Show Notes - 2026-05-19
Stories Covered
- Today:
- Microsoft Exchange Zero-Day Under Attack (CVE-2026-42897) [Critical Alerts]
- Cisco SD-WAN Controller Under Exploitation (CVE-2026-20182) [Critical Alerts]
- Ivanti Xtraction RCE (CVE-2026-8043) [Critical Alerts]
- TeamPCP Supply Chain Campaign Reaches Peak Intensity [Ransomware & Extortion]
- CISA Contractor Leaked AWS GovCloud Keys on GitHub [Business & Infrastructure Threats]
- Threat Actors Disabling Antivirus and EDR [Business & Infrastructure Threats]
- Developer Workstations Are Part of the Software Supply Chain [Business & Infrastructure Threats]
- Storm-2949 Turned Compromised Identity into Cloud-Wide Breach [Windows / AD Security]
- BitLocker Zero-Day Exploit (YellowKey) [Windows / AD Security]
- macOS Stealer SHub Reaper Spoofs Apple, Google, and Microsoft [General Security News]
- Microsoft Security Focus on Small Business [General Security News]
- Fortinet Critical RCE Vulnerabilities [Vulnerability Disclosures]
- SAP Critical SQL Injection and Authentication Bypass [Vulnerability Disclosures]
- VMware Fusion Privilege Escalation (CVE-2026-41702) [Vulnerability Disclosures]
- n8n Critical Prototype Pollution and RCE [Vulnerability Disclosures]
- Azure Local Disconnected Operations Privilege Escalation (CVE-2026-42822) [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-20127, CVE-2026-20182, CVE-2026-26083, CVE-2026-34260, CVE-2026-34263, CVE-2026-41702, CVE-2026-42231, CVE-2026-42232, CVE-2026-42822, CVE-2026-42897, CVE-2026-44277, CVE-2026-44791, CVE-2026-45321, CVE-2026-8043
Indicators of Compromise
Domains:
m-kosche[.]com, mlcrosoft[.]co
Fler avsnitt av Cyber Threat Brief
Visa alla avsnitt av Cyber Threat BriefCyber Threat Brief med Carolina Clear Tech, LLC finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
