| Maintained by | Phil Massyn |
🔹 BleepingComputer
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. [...]
🔹 The Hacker News
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks. The bot network, per the Dutch Politie and the National Cyber Security Center (NCSC), consisted of at least 17 million infected devices. More than 200 servers located in the Netherlands acted as the
🔗 https://thehackernews.com/2026/05/dutch-authorities-dismantle-botnet.html
🔹 Have I Been Pwned latest breaches
Atlas Menu - 63,926 breached accounts
In May 2026, the GTA V and CS2 cheat service Atlas Menu suffered a data breach. An attacker claimed to have gained access to all Atlas systems and published the service's database to a public GitHub repository. The incident exposed 64k unique email addresses along with usernames, IP addresses, support tickets and passwords stored as bcrypt hashes.
In May 2026, the GTA V and CS2 cheat service Atlas Menu suffered a data breach. An attacker claimed to have gained access to all Atlas systems and published the service's database to a public GitHub repository. The incident exposed 64k unique email addresses along with usernames, IP addresses, support tickets and passwords stored as bcrypt hashes.
🔹 BleepingComputer
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. [...]
🔹 SecurityWeek
Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say
Moscow’s agents are building fake companies, recruiting middlemen and deploying cyber spies and hackers who gather information that could be used to attack key infrastructure. The post Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say appeared first on SecurityWeek.
🔹 SecurityWeek
Exploit Code Published for Critical Flowise RCE Vulnerability
The one-click vulnerability allows attackers to execute arbitrary code on self-hosted Flowise servers by tricking users into importing a malicious chatflow. The post Exploit Code Published for Critical Flowise RCE Vulnerability appeared first on SecurityWeek.
🔗 https://www.securityweek.com/exploit-code-published-for-critical-flowise-rce-vulnerability/
🔹 BleepingComputer
New CIFSwitch Linux flaw gives root on multiple distributions
A newly discovered local privilege escalation vulnerability dubbed 'CIFSwitch' in the Linux kernel could allow attackers to forge CIFS authentication key descriptions, abuse the kernel's key request mechanism, and gain root privileges. [...]
A newly discovered local privilege escalation vulnerability dubbed 'CIFSwitch' in the Linux kernel could allow attackers to forge CIFS authentication key descriptions, abuse the kernel's key request mechanism, and gain root privileges.
🔹 The Hacker News
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0257 (CVSS score: 7.8), refers to a case of authentication bypass that could be exploited by bad actors to set up VPN connections. "Authentication bypass vulnerabilities in the
🔗 https://thehackernews.com/2026/05/pan-os-globalprotect-authentication.html
🔹 darkreading
Name That Toon: Mark of (Cybersecurity) Progress
As part of Dark Reading's 20th anniversary package, we asked readers for a cybersecurity-related caption that captures their thoughts about the industry's last two decades.
🔗 https://www.darkreading.com/cloud-security/name-that-toon-mark-of-cybersecurity-progress
🔒 Security News Digest - 2026-05-29
📊 5 updates from 4 sources:
🔹 SecurityWeek: In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks
https://www.securityweek.com/in-other-news-trump-mobile-data-breach-fifa-world-cup-phishing-cisa-responds-to-supply-chain-attacks/
🔹 Security News | TechCrunch: Microsoft under fire for threatening security researcher with criminal investigation
https://techcrunch.com/2026/05/29/microsoft-under-fire-for-threatening-security-researcher-with-criminal-investigation/
🔹 The Hacker News: ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
https://thehackernews.com/2026/05/chatgphish-vulnerability-turns-chatgpt.html
🔹 BleepingComputer: California AG sues 23andMe over 2023 breach exposing health data
https://www.bleepingcomputer.com/news/security/california-ag-sues-23andme-over-2023-breach-exposing-health-data/
🔹 BleepingComputer: ChatGPT share links abused to host fake outage pages to deliver malware
https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/
