LIVE FEED

CRITICAL — LiteSpeed cPanel Plugin CVE-2026-48172 (CVSS 10.0) actively exploited for root RCE◆HIGH — Supply-chain attack hits Laravel-Lang PHP packages via GitHub; credential stealer injected◆CRITICAL — CISA contractor exposed AWS GovCloud credentials on public GitHub repository◆HIGH — Ghost CMS SQL injection (CVE-2026-26980) exploited in widespread ClickFix campaign◆HIGH — Kimwolf botnet operator arrested; million-device IoT botnet disrupted◆CRITICAL: GitHub AWS GovCloud credentials leaked by CISA contractor; lawmakers demand answers [11,13]◆HIGH: Drupal CVE-2026-9082 actively exploited; thousands of sites under attack [27]◆HIGH: Laravel-Lang packages compromised for credential theft; supply-chain attack via GitHub tags [4,6]◆CRITICAL — LiteSpeed cPanel Plugin CVE-2026-48172 (CVSS 10.0) actively exploited for root RCE◆HIGH — Supply-chain attack hits Laravel-Lang PHP packages via GitHub; credential stealer injected◆CRITICAL — CISA contractor exposed AWS GovCloud credentials on public GitHub repository◆HIGH — Ghost CMS SQL injection (CVE-2026-26980) exploited in widespread ClickFix campaign◆HIGH — Kimwolf botnet operator arrested; million-device IoT botnet disrupted◆CRITICAL: GitHub AWS GovCloud credentials leaked by CISA contractor; lawmakers demand answers [11,13]◆HIGH: Drupal CVE-2026-9082 actively exploited; thousands of sites under attack [27]◆HIGH: Laravel-Lang packages compromised for credential theft; supply-chain attack via GitHub tags [4,6]◆

UPDATED DAILY

AI-monitored threat intelligence

Threat
intelligence,
structured &
prioritized.

AI-generated daily briefings and vulnerability analysis for security teams who need signal, not noise.

Read Today’s Briefing → Subscribe Free

● HIGH/ MAY 25, 2026TODAY’S BRIEFING — #068

GitHub npm supply chain attacks, LiteSpeed RCE, CISA credentials exposed

Supply-chain attacks hit npm and Composer ecosystems; LiteSpeed cPanel CVE-2026-48172 actively exploited; CISA contractor exposed AWS GovCloud credentials on GitHub.

CVE-2026-48172LiteSpeed User-End cPanel Plugin — Incorrect privilege assignment; remote code execution as root; actively exploited in the wild CVE-2026-26980Ghost CMS — SQL injection; actively exploited in large-scale ClickFix phishing campaign

Read the full briefing →

68 briefings published

9 vuln reports

59 tools indexed

$0 for security teams

LIVE — THIS WEEK

Critical vulnerabilities

Full report →

CVE	Product	CVSS	Exploited	Patch
CVE-2026-42156	Funnel Builder WordPress Plugin	9.3	in wild	✓ available
CVE-2026-42945	NGINX Open Source & NGINX Plus	9.2	in wild	✓ available
CVE-2026-43521	Cisco SD-WAN Systems	9.1	in wild	✓ available
CVE-2026-42139	Siemens gWAP (gPROMS Web Applications Publisher)	8.9	—	✓ available
CVE-2026-41289	Universal Robots Polyscope 5	8.8	—	✓ available

KEV = listed in CISA catalog · IN WILD = active exploitation reported

LATEST INTELLIGENCE

Daily briefings

View all 68 briefings →

● HighMay 25, 2026

GitHub npm supply chain attacks, LiteSpeed RCE, CISA credentials exposed

Supply-chain attacks hit npm and Composer ecosystems; LiteSpeed cPanel CVE-2026-48172 actively exploited; CISA contractor exposed AWS GovCloud credentials on GitHub.

Supply ChainVuln ExploitData BreachCredential TheftTechnologyGovernment

● HighMay 24, 2026

GitHub, npm, and Drupal under attack: supply-chain threats and active CVE exploitation

Multiple supply-chain attacks targeting Laravel-Lang and Packagist packages, active exploitation of Drupal CVE-2026-9082, and critical CISA AWS credential leak on GitHub.

Supply ChainVuln ExploitZero-DayCredential TheftTechnologyEducationGovernment

● HighMay 23, 2026

GitHub supply-chain attack, Drupal RCE, AWS GovCloud credential leak

GitHub campaign injects malware into 5,561 repos; Drupal SQL injection actively exploited; CISA contractor exposes AWS GovCloud credentials.

Supply ChainVuln ExploitCredential TheftDDoSTechnologyGovernmentFinance

● HighMay 22, 2026

Critical RCEs: Microsoft Defender, Linux kernel, Cisco Workload; Showboat targets telcos

Microsoft Defender vulnerabilities actively exploited; 9-year-old Linux kernel flaw enables root execution; Cisco Workload max-severity RCE patched; Showboat malware targets telcos across Middle East and Central Asia.

Threatintelligence,structured &prioritized.

GitHub npm supply chain attacks, LiteSpeed RCE, CISA credentials exposed

Critical vulnerabilities

Daily briefings

GitHub npm supply chain attacks, LiteSpeed RCE, CISA credentials exposed

GitHub, npm, and Drupal under attack: supply-chain threats and active CVE exploitation

GitHub supply-chain attack, Drupal RCE, AWS GovCloud credential leak

Critical RCEs: Microsoft Defender, Linux kernel, Cisco Workload; Showboat targets telcos

Explore by Threat Type

Sector Heatmap

Security Tools Directory

How It Works

We monitor

We analyze

You act

Get the Daily Briefing in Your Inbox

Threat
intelligence,
structured &
prioritized.