Underminr Flaw Lets Attackers Hide C2 Traffic on 88M Domains
May 25, 2026
Researcher David Redekop of ADAMnetworks disclosed Underminr, a CDN flaw affecting 88 million domains that routes C2 traffic through trusted
Network Security
Underminr Flaw Lets Attackers Hide C2 Traffic on 88M Domains
Researcher David Redekop of ADAMnetworks disclosed Underminr, a CDN flaw affecting 88 million domains that routes C2 traffic through trusted hostnames.
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
A CVSS 10.0 flaw in the LiteSpeed cPanel plugin lets any authenticated user execute arbitrary scripts as root, compromising all tenants on a shared host.
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
Dutch FIOD agents seized 800 servers and arrested two at Stark Industries successor WorkTitans for violating EU sanctions tied to Russian cyber operations.
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Ubiquiti patched three max-severity UniFi OS flaws enabling RCE and unauthorized file access across approximately 100,000 internet-exposed endpoints worldwide.
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
Wireshark 4.6.6 patches two dissector flaws — a ROHC crash bug and MACsec buffer overflow — that could let attackers crash analyst monitoring sessions.
Operation Dragon Whistle Uses VS Code Tunnels as C2
Operation Dragon Whistle abuses Visual Studio Code Remote Tunnels as a C2 channel, targeting Pakistani surveillance infrastructure and a Chinese university.
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
CVE-2026-20223 lets unauthenticated remote attackers gain full Site Admin access to Cisco Secure Workload; no credentials or user interaction are required.
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
FortiGuard found P2PInfect enrolled enterprise GKE Kubernetes clusters for six months undetected via exposed Redis instances and a 2022 CVSS 10.0 flaw.
Webworm APT Uses Discord and OneDrive as C2 in Government Espionage
Webworm, a China-aligned APT, deployed EchoCreep and GraphWorm backdoors that abuse Discord and Microsoft OneDrive as C2 channels against government targets.
Huawei Zero-Day Caused Luxembourg’s 3-Hour National Telecom Blackout
A zero-day in Huawei routers crashed Luxembourg's national telecom in July 2025 for three hours, cutting emergency services, with no CVE and no confirmed patch.
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
May 25, 2026
A CVSS 10.0 flaw in the LiteSpeed cPanel plugin lets any authenticated user execute arbitrary scripts as root, compromising all
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
May 25, 2026
Dutch FIOD agents seized 800 servers and arrested two at Stark Industries successor WorkTitans for violating EU sanctions tied to
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
May 25, 2026
Ubiquiti patched three max-severity UniFi OS flaws enabling RCE and unauthorized file access across approximately 100,000 internet-exposed endpoints worldwide.
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
May 25, 2026
Wireshark 4.6.6 patches two dissector flaws — a ROHC crash bug and MACsec buffer overflow — that could let attackers
Operation Dragon Whistle Uses VS Code Tunnels as C2
May 22, 2026
Operation Dragon Whistle abuses Visual Studio Code Remote Tunnels as a C2 channel, targeting Pakistani surveillance infrastructure and a Chinese
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
May 22, 2026
CVE-2026-20223 lets unauthenticated remote attackers gain full Site Admin access to Cisco Secure Workload; no credentials or user interaction are
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
May 22, 2026
FortiGuard found P2PInfect enrolled enterprise GKE Kubernetes clusters for six months undetected via exposed Redis instances and a 2022 CVSS
Webworm APT Uses Discord and OneDrive as C2 in Government Espionage
May 21, 2026
Webworm, a China-aligned APT, deployed EchoCreep and GraphWorm backdoors that abuse Discord and Microsoft OneDrive as C2 channels against government
Huawei Zero-Day Caused Luxembourg’s 3-Hour National Telecom Blackout
May 21, 2026
A zero-day in Huawei routers crashed Luxembourg’s national telecom in July 2025 for three hours, cutting emergency services, with no
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.