LIVE FEED

CRITICAL: GitHub AWS GovCloud credentials leaked by CISA contractor; lawmakers demand answers [11,13]◆HIGH: Drupal CVE-2026-9082 actively exploited; thousands of sites under attack [27]◆HIGH: Laravel-Lang packages compromised for credential theft; supply-chain attack via GitHub tags [4,6]◆MED: npm adds 2FA-gated publishing to counter supply-chain threats [1]◆HIGH: LiteSpeed cPanel Plugin CVE-2026-48172 (CVSS 10.0) exploited in wild [5]◆CRITICAL | GITHUB — Megalodon campaign: 5,718 malicious commits in 5,561 repos within 6 hours◆CRITICAL | DRUPAL — CVE-2026-9082 SQL injection under active attack across thousands of sites◆HIGH | CISA — Contractor exposed AWS GovCloud credentials on public GitHub repository◆CRITICAL: GitHub AWS GovCloud credentials leaked by CISA contractor; lawmakers demand answers [11,13]◆HIGH: Drupal CVE-2026-9082 actively exploited; thousands of sites under attack [27]◆HIGH: Laravel-Lang packages compromised for credential theft; supply-chain attack via GitHub tags [4,6]◆MED: npm adds 2FA-gated publishing to counter supply-chain threats [1]◆HIGH: LiteSpeed cPanel Plugin CVE-2026-48172 (CVSS 10.0) exploited in wild [5]◆CRITICAL | GITHUB — Megalodon campaign: 5,718 malicious commits in 5,561 repos within 6 hours◆CRITICAL | DRUPAL — CVE-2026-9082 SQL injection under active attack across thousands of sites◆HIGH | CISA — Contractor exposed AWS GovCloud credentials on public GitHub repository◆

UPDATED DAILY

AI-monitored threat intelligence

Threat
intelligence,
structured &
prioritized.

AI-generated daily briefings and vulnerability analysis for security teams who need signal, not noise.

Read Today’s Briefing → Subscribe Free

● HIGH/ MAY 24, 2026TODAY’S BRIEFING — #067

GitHub, npm, and Drupal under attack: supply-chain threats and active CVE exploitation

Multiple supply-chain attacks targeting Laravel-Lang and Packagist packages, active exploitation of Drupal CVE-2026-9082, and critical CISA AWS credential leak on GitHub.

CVE-2026-48172LiteSpeed cPanel Plugin — Privilege escalation (CVSS 10.0) actively exploited; allows arbitrary script execution as root CVE-2026-9082Drupal — Under active exploitation; attacks observed against thousands of websites

Read the full briefing →

67 briefings published

9 vuln reports

59 tools indexed

$0 for security teams

LIVE — THIS WEEK

Critical vulnerabilities

Full report →

CVE	Product	CVSS	Exploited	Patch
CVE-2026-42156	Funnel Builder WordPress Plugin	9.3	in wild	✓ available
CVE-2026-42945	NGINX Open Source & NGINX Plus	9.2	in wild	✓ available
CVE-2026-43521	Cisco SD-WAN Systems	9.1	in wild	✓ available
CVE-2026-42139	Siemens gWAP (gPROMS Web Applications Publisher)	8.9	—	✓ available
CVE-2026-41289	Universal Robots Polyscope 5	8.8	—	✓ available

KEV = listed in CISA catalog · IN WILD = active exploitation reported

LATEST INTELLIGENCE

Daily briefings

View all 67 briefings →

● HighMay 24, 2026

GitHub, npm, and Drupal under attack: supply-chain threats and active CVE exploitation

Multiple supply-chain attacks targeting Laravel-Lang and Packagist packages, active exploitation of Drupal CVE-2026-9082, and critical CISA AWS credential leak on GitHub.

Supply ChainVuln ExploitZero-DayCredential TheftTechnologyEducationGovernment

● HighMay 23, 2026

GitHub supply-chain attack, Drupal RCE, AWS GovCloud credential leak

GitHub campaign injects malware into 5,561 repos; Drupal SQL injection actively exploited; CISA contractor exposes AWS GovCloud credentials.

Supply ChainVuln ExploitCredential TheftDDoSTechnologyGovernmentFinance

● HighMay 22, 2026

Critical RCEs: Microsoft Defender, Linux kernel, Cisco Workload; Showboat targets telcos

Microsoft Defender vulnerabilities actively exploited; 9-year-old Linux kernel flaw enables root execution; Cisco Workload max-severity RCE patched; Showboat malware targets telcos across Middle East and Central Asia.

Zero-DayVuln ExploitMalwareAPTTelecomGovernmentTechnology

● HighMay 21, 2026

GitHub breach, SonicWall VPN MFA bypass, Drupal critical flaw demand patching

GitHub suffered breach of 3,800+ internal repos via TeamPCP. Microsoft disrupted malware-signing operation. SonicWall VPN and Drupal require urgent patching.

Threatintelligence,structured &prioritized.

GitHub, npm, and Drupal under attack: supply-chain threats and active CVE exploitation

Critical vulnerabilities

Daily briefings

GitHub, npm, and Drupal under attack: supply-chain threats and active CVE exploitation

GitHub supply-chain attack, Drupal RCE, AWS GovCloud credential leak

Critical RCEs: Microsoft Defender, Linux kernel, Cisco Workload; Showboat targets telcos

GitHub breach, SonicWall VPN MFA bypass, Drupal critical flaw demand patching

Explore by Threat Type

Sector Heatmap

Security Tools Directory

How It Works

We monitor

We analyze

You act

Get the Daily Briefing in Your Inbox

Threat
intelligence,
structured &
prioritized.