43AA 6E9A 54EE B550 D830 EF7A 36EE 72FB 8AD1 F5CC

Infosec bits for 2026 week 22

Heloise Meyer | May 29, 2026, 1:07 p.m.

Cybersecurity News:

  • When the Scanner Starts Thinking: Learnings from Mythos & GPT 5.5 Cyber in Security Testing [Deepen Desai, Zscaler]
  • AI eyes scanning for bugs create a worrisome Linux security trend [Steven J. Vaughan-Nichols, The Register]
  • DDoS attacks that caused Internet problems in South Africa suddenly stop [Jan Vermeulen, MyBroadband]
  • Out of the Crypt: The Evolving Cyber Extortion Economy [Matt Brady, Unit42]

    • Vulnerabilities & Patches:

  • Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions [Ravie Lakshmanan, The Hacker News]
  • Authenticated RCE via Argument Injection in Gogs (NOT FIXED) [Jonah Burgess, Rapid7]
  • Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks [Ravie Lakshmanan, The Hacker News]
  • Gitea Vulnerability Exposed 30,000 Deployments to Attacks [Ionut Arghire, SecurityWeek]

    • Malware:

  • Living off the Land with VS Code: Inside a Sophisticated Phishing Campaign [Joe Security, Joe Security]
  • Hackers exploit FortiClient EMS flaw to push infostealer malware [Bill Toulas, BleepingComputer]
  • GlassWorm Botnet Disrupted [Ionut Arghire, SecurityWeek]

    • Cyberattacks:

  • Attackers disguising phishing as Google AppSheet notifications [Anna Lazaricheva, Kaspersky Daily]
  • Infostealers Just Spawned a 5,000+ Repo GitHub Supply Chain Attack [InfoStealers, InfoStealers]

    • Contact Us:

    csirt {a} sanren.ac.za

    CSIRT:

    0x36EE72FB8AD1F5CC

    Heloise:

    0xD367253D12C5BBBC

    Zoya:

    0x14D11B78C23A3DEF

    Anele:

    0x1EC1265990F8D258

    This website uses cookies to ensure you get the best experience on our site. Learn more