12 News Items
THN · BleepingComputer · Krebs · Dark Reading · SANS
THN · BleepingComputer · Krebs · Dark Reading · SANS
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of May 25, 2026.
-
Wireshark 4.6.6 Released, (Sun, May 24th)
— SANS ISC
Wireshark release 4.6.6 fixes 1 vulnerability and 11 bugs. -
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
— Bleeping Computer
A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript cod… -
Laravel Lang packages hijacked to deploy credential-stealing malware
— Bleeping Computer
A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated credential-stealing malware… -
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
— The Hacker News
GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitl… -
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
— The Hacker News
A new "coordinated" supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux b… -
Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes
— Bleeping Computer
Italian authorities have dismantled a piracy ecosystem centered around the CINEMAGOAL app that provided access to various streaming platform… -
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
— The Hacker News
Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across s… -
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
— The Hacker News
Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to La… -
An Example of Stack String in High Level Language, (Sat, May 23rd)
— SANS ISC
This week, I'm attending the SEC670[1] training (“Red Teaming Tools – Developing Windows Implants, Shellcode, Command and C… -
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
— Bleeping Computer
Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled… -
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
— Krebs on Security
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOn… -
Akamai Joins Growing Chorus of Vendors Betting Big on Secure Enterprise Browsers
— Dark Reading
When Akamai announced its LayerX acquisition, the company joined a growing list of vendors adding secure enterprise browsers to their produc…
Generated by HiveNet.ai Threat Intelligence Platform · May 25, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC