May 23, 2026 · #65 episode artwork

EPISODE · May 23, 2026 · 4 MIN

May 23, 2026 · #65

from Security Brief Daily · host Security Brief Daily

Episode 65 — 23 May 2026 1. Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is... 2. Ubiquiti patches three max severity UniFi OS vulnerabilities Source: Bleeping Computer Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges. UniFi OS is a unified operating system that powers UniFi Consoles and helps manage IT infrastructure, including... 3. Netherlands seizes 800 servers of hosting firm enabling cyberattacks Source: Bleeping Computer Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled cyberattacks, interference operations, and disinformation campaigns. FIOD arrested a 57-year-old suspect, who was the company director,... 4. Drupal: Critical SQL injection flaw now targeted in attacks Source: Bleeping Computer Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. The content management system (CMS) project published a PSA on May 18, urging administrators to reserve time for core updates that addressed... 5. LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root Source: The Hacker News A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse... 6. Lawmakers Demand Answers as CISA Tries to Contain Data Leak Source: Krebs on Security Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on... 7. Trend Micro warns of Apex One zero-day exploited in the wild Source: Bleeping Computer Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. Apex One is Trend Micro's enterprise-grade endpoint security platform that protects corporate networks from a wide range of... 8. First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups Source: The Hacker News Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. Codenamed Operation Saffron,...

Episode 65 — 23 May 2026 1. Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is... 2. Ubiquiti patches three max severity UniFi OS vulnerabilities Source: Bleeping Computer Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges. UniFi OS is a unified operating system that powers UniFi Consoles and helps manage IT infrastructure, including... 3. Netherlands seizes 800 servers of hosting firm enabling cyberattacks Source: Bleeping Computer Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled cyberattacks, interference operations, and disinformation campaigns. FIOD arrested a 57-year-old suspect, who was the company director,... 4. Drupal: Critical SQL injection flaw now targeted in attacks Source: Bleeping Computer Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. The content management system (CMS) project published a PSA on May 18, urging administrators to reserve time for core updates that addressed... 5. LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root Source: The Hacker News A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse... 6. Lawmakers Demand Answers as CISA Tries to Contain Data Leak Source: Krebs on Security Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on... 7. Trend Micro warns of Apex One zero-day exploited in the wild Source: Bleeping Computer Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. Apex One is Trend Micro's enterprise-grade endpoint security platform that protects corporate networks from a wide range of... 8. First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups Source: The Hacker News Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. Codenamed Operation Saffron,...

NOW PLAYING

May 23, 2026 · #65

0:00 4:23

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Brief Daily?

This episode is 4 minutes long.

When was this Security Brief Daily episode published?

This episode was published on May 23, 2026.

What is this episode about?

Episode 65 — 23 May 2026 1. Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw...

Can I download this Security Brief Daily episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!