📰 DAILY THREAT BRIEFING
Saturday, May 30, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of May 30, 2026.

  1. Name That Toon: Mark of (Cybersecurity) Progress
    — Dark Reading

    As part of Dark Reading's 20th anniversary package, we asked readers for a cybersecurity-related caption that captures their thoughts about …
  2. ChatGPT share links abused to host fake outage pages to deliver malware
    — Bleeping Computer

    Threat actors are abusing ChatGPT's content-sharing feature to display fake OpenAI outage pages that direct users to download malware disgui…
  3. California AG sues 23andMe over 2023 breach exposing health data
    — Bleeping Computer

    California Attorney General Rob Bonta filed a lawsuit against 23andMe, now Chrome Holding Co., over the company's failure to protect sensiti…
  4. ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
    — The Hacker News

    Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assist…
  5. Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
    — The Hacker News

    An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initia…
  6. Asia's Cyber Insurance Market Shows Signs of Life
    — Dark Reading

    The cyber insurance industry has made relatively weak inroads into Asia due to a a variety of factors, but that could be changing.
  7. From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
    — Bleeping Computer

    DDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare expl…
  8. With Complex Cloud Integrations, Small Errors Lead to Major Compromises
    — Dark Reading

    Researchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have comprom…
  9. New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
    — The Hacker News

    A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-r…
  10. ISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
  11. Analysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)
    — SANS ISC

    Using the data collected over the past year and using Kibana these two ES|QL query to summarize the data, this shows the list of the most up…
  12. 2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface
    — Unit 42

    The 2026 World Cup presents major cyber risks from ransomware groups, state-aligned actors, and other groups targeting critical infrastructu…

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (7056 in last 30 days).
Critical: 2 · High: 7 · Medium: 9 · Low: 2. View full dashboard →

  1. CVE-2026-9831
    — CVSS 6.3 (MEDIUM)

    A race condition in the shared Extreme Platform
    ONE IAM Gateway API-key authentication path could, under specific
    high-concurrency traffic conditions, intermittently allow requests
    authenticated with an Extreme Platform …
  2. CVE-2026-48811
    — CVSS 4.3 (MEDIUM)

    FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout allows a non-admin user to permanently delete an internal note (private thread) from any conversation, even a…
  3. CVE-2026-48810
    — CVSS 4.3 (MEDIUM)

    FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox membership check was f…
  4. CVE-2026-48557
    — CVSS 8.8 (HIGH)

    Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer(). The sanitizer checks only the final filename suffix, allowing double-extension filenames suc…
  5. CVE-2026-48555
    — CVSS 7.4 (HIGH)

    Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controll…
  6. CVE-2026-47123
    — CVSS 7.5 (HIGH)

    FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.220, the email processing pipeline in FreeScout's FetchEmails command has two code paths for identifying agent (user) replie…
  7. CVE-2026-45697
    — CVSS 9.8 (CRITICAL)

    Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields (with Default value → Custom) that were evaluated as Twig during submiss…
  8. CVE-2026-45613
    — CVSS 3.3 (LOW)

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47.
  9. CVE-2026-45372
    — CVSS 9.9 (CRITICAL)

    cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location a…
  10. CVE-2026-45352
    — CVSS 5.3 (MEDIUM)

    cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash. The ChunkedDecoder…
  11. CVE-2026-45324
    — CVSS 3.3 (LOW)

    Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vulnerability is fixed b…
  12. CVE-2026-45294
    — CVSS 5.3 (MEDIUM)

    FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted email address belong…
  13. CVE-2026-45149
    — CVSS 6.5 (MEDIUM)

    The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like {1..1…
  14. CVE-2026-44640
    — CVSS 4.5 (MEDIUM)

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to 0.24.14, aio->prov_data is stored as nni_quic_conn* during dialing, but read as ex_quic_conn* during dialer close. This type confusion causes…
  15. CVE-2026-44422
    — CVSS 7.5 (HIGH)

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed objec…
  16. CVE-2026-44421
    — CVSS 8.8 (HIGH)

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdi_Ca…
  17. CVE-2026-44420
    — CVSS 8.8 (HIGH)

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_…
  18. CVE-2026-44287
    — CVSS 6.3 (MEDIUM)

    FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import() with the regex /bimports*(/.test(code). JavaScript…
  19. CVE-2026-44285
    — CVSS 7.7 (HIGH)

    FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery (SSRF) vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbi…
  20. CVE-2026-42500
    — CVSS 5.3 (MEDIUM)

    Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image.

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · May 30, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com