📰 DAILY THREAT BRIEFING
Monday, May 4, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of May 4, 2026.

  1. Instructure confirms data breach, ShinyHunters claims attack
    — Bleeping Computer

    Educational tech giant Instructure has confirmed that data was stolen in a cyberattack, with the ShinyHunters extortion gang claiming respon…
  2. Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
    — Bleeping Computer

    Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in widespread false-positiv…
  3. Wireshark 4.6.5 Released, (Sun, May 3rd)
    — SANS ISC

    Wireshark release 4.6.5 fixes 43 vulnerabilities (38 CVEs) and 35 bugs.
  4. Telegram Mini Apps abused for crypto scams, Android malware delivery
    — Bleeping Computer

    Cybersecurity researchers have uncovered a large-scale fraud operation that uses Telegram's Mini App feature to run crypto scams, impersonat…
  5. CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
    — The Hacker News

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux …
  6. Trellix Confirms Source Code Breach With Unauthorized Repository Access
    — The Hacker News

    Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a "portion" of its source code. It…
  7. The npm Threat Landscape: Attack Surface and Mitigations (Updated May 1)
    — Unit 42

    Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more. The…
  8. Essential Data Sources for Detection Beyond the Endpoint
    — Unit 42

    Unit 42 highlights the need for a comprehensive security strategy that spans every IT zone. Explore the full details here. The post Essentia…
  9. 76% of All Crypto Stolen in 2026 Is Now in North Korea
    — Dark Reading

    North Korean threat actors are pulling off historic cryptocurrency heists on a yearly, sometimes weekly basis now. AI might be helping them.
  10. Malicious Ad for Homebrew Leads to MacSync Stealer, (Fri, May 1st)
    — SANS ISC

    Introduction
  11. 30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
    — The Hacker News

    A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails…
  12. If AI's So Smart, Why Does It Keep Deleting Production Databases?
    — Dark Reading

    The issue isn't artificial intelligence, but rather an industry adding AI agent integrations into production environments before proper secu…

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (5545 in last 30 days).
Critical: 0 · High: 5 · Medium: 15 · Low: 0. View full dashboard →

  1. CVE-2026-7713
    — CVSS 6.3 (MEDIUM)

    A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generate_auth_token of the file cps/kobo_auth.py of the component Kobo auth-token Route. Th…
  2. CVE-2026-7712
    — CVSS 6.3 (MEDIUM)

    A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is possible to be carried ou…
  3. CVE-2026-7711
    — CVSS 7.3 (HIGH)

    A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byom_handler/proc_wrapper.py of the component Engine Handler. Executing a manipulation can l…
  4. CVE-2026-7710
    — CVSS 7.3 (HIGH)

    A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Performing a manipulation of…
  5. CVE-2026-6948
    — CVSS 4.9 (MEDIUM)

    Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's agent control channel.

    This allows a compromised or rogue Velociraptor client to crash the server via out-of-memory (OO…

  6. CVE-2026-7709
    — CVSS 6.3 (MEDIUM)

    A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generate_auth_token of the file cps/kobo_auth.py of the component Endpoint. Such manipulation of the argument user…
  7. CVE-2026-7708
    — CVSS 4.3 (MEDIUM)

    A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_dbi_subscription_data in the library /lib/dbi/subscription.c of the component UDR. This manipulation of the argument supi_id…
  8. CVE-2026-7707
    — CVSS 4.3 (MEDIUM)

    A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the argument pei results in…
  9. CVE-2026-7706
    — CVSS 4.3 (MEDIUM)

    A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmm_handle_service_request of the file /src/amf/gmm-handler.c of the component AMF. The manipulation leads to denial of service. The …
  10. CVE-2026-7705
    — CVSS 6.3 (MEDIUM)

    A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function set_iptv_info of the file /jdcap of the component Service Interface. Executing a manipulation of the argument vid can lead to c…
  11. CVE-2026-7704
    — CVSS 4.3 (MEDIUM)

    A vulnerability has been found in AV Stumpfl Pixera Two Media Server up to 25.1 R2. The affected element is an unknown function of the component Service Port 1338. Such manipulation leads to path traversal. The exploit h…
  12. CVE-2026-7703
    — CVSS 7.3 (HIGH)

    A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown function of the component Websocket API. This manipulation causes code injection. The attack can be initiated remotely. Th…
  13. CVE-2026-7702
    — CVSS 5.3 (MEDIUM)

    A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipula…
  14. CVE-2026-7701
    — CVSS 4.3 (MEDIUM)

    A security vulnerability has been detected in Telegram Desktop up to 6.7.5. This vulnerability affects the function RequestButton of the file Telegram/SourceFiles/boxes/url_auth_box.cpp of the component Bot API. The mani…
  15. CVE-2026-7700
    — CVSS 6.3 (MEDIUM)

    A weakness has been identified in langflow-ai langflow up to 1.8.4. This affects the function eval of the file src/lfx/src/lfx/components/llm_operations/lambda_filter.p of the component LambdaFilterComponent. Executing a…
  16. CVE-2026-7699
    — CVSS 6.3 (MEDIUM)

    A security flaw has been discovered in Dromara MaxKey up to 3.5.13. Affected by this issue is the function StrUtils.checkSqlInjection of the file StrUtils.java. Performing a manipulation of the argument filtersfields res…
  17. CVE-2026-7698
    — CVSS 7.3 (HIGH)

    A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of…
  18. CVE-2026-7697
    — CVSS 4.7 (MEDIUM)

    A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand_submit.php. This manipulation of the argument ID causes sql injection. Remot…
  19. CVE-2026-7696
    — CVSS 6.3 (MEDIUM)

    A vulnerability was found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This impacts an unknown function of the file /SubstationWEBV2/main/uploadH5Files. The manipulation of th…
  20. CVE-2026-7695
    — CVSS 7.3 (HIGH)

    A vulnerability has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This affects an unknown function of the file /SubstationWEBV2/main/elecMaxMinAvgValue. The manipula…

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · May 4, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com