📰 DAILY THREAT BRIEFING
Sunday, May 17, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of May 17, 2026.

  1. The Boring Stuff is Dangerous Now
    — Dark Reading

    AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentia…
  2. Microsoft rejects critical Azure vulnerability report, no CVE issued
    — Bleeping Computer

    A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a…
  3. Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
    — The Hacker News

    A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject…
  4. Russian hackers turn Kazuar backdoor into modular P2P botnet
    — Bleeping Computer

    The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) botnet designed fo…
  5. Funnel Builder WordPress plugin bug exploited to steal credit cards
    — Bleeping Computer

    A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into…
  6. Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
    — The Hacker News

    The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet…
  7. Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
    — The Hacker News

    Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege esc…
  8. Cyber Pioneers Ponder Past as Prologue
    — Dark Reading

    Robert "RSnake" Hansen, Katie Moussouris, Rich Mogull, Richard Stiennon, and Bruce Schneier reflect on how their favorite columns penned for…
  9. Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files
    — Unit 42

    Unit 42 analyzes the evolution of Gremlin stealer. This variant uses advanced obfuscation, crypto clipping and session hijacking to compromi…
  10. [Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
    — SANS ISC

    
 
 :root {
 –isc-maroon: #7a1f1f;
 –isc-maroon-dark: #5e1717;
 –isc-lin…
  11. ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
  12. Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems
    — Dark Reading

    A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an ant…

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (6298 in last 30 days).
Critical: 0 · High: 11 · Medium: 9 · Low: 0. View full dashboard →

  1. CVE-2026-8733
    — CVSS 6.3 (MEDIUM)

    A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based buffer overflow. It i…
  2. CVE-2026-8731
    — CVSS 4.3 (MEDIUM)

    A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogs_sbi_client_add in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument client_pool leads to denial of se…
  3. CVE-2026-8730
    — CVSS 4.3 (MEDIUM)

    A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogs_sbi_nf_instance_set_id in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfInstanceId can lead to…
  4. CVE-2026-8729
    — CVSS 4.3 (MEDIUM)

    A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in den…
  5. CVE-2026-8728
    — CVSS 4.3 (MEDIUM)

    A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogs_sbi_discovery_option_parse_plmn_list in the library /lib/sbi/conv.c of the component NRF. Such manipulation of t…
  6. CVE-2026-8719
    — CVSS 8.8 (HIGH)

    The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in version 3.4.9. This is due to missing WordPress capability enforcement in the MCP OAuth bearer…
  7. CVE-2026-8725
    — CVSS 7.3 (HIGH)

    A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected element is an unknown function of the file src/caal/webhooks.py of the component test-hass Endpoint. This manipulation causes server-side reque…
  8. CVE-2026-8724
    — CVSS 4.7 (MEDIUM)

    A security flaw has been discovered in Dataease 2.10.20. Impacted is the function SqlparserUtils.transFilter of the file SqlparserUtils.java of the component Data Dashboard. The manipulation results in sql injection. The…
  9. CVE-2026-8723
    — CVSS 5.3 (MEDIUM)

    ### Summary

    `qs.stringify` throws `TypeError` when called with `arrayFormat: 'comma'` and `encodeValuesOnly: true` on an array containing `null` or `undefined`. The throw is synchronous and not handled by any of qs's …

  10. CVE-2026-46728
    — CVSS 8.2 (HIGH)

    Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from a hash.
  11. CVE-2021-47981
    — CVSS 5.4 (MEDIUM)

    Quick.CMS 6.7 contains a cross-site scripting vulnerability in the sliders form that allows authenticated attackers to inject malicious scripts by submitting XSS payloads through the sDescription parameter. Attackers can…
  12. CVE-2021-47980
    — CVSS 7.1 (HIGH)

    Fuel CMS 1.4.13 contains a blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'col' parameter in the Activity Log interface. Attackers c…
  13. CVE-2021-47979
    — CVSS 8.8 (HIGH)

    WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST request…
  14. CVE-2021-47978
    — CVSS 6.2 (MEDIUM)

    ProcessMaker 3.5.4 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting improper path traversal validation. Attackers can send requests with directory …
  15. CVE-2021-47977
    — CVSS 7.5 (HIGH)

    WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the file parameter. Attack…
  16. CVE-2021-47976
    — CVSS 8.8 (HIGH)

    TextPattern CMS 4.9.0-dev contains a remote code execution vulnerability that allows authenticated attackers to upload arbitrary PHP files by exploiting the plugin upload functionality. Attackers can authenticate, retrie…
  17. CVE-2021-47975
    — CVSS 7.2 (HIGH)

    WP Learn Manager 1.1.2 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the fieldtitle parameter. Attackers can submit POST requests to the js…
  18. CVE-2021-47974
    — CVSS 7.8 (HIGH)

    VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables i…
  19. CVE-2021-47973
    — CVSS 7.5 (HIGH)

    Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload contain…
  20. CVE-2021-47972
    — CVSS 7.5 (HIGH)

    Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads o…

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · May 17, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com