📰 DAILY THREAT BRIEFING
Tuesday, June 2, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of June 2, 2026.

  1. Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
    — Bleeping Computer

    A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques…
  2. Red Hat npm packages compromised to steal developer credentials
    — Bleeping Computer

    More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a ne…
  3. Spain arrests doxer leaking sensitive data of govt employees
    — Bleeping Computer

    The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizatio…
  4. Anthropic to Open Mythos AI to EU's ENISA
    — Dark Reading

    The European security agency's entry to Project Glasswing is the result of "strong bilateral cooperation" between the European Commission an…
  5. Microsoft's Zero-Day Legal Threats Spark Backlash
    — Dark Reading

    After a disgruntled security researcher published several zero-day exploits in recent weeks, Microsoft seemingly indicated criminal charges …
  6. Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
    — The Hacker News

    A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials a…
  7. Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
    — Krebs on Security

    The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian…
  8. Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit
    — Dark Reading

    Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that sta…
  9. ⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More
    — The Hacker News

    Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting…
  10. China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
    — The Hacker News

    A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and…
  11. ISC Stormcast For Monday, June 1st, 2026 https://isc.sans.edu/podcastdetail/9952, (Mon, Jun 1st)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
  12. Unidentified RAT pushes NetSupport RAT, (Mon, Jun 1st)
    — SANS ISC

    Introduction

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (7027 in last 30 days).
Critical: 1 · High: 7 · Medium: 9 · Low: 3. View full dashboard →

  1. CVE-2026-9050
    — CVSS 4.3 (MEDIUM)

    The Slider Revolution plugin for WordPress in versions 6.0.0-6.7.55 and 7.0.0-7.0.14 is vulnerable to unauthorized modification of data. This is due to the plugin not properly verifying that a user is authorized to perfo…
  2. CVE-2026-9048
    — CVSS 4.3 (MEDIUM)

    The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions 7.0.0 – 7.0.14, via the 'slider.get.full' AJAX Action. This makes it possible for authenticated attackers, with Contr…
  3. CVE-2026-10528
    — CVSS 3.3 (LOW)

    A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser…
  4. CVE-2026-10514
    — CVSS 2.4 (LOW)

    A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The manipulation leads to cro…
  5. CVE-2026-10302
    — CVSS 6.3 (MEDIUM)

    A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /manage_fee.php. Executing a manipulation of the argument ID can lead to sql injection. The attack…
  6. CVE-2026-10301
    — CVSS 4.3 (MEDIUM)

    A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. …
  7. CVE-2026-28511
    — CVSS 4.3 (MEDIUM)

    eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results that include resources the requesting user is no…
  8. CVE-2026-25879
    — CVSS 9.8 (CRITICAL)

    Langroid is a framework for building large-language-model-powered applications. Prior to version 0.63.0, SQLChatAgent executes SQL produced by an LLM, which is influenceable by prompt injection. When configured with a da…
  9. CVE-2026-25277
    — CVSS 8.8 (HIGH)

    Memory corruption while using Strongbox due to buffer overflow.
  10. CVE-2026-25276
    — CVSS 8.8 (HIGH)

    Memory corruption while using Strongbox due to missing bounds check.
  11. CVE-2026-25260
    — CVSS 7.8 (HIGH)

    Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.
  12. CVE-2026-25259
    — CVSS 7.8 (HIGH)

    Memory corruption while processing multiple IOCTL command for escape operations.
  13. CVE-2026-25258
    — CVSS 7.8 (HIGH)

    Memory corruption while processing IOCTL calls for escape operations.
  14. CVE-2026-24782
    — CVSS 7.6 (HIGH)

    Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kiteworks Secure Data Forms could be exploited by an authenticated attacker with the FormBuilder role to retrieve…
  15. CVE-2026-24761
    — CVSS 3.7 (LOW)

    Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to access metadata of resources belo…
  16. CVE-2026-24756
    — CVSS 4.3 (MEDIUM)

    Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to oth…
  17. CVE-2026-24755
    — CVSS 5.4 (MEDIUM)

    Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources b…
  18. CVE-2026-24754
    — CVSS 5.4 (MEDIUM)

    Kiteworks is a private data network (PDN). Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms could allow an authenticated attacker to execute arbitrary JavaScript code in other users' sess…
  19. CVE-2026-24753
    — CVSS 6.5 (MEDIUM)

    Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to oth…
  20. CVE-2026-24752
    — CVSS 8.2 (HIGH)

    Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitrary JavaScript code. U…

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · June 2, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com