ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories This week starts small.A token leaks. A bad package slips in. A login trick works. An old tool shows... 2026-5-21 11:52:14 | 阅读: 36 | 收藏 | The Hacker News - thehackernews.com 2026 security malicious github microsoft

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities Endpoint Security / VulnerabilityMicrosoft has disclosed that a privilege escalation and a denial-... 2026-5-21 10:55:57 | 阅读: 29 | 收藏 | The Hacker News - thehackernews.com microsoft defender attackers remote 2026

When Identity is the Attack Path Identity Security / AI SecurityConsider a cached access key on a single Windows machine. It got th... 2026-5-21 10:30:0 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com attacker cloud security exposures exposure

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remain... 2026-5-21 07:35:53 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com rds ssh qualys zerocopy zcopy

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension Supply Chain Attack / Developer ToolsGitHub on Wednesday officially confirmed that the breach of i... 2026-5-21 04:27:1 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com github security nx developer teampcp

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks Web Security / VulnerabilityDrupal has released security updates for a "highly critical" security... 2026-5-21 03:44:11 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com drupal security unsupported exploited remote

Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development Artificial Intelligence / Security TestingMicrosoft has unveiled two new open-source tools called... 2026-5-20 17:6:54 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com security microsoft rampart developers clarity

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weap... 2026-5-20 14:36:44 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com microsoft tempest fox ransomware malicious

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as We... 2026-5-20 12:51:43 | 阅读: 30 | 收藏 | The Hacker News - thehackernews.com webworm backdoors echocreep c2 proxy

Agent AI is Coming. Are You Ready? Identity Security / Enterprise SecurityNew Industry Data Just Released Suggests Not.On May 19th... 2026-5-20 11:58:0 | 阅读: 22 | 收藏 | The Hacker News - thehackernews.com agents security gap unseen unmanaged

Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem AI-generated lookalike domains are now embedded inside the third-party scripts running on your web... 2026-5-20 10:30:0 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com malicious chrome silently behavioral approved

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit Vulnerability / EncryptionMicrosoft on Tuesday released a mitigation for a BitLocker bypass vulner... 2026-5-20 08:28:26 | 阅读: 45 | 收藏 | The Hacker News - thehackernews.com windows bitlocker tpm winre yellowkey

Grafana GitHub Breach Exposes Source Code via TanStack npm Attack Supply Chain Attack / Cloud SecurityGrafana Labs, on May 19, 2026, said an investigation into its... 2026-5-20 05:12:6 | 阅读: 36 | 收藏 | The Hacker News - thehackernews.com github 2026 cloud extortion teampcp

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after th... 2026-5-20 04:1:15 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com github payload teampcp propagates attacker

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps Malvertising / Mobile SecurityCybersecurity researchers have disclosed details of a new ad fraud a... 2026-5-19 16:38:12 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com trapdoor malicious owned stage

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in t... 2026-5-19 14:56:26 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com 2026 security upstream rxgk killswitch

The New Phishing Click: How OAuth Consent Bypasses MFA In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five... 2026-5-19 11:30:0 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com phishing grants security bridges scoped

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare Vulnerability / Website SecurityDrupal has issued an alert stating that it intends to release a "c... 2026-5-19 10:44:45 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com drupal security addressed advised exclusive

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access Vulnerability / Email SecurityCritical security vulnerabilities have been disclosed in SEPPMail Se... 2026-5-19 09:23:15 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com 2026 remote seppmail attackers appliance

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer Supply Chain Attack / Developer SecurityCybersecurity researchers have flagged a compromised versi... 2026-5-19 07:49:23 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com nx developer github malicious stealer