Show Notes - 2026-05-30
Stories Covered
- Today:
- Gogs Zero-Day Exposes Servers to Remote Code Execution (CVE-2025-8110) [Critical Alerts]
- PAN-OS GlobalProtect Authentication Bypass Under Active Exploitation (CVE-2026-0257) [Critical Alerts]
- Marimo Post-Exploitation via LLM Agent (CVE-2026-39987) [Critical Alerts]
- Silent Ransom Group Escalates to Physical Intrusions [Ransomware & Extortion]
- Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Campaigns [Ransomware & Extortion]
- The Com Criminal Collective Funds Violence via Cybercrime [Ransomware & Extortion]
- Malicious npm Packages Abuse Dependency Confusion to Profile Environments [Business & Infrastructure Threats]
- Malicious Sicoob NuGet Package Steals Brazilian Banking Credentials [Business & Infrastructure Threats]
- 14 Malicious npm Packages Target AWS and CI/CD Secrets [Business & Infrastructure Threats]
- TrapDoor Supply Chain Campaign Hits 176 npm Packages [Business & Infrastructure Threats]
- ChatGPT Share Links Abused for Malware Distribution [Business & Infrastructure Threats]
- Shadow AI: 2,000+ Vibe-Coded Apps Exposed Corporate Data [Business & Infrastructure Threats]
- Zapier Nearly Compromised via Multi-Step Exploit Chain [Business & Infrastructure Threats]
- Dutch Authorities Disrupt 17 Million Device Botnet [General Security News]
- Stark Industries Hosting Network Dismantled [General Security News]
- Google Chrome Rolls Out Device Bound Session Credentials [General Security News]
- California AG Sues 23andMe Over 2023 Breach [General Security News]
- DDoS-as-a-Service Market Evolves from Scripts to Polished Products [General Security News]
- Chrome 148 Patches 151 Vulnerabilities [Vulnerability Disclosures]
- VS Code Remote SSH Extension Vulnerability [Vulnerability Disclosures]
- Veeam, Notepad++, Roundcube Patches [Vulnerability Disclosures]
- CISA Expands KEV Catalog with Supply Chain Attack CVEs [Vulnerability Disclosures]
- ChatGPhish Vulnerability in ChatGPT Web Summaries [Vulnerability Disclosures]
- SymJack and TrustFall: AI Coding Agent Attacks [Vulnerability Disclosures]
- CIFSwitch: Linux Local Root Vulnerability [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-8110, CVE-2026-0257, CVE-2026-39987, CVE-2026-9872, CVE-2026-9873, CVE-2026-9874, CVE-2026-9875, CVE-2026-9876
Indicators of Compromise
Domains:
openew[.]app
Fler avsnitt av Cyber Threat Brief
Visa alla avsnitt av Cyber Threat BriefCyber Threat Brief med Carolina Clear Tech, LLC finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
