Show Notes - 2026-05-23
Stories Covered
- Today:
- Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV (CVE-2026-9082) [Critical Alerts]
- Trend Micro Apex One Zero-Day Exploited in the Wild (CVE-2026-34926) [Critical Alerts]
- LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root [Critical Alerts]
- FBI Warns About Fast-Growing Phishing Kit Targeting Microsoft 365 Users (Kali365) [Business & Infrastructure Threats]
- First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups [Business & Infrastructure Threats]
- Four-Faith Industrial Router Vulnerability Exploited by Botnets (CVE-2024-9643) [Business & Infrastructure Threats]
- Multi-Stage Linux Intrusion via F5 and Confluence Edge Appliance Compromise [Business & Infrastructure Threats]
- Iranian Hackers Suspected in US Gas Station Tank Monitor Breaches [Business & Infrastructure Threats]
- CISA Contractor Exposes Credentials on Public GitHub Repository [Business & Infrastructure Threats]
- Hugging Face Hiding Second-Stage Malware for npm Supply Chain Attack [Business & Infrastructure Threats]
- New macOS Stealer Variant Masquerades as Apple, Google & Microsoft (Reaper) [General Security News]
- Interpol Operation Ramz Rounds Up 200+ Cybercrime Suspects Across Middle East and North Africa [General Security News]
- Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks [General Security News]
- CVE-2026-41091 (CISA-KEV, EPSS 0.066, 91st percentile) [Vulnerability Disclosures]
- CVE-2026-45401 (EPSS 0.000, 12th percentile) [Vulnerability Disclosures]
- CVE-2025-14575 (Qt Network OpenSSL TLS backend, EPSS 0.000, 1st percentile) [Vulnerability Disclosures]
- CVE-2026-3593 (BIND 9 DNS-over-HTTPS, EPSS 0.000, 5th percentile) [Vulnerability Disclosures]
- CVE-2026-42009 (GnuTLS DTLS, EPSS 0.001, 31st percentile) [Vulnerability Disclosures]
- CVE-2026-3039 (BIND 9, EPSS 0.001, 16th percentile) [Vulnerability Disclosures]
- CVE-2026-3592 (BIND 9, EPSS 0.000, 4th percentile) [Vulnerability Disclosures]
- CVE-2026-5946 (BIND 9, EPSS 0.000, 11th percentile) [Vulnerability Disclosures]
- CVE-2026-5950 (BIND 9, EPSS 0.001, 21st percentile) [Vulnerability Disclosures]
- CVE-2026-41054 (haveged, EPSS 0.000, 0th percentile) [Vulnerability Disclosures]
- CVE-2026-8723 (qs.stringify, EPSS 0.000, 14th percentile) [Vulnerability Disclosures]
- CVE-2026-5947 (BIND 9, EPSS 0.000, 6th percentile) [Vulnerability Disclosures]
- CVE-2026-8711 (NGINX JavaScript, EPSS 0.002, 47th percentile) [Vulnerability Disclosures]
- CVE-2025-51480 (ONNX 1.17.0, EPSS 0.004, 59th percentile) [Vulnerability Disclosures]
- CVE-2023-6606 (Linux kernel SMB, EPSS 0.000, 1st percentile) [Vulnerability Disclosures]
- CVE-2025-39932 (Linux SMB client, EPSS 0.000, 2nd percentile) [Vulnerability Disclosures]
- Multiple Linux kernel CVEs [Vulnerability Disclosures]
CVEs Referenced
CVE-2022-40139, CVE-2023-41179, CVE-2023-6606, CVE-2024-9643, CVE-2025-14575, CVE-2025-39901, CVE-2025-39905, CVE-2025-39927, CVE-2025-39932, CVE-2025-39940, CVE-2025-39990, CVE-2025-40003, CVE-2025-40064, CVE-2025-40065, CVE-2025-40074, CVE-2025-51480, CVE-2025-54948, CVE-2026-3039, CVE-2026-34926, CVE-2026-3592, CVE-2026-3593, CVE-2026-41054, CVE-2026-41091, CVE-2026-41940, CVE-2026-42009, CVE-2026-45401, CVE-2026-48172, CVE-2026-5946, CVE-2026-5947, CVE-2026-5950, CVE-2026-8711, CVE-2026-8723, CVE-2026-9082
Indicators of Compromise
IP Addresses:
5.3.1.0, 2.223.66.103, 5.181.234.59, 92.38.148.58
Fler avsnitt av Cyber Threat Brief
Visa alla avsnitt av Cyber Threat BriefCyber Threat Brief med Carolina Clear Tech, LLC finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
