Shimi's Cyber World

May 19, 2026 09:43

New Phishing Campaign Uses Fake 'CEO Mandate' for Email Signature

A new phishing campaign, identified by Cyber News - Erez Dasa, is currently circulating, leveraging a deceptive email that purports to be from a CEO....

israel

May 19, 2026 09:43 /SCW Threat Desk /MEDIUM

Chanhassen Dinner Theatres Suspend Shows After Ransomware Attack

Chanhassen Dinner Theatres in the US has temporarily suspended performances following a cyberattack on its systems. According to Cyber Updates - Asher Tamam, management proactively...

israelmalwareransomware

May 19, 2026 07:42 /SCW Threat Desk /MEDIUM /⚙ 3 Sigma

Mini Shai Hulud Campaign Hits AntV npm Packages, Echarts-for-React Affected

The Mini Shai Hulud campaign continues its aggressive activity, now targeting AntV's npm libraries. Cyber News - Erez Dasa reports that this includes the `echarts-for-react`...

israel

May 19, 2026 07:35 /SCW Threat Desk /MEDIUM /⚙ 3 Sigma

Audio Prompt Injection Attack: AudioHijack Bypasses Voice AI Defenses

While prompt injection has become a common concern, a new attack vector, dubbed AudioHijack, introduces the concept of audio prompt injection. As reported by LΣҒΔ𝕽ΩLL...

ai-security

May 19, 2026 07:33 /SCW Threat Desk /MEDIUM

CTT Data Breach Exposes 468K Portuguese Accounts

In April 2026, data allegedly sourced from CTT, Portugal's national postal service, surfaced on a public hacking forum. Have I Been Pwned reported that this...

data-breach

May 19, 2026 03:28 /SCW Research /HIGH /⚙ 3 Sigma

Addi Fintech Breach: 34 Million Accounts Exposed by ShinyHunters

In March 2026, the Colombian fintech Addi reported unauthorized activity on its platform, cautioning customers about potential personal information compromise. The "pay or leak" group...

data-breachidentity

May 18, 2026 23:55 /SCW Research /HIGH /⚙ 3 Sigma

Middle East Cyber Raids Net 200+ Scam Network Arrests

Law enforcement agencies, in a coordinated effort, recently arrested over 200 individuals linked to cyber scam networks operating in the Middle East. The raids uncovered...

threat-inteldata-breachgovernment

May 18, 2026 23:52 /SCW Research /MEDIUM

Featured

Daily Security Digest — 2026-05-18

12 vulnerability disclosures (3 Critical, 9 High) and 30 curated intelligence stories from 10 sources.

daily-digestvulnerabilitycvehigh-severitysql-injectioncwe-74cwe-89cross-site-scripting-xsscwe-79cwe-200

May 18, 2026 23:00 /SCW Daily Digest /CRITICAL

Cloudflare Leverages AI for Code Review, Finds Critical Security Flaws

Cyber News - Erez Dasa highlighted Cloudflare's recent findings on using AI agents for code review. Over a 30-day period, Cloudflare executed 131,246 code scans...

israelcloud

May 18, 2026 22:02 /SCW Threat Desk /MEDIUM

UK Schools Face Extortion After AI Generates Deepfake Child Pornography

Schools in England are removing student photos from official websites and social media after attackers leveraged them for extortion. Cyber News - Erez Dasa reports...

israel

May 18, 2026 21:10 /SCW Threat Desk /MEDIUM

Iran Threatens Global Internet with Strait of Hormuz Toll Demands

LΣҒΔ𝕽ΩLL 🇮🇱 reports that Iran is demanding transit fees from major technology companies for internet cables passing through the Strait of Hormuz and the Persian...

May 18, 2026 21:01 /SCW Threat Desk /MEDIUM

Grafana Refuses Ransom Payment After Codebase Theft

Grafana has confirmed a breach where attackers stole source code from its GitHub repositories. Despite the theft, the company has publicly stated its refusal to...

threat-inteldata-breachgovernmentransomwaretools

May 18, 2026 20:50 /SCW Research /MEDIUM /⚙ 3 Sigma

Leaked Shai-Hulud Malware Fuels New npm Infostealer Campaigns

The recently leaked Shai-Hulud malware is now actively being leveraged in new attacks targeting the Node Package Manager (npm) index. BleepingComputer reports that infected npm...

threat-inteldata-breachmalwarebleepingcomputer

May 18, 2026 20:28 /SCW Research /MEDIUM

OpenAI ChatGPT Financial Account Integration Raises Major Privacy Concerns

OpenAI's recent announcement to integrate ChatGPT with users' financial accounts for personal finance advice is a serious red flag. The Record by Recorded Future highlights...

threat-inteldata-breachgovernmentai-security

May 18, 2026 19:10 /SCW Research /MEDIUM

Bangladesh Government Customs Database Exposed on Darknet

DARKFEED reports a significant data breach involving a Bangladesh Government Customs database, which has been exposed and is now accessible on the darknet. This incident...

darkwebthreat-intelransomwaredata-breach

May 18, 2026 17:42 /SCW Threat Desk /MEDIUM /⚙ 3 Sigma

Grafana Codebase Stolen via GitHub Token Compromise

Grafana Labs recently disclosed a significant breach of its GitHub environment, where attackers successfully exfiltrated the company's source code. According to BleepingComputer, the breach was...

threat-inteldata-breachmalwaretools

May 18, 2026 16:46 /SCW Research /MEDIUM /⚙ 3 Sigma

Anthropic Mythos Powers macOS M5 LPE Exploit Chain

Calif researchers, leveraging Anthropic's Mythos Preview AI, successfully developed a macOS LPE (Local Privilege Escalation) exploit chain for Apple M5 silicon in just five days....

May 18, 2026 16:45 /SCW Threat Desk /MEDIUM /⚙ 3 Sigma

Tabiq Hotel Platform Leaks 1 Million Passports and IDs via AWS S3

A critical misconfiguration in the Reqrea's Tabiq hotel check-in system has exposed over one million sensitive guest documents, including passports, driver's licenses, and selfie verification...

threat-inteldata-breachmalwarecloudidentity

May 18, 2026 16:02 /SCW Research /HIGH /⚙ 2 Sigma

7-Eleven Data Leak: ShinyHunters Sells Stolen Data for $250,000

Retail giant 7-Eleven has confirmed a data breach after the ShinyHunters threat group advertised stolen data on their leak site. According to Cyber News -...

israel

May 18, 2026 14:41 /SCW Threat Desk /MEDIUM /⚙ 3 Sigma

Enable GuardDuty

Think about the last time you saw a breach report where an attacker lingered in an AWS account for weeks, undetected. This isn't theoretical. It's...

lockdown-labhardeningawslogging

May 18, 2026 14:09 /Shimi Cohen

Israeli Banking Sector: Cyber Risk Tops CISO Concerns for 2025

The Israeli banking sector's C-suite is, predictably, most concerned about cyber risk heading into 2025. This isn't a surprise; it's a reflection of the unrelenting...

israel

May 18, 2026 10:43 /SCW Threat Desk /MEDIUM

Microsoft MDASH AI Tool Outperforms Mythos, Finds 16 Vulnerabilities

Microsoft is accelerating the race for AI-driven security tools with the introduction of MDASH, a new platform leveraging over 100 agents to identify vulnerabilities. Cyber...

israel

May 18, 2026 08:46 /SCW Threat Desk /MEDIUM

Opexus: Fired Employees Delete Government Databases Via Microsoft Teams

LΣҒΔ𝕽ΩLL 🇮🇱 reports on a glaring operational security failure involving Muneeb and Sohaib Akhter, two brothers formerly employed by Opexus, a U.S. federal contractor. The...

microsoft

May 18, 2026 07:30 /SCW Threat Desk /MEDIUM /⚙ 3 Sigma

Former CISA Nominee Sean Plankey Joins Defense Startup UFORCE as US CEO

Sean Plankey, who recently withdrew his nomination for CISA Director, has been appointed U.S. CEO of UFORCE, a London-based defense technology company formed from nine...

threat-intelpolicygovernmentmicrosoft

May 18, 2026 07:00 /SCW Research /HIGH

Featured

Daily Security Digest — 2026-05-17

23 vulnerability disclosures (3 Critical, 20 High) and 7 curated intelligence stories from 3 sources.

daily-digestvulnerabilitycvehigh-severitycwe-346server-side-request-forgerycwe-918privilege-escalationcwe-269sql-injection

May 17, 2026 23:00 /SCW Daily Digest /CRITICAL

Deepfake Phishing Campaign Targets Israeli Public with Fake Endorsements

A new deepfake phishing campaign is actively targeting the Israeli public, leveraging sophisticated AI-generated videos. Cyber News - Erez Dasa reports that these videos falsely...

israel

May 17, 2026 14:56 /SCW Threat Desk /MEDIUM

Enable GuardDuty

Think about the last time you saw a breach notification. How many of those could have been caught earlier, or prevented entirely, if someone was...

lockdown-labhardeningawslogging

May 17, 2026 12:09 /Shimi Cohen

THORChain Suffers $10 Million Crypto Theft

The THORChain decentralized finance (DeFi) protocol recently sustained a significant theft, with attackers siphoning off approximately $10 million in digital assets. This incident highlights the...

israel

May 17, 2026 09:44 /SCW Threat Desk /MEDIUM /⚙ 3 Sigma

Grafana Labs Hit by Ransomware, Source Code Repositories Exfiltrated

Grafana Labs has confirmed a ransomware attack, with the Coinbase Cartel group claiming responsibility on their leak site. This incident highlights the persistent threat ransomware...

israel

May 17, 2026 08:48 /SCW Threat Desk /MEDIUM /⚙ 3 Sigma

GitHub Actions Supply Chain Attack Hijacks Tags to Steal CI/CD Credentials

Threat actors have compromised the popular GitHub Actions workflow, `actions-cool/issues-helper`, to execute malicious code designed to harvest sensitive credentials. The Hacker News reports that this...

threat-intelvulnerabilityidentitytools

May 19, 2026 08:28 /SCW Vulnerability Desk /HIGH /⚑ 4 IOCs /⚙ 3 Sigma

OpenHarmony RCE: Remote Code Execution in Pre-Installed Apps (CVE-2026-27648)

CVE-2026-27648 — in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

vulnerabilitycvehigh-severitycode-executioncwe-787

May 19, 2026 07:16 /SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

OpenHarmony CVE-2026-25781 Allows Local DOS, Unrecoverable Impact

CVE-2026-25781 — in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.

vulnerabilitycvehigh-severitydenial-of-servicecwe-787

May 19, 2026 07:16 /SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

OpenHarmony v6.0 RCE: Pre-Installed Apps Vulnerable

CVE-2026-24792 — in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

vulnerabilitycvehigh-severitycode-executioncwe-364

May 19, 2026 07:16 /SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

O+ Connect Vulnerability: Local Privilege Escalation (CVE-2026-22069) Exposes Systems

CVE-2026-22069 — A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface....

vulnerabilitycvehigh-severityprivilege-escalationcwe-266

May 19, 2026 07:16 /SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

AutoGPT Insecure Deserialization (CVE-2026-33233) Leads to RCE

CVE-2026-33233 — AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.6.34 through 0.6.51, the backend deserializes...

vulnerabilitycvehigh-severityinsecure-deserializationcwe-94cwe-345cwe-502

May 19, 2026 05:16 /SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 2 Sigma