Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-22 08:00 PDT
- CISA Security Leak
Schneier on Security • 2026-05-22 06:58 • www.schneier.comCrazy story:
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recen…
https://www.schneier.com/blog/archives/2026/05/cisa-security-leak.html - Trend Micro warns of Apex One zero-day exploited in the wild
BleepingComputer • 2026-05-22 06:39 • www.bleepingcomputer.com
Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. […]
https://www.bleepingcomputer.com/news/security/trend-micro-warns-of-apex-one-zero-day-exploited-in-attacks/ - Drupal: Critical SQL injection flaw now targeted in attacks
BleepingComputer • 2026-05-22 06:14 • www.bleepingcomputer.com
Drupal is warning that hackers are attempting to exploit a “highly critical” SQL injection vulnerability announced earlier this week. […]
https://www.bleepingcomputer.com/news/security/drupal-critical-sql-injection-flaw-now-targeted-in-attacks/ - Why Chargebacks are Just One Piece of the Fraud Puzzle
BleepingComputer • 2026-05-22 06:09 • www.bleepingcomputer.com
Fraud losses don’t stop at chargebacks. False declines, account takeovers, and abuse also damage revenue and trust. IPQS breaks down why fraud teams need broader visibility into risk and customer impact. […]
https://www.bleepingcomputer.com/news/security/why-chargebacks-are-just-one-piece-of-the-fraud-puzzle/ - Ubiquiti patches three max severity UniFi OS vulnerabilities
BleepingComputer • 2026-05-22 05:00 • www.bleepingcomputer.com
Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges. […]
https://www.bleepingcomputer.com/news/security/ubiquiti-patches-three-max-severity-unifi-os-vulnerabilities/ - Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
The Hacker News • 2026-05-22 04:55 • thehackernews.com
Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window.“Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected GitHub Actions workflows containing base64-encoded bash payloads that exfiltrate CI
https://thehackernews.com/2026/05/megalodon-github-attack-targets-5561.html - Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective
The Hacker News • 2026-05-22 04:38 • thehackernews.com
1 IntroductionThis article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the need to evaluate the exploitability of individual findings, which frequently affect code whose reachability is hardware-gated. The
https://thehackernews.com/2026/05/making-vulnerable-drivers-exploitable.html - Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload
Securelist • 2026-05-22 02:12 • securelist.com
Cloud Atlas attacks the public sector and diplomatic structures of Russia and Belarus, using ReverseSocks, SSH, and Tor for persistence in infected systems and its new tool, PowerCloud.
https://securelist.com/cloud-atlas-2026/119895/ - US and Canada arrest and charge suspected Kimwolf botnet admin
BleepingComputer • 2026-05-22 02:01 • www.bleepingcomputer.com
U.S. and Canadian authorities arrested and charged a Canadian man with operating the KimWolf distributed denial-of-service (DDoS) botnet, which infected nearly two million devices worldwide. […]
https://www.bleepingcomputer.com/news/security/us-and-canada-arrest-and-charge-suspected-kimwolf-botnet-admin/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
