LIVE NEWSROOM · --:-- · May 26, 2026
A LIBRARY FOR SECURITY RESEARCHERS

Threat intel,
decoded &
skills sharpened.

Daily breach reporting, CVE deep-dives, and hands-on hacking tutorials — written by practitioners for the analysts, defenders, and learners who actually do the work.

Read today’s intel Start learning
311+ARTICLES PUBLISHED
DailyTHREAT UPDATES
2021TRUSTED SINCE
BREAKING

NEWS · May 26, 2026 · 8 MIN READ

Nimbus Manticore Deploys MiniFast and MiniJunk V2 via SEO Poisoning

Nimbus Manticore (UNC1549) targets aviation and defense sectors using MiniFast and MiniJunk V2 malware delivered via phishing and SEO poisoning campaigns.

EXPLORENews 173Blog 76THM Walkthrough 28Information Gathering 13Tools 11Scanning Network 6Programming 6Cryptography 4

Latest News

View all →

Nimbus Manticore Deploys MiniFast and MiniJunk V2 via SEO Poisoning

Medium·May 26, 2026·8 min readNimbus Manticore (UNC1549) targets aviation and defense sectors using MiniFast and MiniJunk V2 malware delivered via phishing and SEO poisoning campaigns.

Google GTIG: Chinese-Language PhaaS Ecosystem Rivals Russian Underground in Credential Theft Scale

Medium·May 26, 2026·7 min readGoogle's Threat Intelligence Group analyzed a dozen Chinese-language phishing-as-a-service platforms now matching Russian PhaaS in sophistication…

Anthropic Mythos Finds 23,000 Vulnerabilities in 1,000 OSS Projects — Patching Bottleneck Grows

Medium·May 26, 2026·7 min readAnthropic's Mythos AI security scanner has identified over 23,000 potential vulnerabilities across 1,000 open-source projects under Project Glasswing…

Underminr: DNS Bypass Flaw Lets Attackers Hide C2 Traffic Behind 88M Trusted Domains

Medium·May 26, 2026·8 min readThe Underminr vulnerability exploits SNI mismatches in shared CDN infrastructure to hide C2 connections behind trusted domains, bypassing DNS filtering on…

Project Glasswing: Claude Mythos AI Finds 10,000 Critical Flaws in Widely Used Software

Critical·May 26, 2026·8 min readAnthropic's Project Glasswing reports Claude Mythos AI found 10,000+ high/critical vulnerabilities in 1,000+ open-source projects in its first month, with…

CVE-2026-48172: LiteSpeed cPanel Plugin 0-Day Grants Root Access, Actively Exploited

High·May 26, 2026·9 min readCVE-2026-48172 is a CVSS 10.0 privilege escalation in LiteSpeed's cPanel plugin actively exploited to gain root. Patch to v2.4.7 immediately.

MiniPlasma Zero-Day: Unpatched CVE-2020-17103 Still Grants SYSTEM on Windows 11

Critical·May 26, 2026·7 min readMiniPlasma exploit revives CVE-2020-17103 in Windows cldflt.sys, granting SYSTEM access on fully patched Windows 10, 11, Server 2022/2025.

Drupal CVE-2026-9082: Highly Critical SQL Injection Flaw Actively Exploited in the Wild

Critical·May 26, 2026·1 views·7 min readCVE-2026-9082 is a highly critical SQL injection in Drupal core affecting PostgreSQL databases. PoC published; active exploitation confirmed.

Research Work

All guides →

NDR vs SIEM: Solving Enterprise SOC Alert Fatigue in 2026

Medium·10 min

Insider Threat Credential Selling: A Detection Program for SOC Teams

Medium·1·15 min

SOC 2 Type II Compliance Checklist for SaaS Companies: 2026 Audit Guide

Medium·1·15 min

PyTorch Lightning PyPI Backdoor: ML Supply Chain Audit and Credential Stealer Detection

High·1·12 min

Dual Ransomware Gang Attack: When ShinyHunters and Qilin Hit the Same Enterprise

High·13 min

Adversary-in-the-Middle Phishing MFA Bypass: Detecting the 35,000-User Microsoft 365 Campaign

High·13 min

Iran UAE Cyberattacks Triple: APT34, Mint Sandstorm, and the Critical Infrastructure Defense Playbook

Critical·1·13 min

Port Scanning Techniques: Nmap, Zenmap, and Scanning Through Firewalls

Medium·17 min

Oracle Monthly Critical Security Patch Updates (CSPU) Guide: Runbook Changes and Verification Automation

Critical·11 min

SHA-1 Algorithm Explained: How It Works, Step by Step

Medium·15 min

Trending This Week

  1. 01What is Information GatheringInformation Gathering·Dec 9·7 min
  2. 02Best Information Gathering ToolsInformation Gathering·Dec 13·12 min
  3. 03How to install knockpy on Linux for information gatheringTools·Dec 13·5 min

Popular Tags

Browse by topic · auto-updates daily
#network 32#patch 30#ethical hacking 30#supply chain 27#tool 26#linux 26#thm walkthrough 24#ip address 22#walkthrough 22#RCE 22#footprinting 20#Passive Information Gathering 19#credential theft 19#malware 18#phishing 18#data breach 15#AI security 14#information gathering 13#ransomware 13#zero-day 13#network 32#patch 30#ethical hacking 30#supply chain 27#tool 26#linux 26#thm walkthrough 24#ip address 22#walkthrough 22#RCE 22#footprinting 20#Passive Information Gathering 19#credential theft 19#malware 18#phishing 18#data breach 15#AI security 14#information gathering 13#ransomware 13#zero-day 13
#critical infrastructure 12#CISA 10#ShinyHunters 10#exploit 10#threat intelligence 8#security news 8#backdoor 8#nmap 7#threat-intelligence 7#Google 7#network security 7#extortion 7#malware analysis 7#THM 7#vulnerability research 6#OT security 6#programming 6#supply chain attack 6#infostealer 6#ICS 6#critical infrastructure 12#CISA 10#ShinyHunters 10#exploit 10#threat intelligence 8#security news 8#backdoor 8#nmap 7#threat-intelligence 7#Google 7#network security 7#extortion 7#malware analysis 7#THM 7#vulnerability research 6#OT security 6#programming 6#supply chain attack 6#infostealer 6#ICS 6

    Actively exploited · CISA KEV

    Recently added to the KEV catalog

    VIEW FULL CATALOG →
    CVE-2026-9082

    Drupal Core SQL Injection Vulnerability

    Drupal Core

    added 2026-05-22 · due 2026-05-27
    CVE-2025-34291

    Langflow Origin Validation Error Vulnerability

    Langflow Langflow

    added 2026-05-21 · due 2026-06-04
    CVE-2026-34926

    Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability

    Trend Micro Apex One

    added 2026-05-21 · due 2026-06-04
    CVE-2008-4250

    Microsoft Windows Buffer Overflow Vulnerability

    Microsoft Windows

    added 2026-05-20 · due 2026-06-03
    CVE-2009-1537

    Microsoft DirectX NULL Byte Overwrite Vulnerability

    Microsoft DirectX

    added 2026-05-20 · due 2026-06-03
    CVE-2009-3459

    Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability

    Adobe Acrobat and Reader

    added 2026-05-20 · due 2026-06-03
    CVE-2010-0249

    Microsoft Internet Explorer Use-After-Free Vulnerability

    Microsoft Internet Explorer

    added 2026-05-20 · due 2026-06-03
    CVE-2010-0806

    Microsoft Internet Explorer Use-After-Free Vulnerability

    Microsoft Internet Explorer

    added 2026-05-20 · due 2026-06-03

    Sponsored
    Scroll to Top
    Ad