCyber Threat Brief med Carolina Clear Tech, LLC finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
