LIVE NEWSROOM · --:-- · May 13, 2026
A LIBRARY FOR SECURITY RESEARCHERS

Threat intel,
decoded &
skills sharpened.

Daily breach reporting, CVE deep-dives, and hands-on hacking tutorials — written by practitioners for the analysts, defenders, and learners who actually do the work.

Read today’s intel Start learning
279+ARTICLES PUBLISHED
DailyTHREAT UPDATES
2021TRUSTED SINCE
BREAKING

NEWS · May 12, 2026 · 7 MIN READ

YARA-X 1.16.0: Faster Scans, Panic Fixes, and Neovim LSP Support

YARA-X 1.16.0 ships with performance improvements across 10 PRs, constant folding for bitwise ops, configurable match context, and two panic-condition bugfixes.
EXPLORENews 146Blog 69THM Walkthrough 28Information Gathering 13Tools 11Programming 6Scanning Network 6Cryptography 4

Latest News

View all →

YARA-X 1.16.0: Faster Scans, Panic Fixes, and Neovim LSP Support

May 12, 2026·NewsYARA-X 1.16.0 ships with performance improvements across 10 PRs, constant folding for bitwise ops, configurable match context, and two panic-condition bugfixes.

Instructure Removed from ShinyHunters' Leak Site as Canvas Breach Deadline Passes

May 12, 2026·NewsInstructure was quietly removed from ShinyHunters' extortion site after the May 12, 2026 deadline — no data dump, no explanation, no ransom confirmation.

Costa Rica Joins Have I Been Pwned as the 42nd Government

May 12, 2026·NewsCosta Rica's CSIRT gains free access to Have I Been Pwned's government domain monitoring service, becoming the 42nd nation in the global breach visibility program.

LummaC2 Infostealer Targets US Critical Infrastructure: CISA-FBI Advisory AA25-141B and DOJ Domain Seizures

May 12, 2026·NewsCISA and FBI advisory AA25-141B details LummaC2 MaaS infostealer TTPs targeting critical infrastructure. DOJ seized 2,300 domains. Detection and mitigation guide.

MacSync Stealer: Hackers Abuse Google Ads and Claude.ai Chats to Push Mac Malware

May 12, 2026·NewsRussian-speaking attackers combine Google Ads and Claude.ai shared chats in a ClickFix campaign deploying MacSync Stealer infostealer on macOS. Over 200 malicious ads active.

JDownloader Site Hacked, Installers Swapped with Python RAT Malware

May 11, 2026·NewsJDownloader's website was hacked May 6–7, 2026, replacing Windows and Linux installers with a Python-based RAT. Users who downloaded during that window should reinstall their OS.

Operation HookedWing: 4-Year Phishing Campaign Hits 500+ Organizations Across Aviation, Energy, and Logistics

May 11, 2026·NewsOperation HookedWing has stolen credentials from 500+ organizations in aviation, energy, logistics, and critical infrastructure by abusing GitHub Pages as phishing infrastructure since 2022.

Twelve Critical vm2 Node.js Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

May 11, 2026·NewsA dozen CVEs in the vm2 Node.js sandbox library — including CVSS 10.0 flaws — allow sandbox escape and RCE. Update to vm2 3.11.2 now or migrate to isolated-vm.

Research Work

All guides →

Port Scanning Techniques: Nmap, Zenmap, and Scanning Through Firewalls

May 9, 2026·17 min

Oracle Monthly Critical Security Patch Updates (CSPU) Guide: Runbook Changes and Verification Automation

May 9, 2026·11 min

SHA-1 Algorithm Explained: How It Works, Step by Step

May 8, 2026·14 min

VENOMOUS#HELPER RMM Detection: Stop SimpleHelp and ScreenConnect Backdoors

May 6, 2026·12 min

SCA Tool EOL Dependency CVE Blind Spot Detection: What Snyk and Dependabot Miss

May 6, 2026·10 min

UAT-8302 China APT Malware Analysis: Shared Implants, IOCs, and Detection Rules

May 6, 2026·16 min

PRC State-Sponsored Telecom Router Compromise Detection: CISA AA25-239a Breakdown

May 6, 2026·15 min

North Korea Cryptocurrency Theft Tactics 2026: How DPRK Seized 76% of All Stolen Crypto

May 6, 2026·11 min

Ruby Gem Supply Chain Attack Detection: CI Checklist for Sleeper Packages

May 5, 2026·12 min

npm Supply Chain Attack Audit: Detect Mini Shai-Hulud in SAP, PyTorch Lightning, and Intercom Dependencies

May 5, 2026·15 min

Trending This Week

  1. 01What is Information GatheringInformation Gathering·Dec 9·7 min
  2. 02Best Information Gathering ToolsInformation Gathering·Dec 13·12 min
  3. 03How to install knockpy on Linux for information gatheringTools·Dec 13·5 min

Popular Tags

Browse by topic · auto-updates daily
#network 32#ethical hacking 30#tool 26#linux 26#patch 24#thm walkthrough 24#ip address 22#walkthrough 22#footprinting 20#Passive Information Gathering 19#"RCE" 17#supply-chain 16#malware 15#information gathering 13#phishing 13#ransomware 12#zero-day 11#threat intelligence 10#supply chain 10#CISA 10#network 32#ethical hacking 30#tool 26#linux 26#patch 24#thm walkthrough 24#ip address 22#walkthrough 22#footprinting 20#Passive Information Gathering 19#"RCE" 17#supply-chain 16#malware 15#information gathering 13#phishing 13#ransomware 12#zero-day 11#threat intelligence 10#supply chain 10#CISA 10
#ShinyHunters 9#data breach 9#credential theft 9#credential-theft 9#AI-security 9#threat-intelligence 8#security news 8#nmap 7#ICS 7#extortion 7#THM 7#Google 7#critical-infrastructure 7#exploit 6#programming 6#data-breach 6#supply chain attack 6#infostealer 6#backdoor 6#Android 5#ShinyHunters 9#data breach 9#credential theft 9#credential-theft 9#AI-security 9#threat-intelligence 8#security news 8#nmap 7#ICS 7#extortion 7#THM 7#Google 7#critical-infrastructure 7#exploit 6#programming 6#data-breach 6#supply chain attack 6#infostealer 6#backdoor 6#Android 5
Scroll to Top