Warning: Windows Netlogon Vulnerability Actively Exploited in the Wild; Administrators Urged to Patch Immediately

297/69 Tuesday, June 2, 2026 The Belgian Centre for Cyber Security (CCB) has warned that the Windows Netlogon vulnerability tracked as CVE-2026-41089 is being actively exploited in real-world attacks. The vulnerability is rated Critical and was addressed by Microsoft in its May 2026 security updates. The flaw affects the Netlogon service, a core component of […]

sittisak mintaboon

June 2, 2026

ShinyHunters Publishes Allegedly Stolen Charter Communications Data, Potentially Impacting More Than 5 Million Customers

296/69 Tuesday, June 2, 2026 Reports indicate that the cybercriminal group ShinyHunters has published data allegedly stolen from Charter Communications after the company reportedly refused to pay a ransom demand. Charter Communications is one of the largest telecommunications providers in the United States, offering internet, cable television, mobile, and landline phone services under the Spectrum […]

sittisak mintaboon

June 2, 2026

Critical Vulnerability in WordPress WP Maps Pro Plugin Allows Unauthorized Administrator Account Creation

295/69 Tuesday, June 2, 2026 A significant cybersecurity threat has been identified targeting websites running WordPress through a vulnerability in the WP Maps Pro plugin, a widely used extension for creating interactive maps. The vulnerability, tracked as CVE-2026-8732, has been rated Critical and affects WP Maps Pro version 6.1.0 and earlier. The flaw allows unauthenticated […]

sittisak mintaboon

June 2, 2026

JINX-0164 Targets Cryptocurrency Firms Through Fake Recruitment Campaigns and macOS Malware

294/69 Friday, May 29, 2026 Researchers from Wiz have reported attacks carried out by a threat group tracked as JINX-0164, which targets cryptocurrency organizations. The group uses social engineering techniques through LinkedIn or impersonates recruiters and business partners to persuade victims to join online meetings. Victims are then directed to fake domains that imitate remote […]

sittisak mintaboon

May 29, 2026

Dutch Police Arrest Suspect Linked to Ajax Football Club Cyberattack

293/69 Friday, May 29, 2026 The Dutch National Police arrested a 35-year-old man suspected of being involved in multiple unauthorized intrusions into the computer systems of Ajax Amsterdam, also known as AFC Ajax, earlier in 2026. According to the police, the suspect unlawfully accessed the club’s computer systems several times. After the incident was reported, […]

sittisak mintaboon

May 29, 2026

U.S. Court Sentences Romanian Hacker to Nearly Five Years in Prison for Illegally Breaching Government Agency Networks

292/69 Friday, May 29, 2026 The U.S. Department of Justice (DoJ) announced that a 45-year-old Romanian hacker has been sentenced to four years and eight months in prison, followed by three years of supervised release. The sentence stems from unauthorized intrusions into the network of an emergency management agency in the State of Oregon in […]

sittisak mintaboon

May 29, 2026

Anthropic Enhances Claude Code Security with a Plugin to Detect Risky Code During Development

291/69 Thursday, May 28, 2026 Anthropic has introduced new security features for Claude, including a Self-hosted Sandbox for Claude Managed Agents and a Security Guidance Plugin for Claude Code. The Self-hosted Sandbox is currently available in Public Beta and is designed to allow Agent tools or code execution to run within an environment controlled by […]

sittisak mintaboon

May 28, 2026

Cybersecurity Firms Collaborate to Disrupt Glassworm Botnet After Fake Packages and Tools Were Used to Target Developers

290/69 Thursday, May 28, 2026 On May 26, 2026, CrowdStrike Counter Adversary Operations, in collaboration with Google and the Shadowserver Foundation, reportedly disrupted all four Command-and-Control (C2) channels used by the Glassworm Botnet at the same time. The operation aimed to stop communication between the malware and the attackers’ infrastructure. Glassworm is a campaign that […]

sittisak mintaboon

May 28, 2026

Zero-Day Exploitation of KnowledgeDeliver to Deploy Web Shell and Malware

289/69 Thursday, May 28, 2026 There have been reports of threat actors exploiting a critical zero-day vulnerability, tracked as CVE-2026-5426, in KnowledgeDeliver, a Learning Management System (LMS) platform. The vulnerability allows unauthenticated attackers to remotely execute malicious commands on the operating system. This threat directly affects organizations using vulnerable installations of the platform prior to […]

sittisak mintaboon

May 28, 2026

Microsoft Releases Security Updates Addressing RCE Vulnerability in SharePoint Server

288/69 Wednesday, May 27, 2026 Microsoft has released security updates to address a Remote Code Execution (RCE) vulnerability in Microsoft SharePoint Server tracked as CVE-2026-45659. The vulnerability has a CVSS severity score of 8.8 and is caused by the deserialization of untrusted data within SharePoint Server. The vulnerability could allow an authenticated attacker with minimal […]

sittisak mintaboon

May 27, 2026
1 6 7 8 100