ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
May 25, 2026
ShinyHunters listed Charter Communications with 42 million claimed records and a May 27 dump deadline; Charter confirmed an investigation with
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
ShinyHunters listed Charter Communications with 42 million claimed records and a May 27 dump deadline; Charter confirmed an investigation with authorities.
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
Dutch FIOD agents seized 800 servers and arrested two at Stark Industries successor WorkTitans for violating EU sanctions tied to Russian cyber operations.
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Baker Distributing Company was added to ShinyHunters' Salesforce extortion campaign with 260,000 CRM records exposed and a May 27 public leak deadline.
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Ubiquiti patched three max-severity UniFi OS flaws enabling RCE and unauthorized file access across approximately 100,000 internet-exposed endpoints worldwide.
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Security researcher Louis found that Trump Mobile's HTTP POST API returned 27,000 customer records without any authorization check during the T1 phone launch.
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Mysk researchers found WhatsApp stores chat history unencrypted in a file accessible to Facebook and Instagram on iOS and macOS without user permission.
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
Wireshark 4.6.6 patches two dissector flaws — a ROHC crash bug and MACsec buffer overflow — that could let attackers crash analyst monitoring sessions.
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
The FBI warns Kali365, a PhaaS platform on Telegram, exploits Microsoft device code authentication to bypass MFA entirely and capture persistent OAuth tokens.
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Lenovo BootRepair.sys exposes IOCTL 0x222014, letting unprivileged BYOVD attackers terminate CrowdStrike Falcon at kernel level with no administrative rights.
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
Splunk CVE-2026-20239 writes active session cookies to the _internal index in plaintext, exposing analyst tokens to any user or process reading that index.
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
May 25, 2026
Dutch FIOD agents seized 800 servers and arrested two at Stark Industries successor WorkTitans for violating EU sanctions tied to
ShinyHunters Claims 260K Baker Distributing Salesforce Records
May 25, 2026
Baker Distributing Company was added to ShinyHunters’ Salesforce extortion campaign with 260,000 CRM records exposed and a May 27 public
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
May 25, 2026
Ubiquiti patched three max-severity UniFi OS flaws enabling RCE and unauthorized file access across approximately 100,000 internet-exposed endpoints worldwide.
Trump Mobile Exposes 27,000 Customer Records via Insecure API
May 25, 2026
Security researcher Louis found that Trump Mobile’s HTTP POST API returned 27,000 customer records without any authorization check during the
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
May 25, 2026
Mysk researchers found WhatsApp stores chat history unencrypted in a file accessible to Facebook and Instagram on iOS and macOS
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
May 25, 2026
Wireshark 4.6.6 patches two dissector flaws — a ROHC crash bug and MACsec buffer overflow — that could let attackers
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
May 22, 2026
The FBI warns Kali365, a PhaaS platform on Telegram, exploits Microsoft device code authentication to bypass MFA entirely and capture
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
May 22, 2026
Lenovo BootRepair.sys exposes IOCTL 0x222014, letting unprivileged BYOVD attackers terminate CrowdStrike Falcon at kernel level with no administrative rights.
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
May 22, 2026
Splunk CVE-2026-20239 writes active session cookies to the _internal index in plaintext, exposing analyst tokens to any user or process
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.