LIVE NEWSROOM · --:-- · May 24, 2026
A LIBRARY FOR SECURITY RESEARCHERS

Threat intel,
decoded &
skills sharpened.

Daily breach reporting, CVE deep-dives, and hands-on hacking tutorials — written by practitioners for the analysts, defenders, and learners who actually do the work.

Read today’s intel Start learning
288+ARTICLES PUBLISHED
DailyTHREAT UPDATES
2021TRUSTED SINCE
BREAKING

NEWS · May 24, 2026 · 7 MIN READ

CISA Contractor Leaked AWS GovCloud Keys on GitHub for Six Months

A Nightwing contractor exposed CISA's AWS GovCloud credentials and internal system keys on a public GitHub repo for six months. Congress is demanding answers.

EXPLORENews 157Blog 69THM Walkthrough 28Information Gathering 13Tools 11Scanning Network 6Programming 6Cryptography 4

Latest News

View all →

CISA Contractor Leaked AWS GovCloud Keys on GitHub for Six Months

High·May 24, 2026·685 views·7 min readA Nightwing contractor exposed CISA's AWS GovCloud credentials and internal system keys on a public GitHub repo for six months. Congress is demanding answers.

Ghostwriter Deploys Prometheus Phishing Lures Against Ukraine Government Entities

High·May 24, 2026·1.9k views·7 min readBelarus-aligned APT Ghostwriter (UAC-0057) is targeting Ukrainian government with Prometheus-themed phishing delivering the OYSTERFRESH/OYSTERBLUES malware chain.

Screening Serpens: Iranian APT Fuses AppDomainManager Hijacking with New RATs in 2026 Espionage Campaign

High·May 24, 2026·2.2k views·8 min readIran-aligned Screening Serpens is using AppDomainManager hijacking and new RAT variants — MiniJunk and MiniUpdate — to target technology and defence sectors across five countries.

CVE-2026-9082: Critical Drupal SQL Injection Under Attack on Thousands of Sites

Critical·May 24, 2026·1.4k views·8 min readCVE-2026-9082 is an unauthenticated SQL injection in Drupal Core affecting PostgreSQL deployments across versions 8.9–11.3. Patches are available; thousands of sites are under active attack.

CVE-2026-20182: Cisco Catalyst SD-WAN CVSS 10.0 Auth Bypass Actively Exploited

Critical·May 24, 2026·4.0k views·7 min readCVE-2026-20182 (CVSS 10.0 Critical) is a Cisco Catalyst SD-WAN Controller auth bypass exploited by UAT-8616. Metasploit module available. CISA KEV-listed. Patch immediately.

Kali365 PhaaS Kit Bypasses Microsoft 365 MFA via Device Code Phishing — FBI Warning

High·May 24, 2026·1.3k views·7 min readFBI warns Kali365 PhaaS kit steals Microsoft 365 OAuth tokens, bypassing MFA. Hundreds of orgs compromised daily. Arctic Wolf and Proofpoint research details and IOCs.

Megalodon: Supply Chain Attack Backdoors 5,561 GitHub Repos in Six Hours via CI/CD Workflow Injection

High·May 23, 2026·3.5k views·8 min readMegalodon supply chain attack compromised 5,561 GitHub repos in 6 hours on May 18, injecting malicious CI/CD workflows that steal AWS, GCP, Azure keys and SSH secrets.

Stolen Gemini API Keys and AI Fraud: How 'Quantum Patriot' Drained Crypto Wallets via Fake QAnon Content

High·May 23, 2026·4.1k views·8 min readA Russian-speaking fraudster used 73 stolen Gemini API keys and an automated Python pipeline to generate fake QAnon content, distribute wallet-draining malware, and compromise 29 WordPress sites.

Research Work

All guides →

Port Scanning Techniques: Nmap, Zenmap, and Scanning Through Firewalls

Medium·5.0k·17 min

Oracle Monthly Critical Security Patch Updates (CSPU) Guide: Runbook Changes and Verification Automation

Critical·3.0k·11 min

SHA-1 Algorithm Explained: How It Works, Step by Step

Medium·3.3k·15 min

VENOMOUS#HELPER RMM Detection: Stop SimpleHelp and ScreenConnect Backdoors

High·609·12 min

SCA Tool EOL Dependency CVE Blind Spot Detection: What Snyk and Dependabot Miss

Medium·3.6k·11 min

UAT-8302 China APT Malware Analysis: Shared Implants, IOCs, and Detection Rules

High·3.0k·16 min

PRC State-Sponsored Telecom Router Compromise Detection: CISA AA25-239a Breakdown

Medium·3.6k·15 min

North Korea Cryptocurrency Theft Tactics 2026: How DPRK Seized 76% of All Stolen Crypto

Medium·4.1k·12 min

Ruby Gem Supply Chain Attack Detection: CI Checklist for Sleeper Packages

Medium·3.5k·13 min

npm Supply Chain Attack Audit: Detect Mini Shai-Hulud in SAP, PyTorch Lightning, and Intercom Dependencies

Medium·1.9k·16 min

Trending This Week

  1. 01What is Information GatheringInformation Gathering·Dec 9·7 min
  2. 02Best Information Gathering ToolsInformation Gathering·Dec 13·12 min
  3. 03How to install knockpy on Linux for information gatheringTools·Dec 13·5 min

Popular Tags

Browse by topic · auto-updates daily
#network 32#ethical hacking 30#supply chain 27#tool 26#linux 26#patch 25#thm walkthrough 24#walkthrough 22#ip address 22#footprinting 20#credential theft 19#Passive Information Gathering 19#RCE 17#malware 17#phishing 16#data breach 15#information gathering 13#AI security 13#ransomware 12#zero-day 11#network 32#ethical hacking 30#supply chain 27#tool 26#linux 26#patch 25#thm walkthrough 24#walkthrough 22#ip address 22#footprinting 20#credential theft 19#Passive Information Gathering 19#RCE 17#malware 17#phishing 16#data breach 15#information gathering 13#AI security 13#ransomware 12#zero-day 11
#CISA 11#critical infrastructure 11#ShinyHunters 9#security news 8#exploit 8#threat intelligence 8#ICS 7#Google 7#malware analysis 7#extortion 7#backdoor 7#nmap 7#THM 7#network security 7#infostealer 6#supply chain attack 6#OT security 6#programming 6#Android 5#vulnerability research 5#CISA 11#critical infrastructure 11#ShinyHunters 9#security news 8#exploit 8#threat intelligence 8#ICS 7#Google 7#malware analysis 7#extortion 7#backdoor 7#nmap 7#THM 7#network security 7#infostealer 6#supply chain attack 6#OT security 6#programming 6#Android 5#vulnerability research 5

    Actively exploited · CISA KEV

    Recently added to the KEV catalog

    VIEW FULL CATALOG →
    CVE-2026-9082

    Drupal Core SQL Injection Vulnerability

    Drupal Core

    added 2026-05-22 · due 2026-05-27
    CVE-2025-34291

    Langflow Origin Validation Error Vulnerability

    Langflow Langflow

    added 2026-05-21 · due 2026-06-04
    CVE-2026-34926

    Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability

    Trend Micro Apex One

    added 2026-05-21 · due 2026-06-04
    CVE-2008-4250

    Microsoft Windows Buffer Overflow Vulnerability

    Microsoft Windows

    added 2026-05-20 · due 2026-06-03
    CVE-2009-1537

    Microsoft DirectX NULL Byte Overwrite Vulnerability

    Microsoft DirectX

    added 2026-05-20 · due 2026-06-03
    CVE-2009-3459

    Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability

    Adobe Acrobat and Reader

    added 2026-05-20 · due 2026-06-03
    CVE-2010-0249

    Microsoft Internet Explorer Use-After-Free Vulnerability

    Microsoft Internet Explorer

    added 2026-05-20 · due 2026-06-03
    CVE-2010-0806

    Microsoft Internet Explorer Use-After-Free Vulnerability

    Microsoft Internet Explorer

    added 2026-05-20 · due 2026-06-03

    Sponsored
    Scroll to Top
    Ad