May 28, 2026 · #70 episode artwork

EPISODE · May 28, 2026 · 4 MIN

May 28, 2026 · #70

from Security Brief Daily · host Security Brief Daily

Episode 70 — 28 May 2026 1. CISA gives feds 4 days to patch actively exploited cPanel plugin flaw Source: Bleeping Computer The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks. Tracked as CVE-2026-48172... 2. KnowledgeDeliver flaw exploited as a zero-day to install web shells Source: Bleeping Computer Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. The flaw is a deserialization issue tracked as CVE-2026-5426 and can be exploited without authentication. It stems... 3. GPU mining malware spreads via SEO poisoning, AI chatbots Source: Bleeping Computer Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a coordinated SEO poisoning operation that also manipulated AI chatbot recommendations. ​The compromise occurs through malicious download pages for utility... 4. Glassworm botnet disrupted after resilient C2 infrastructure takedown Source: Bleeping Computer The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network. ​In a coordinated operation... 5. JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware Source: The Hacker News A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware. "These campaigns leveraged sophisticated social... 6. Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions Source: The Hacker News Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met. The vulnerability, tracked as CVE-2026-45659, carries a CVSS score of... 7. GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure Source: The Hacker News CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages... 8. Malicious npm Package Stole Files From Claude AI User Directory via GitHub Source: The Hacker News Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated...

Episode 70 — 28 May 2026 1. CISA gives feds 4 days to patch actively exploited cPanel plugin flaw Source: Bleeping Computer The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks. Tracked as CVE-2026-48172... 2. KnowledgeDeliver flaw exploited as a zero-day to install web shells Source: Bleeping Computer Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. The flaw is a deserialization issue tracked as CVE-2026-5426 and can be exploited without authentication. It stems... 3. GPU mining malware spreads via SEO poisoning, AI chatbots Source: Bleeping Computer Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a coordinated SEO poisoning operation that also manipulated AI chatbot recommendations. ​The compromise occurs through malicious download pages for utility... 4. Glassworm botnet disrupted after resilient C2 infrastructure takedown Source: Bleeping Computer The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network. ​In a coordinated operation... 5. JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware Source: The Hacker News A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware. "These campaigns leveraged sophisticated social... 6. Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions Source: The Hacker News Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met. The vulnerability, tracked as CVE-2026-45659, carries a CVSS score of... 7. GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure Source: The Hacker News CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages... 8. Malicious npm Package Stole Files From Claude AI User Directory via GitHub Source: The Hacker News Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated...

NOW PLAYING

May 28, 2026 · #70

0:00 4:16

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Brief Daily?

This episode is 4 minutes long.

When was this Security Brief Daily episode published?

This episode was published on May 28, 2026.

What is this episode about?

Episode 70 — 28 May 2026 1. CISA gives feds 4 days to patch actively exploited cPanel plugin flaw Source: Bleeping Computer The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure...

Can I download this Security Brief Daily episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!