MUST READ

Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix

 | 

Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload

 | 

Discord adds end-to-end encryption to voice and video calls by default

 | 

PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch

 | 

Microsoft issues YellowKey mitigation, no patch yet

 | 

Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free 

 | 

A malicious VS code extension just breached GitHub 's internal repositories

 | 

DirtyDecrypt: PoC Released for yet another Linux flaw

 | 

Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash

 | 

Drupal is rolling out an emergency security update on May 20. You cannot miss it

 | 

Microsoft dismantled malware-signing network Fox Tempest

 | 

Poland shifts away from Signal following cyberattacks on officials’ accounts

 | 

Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

 | 

Shai-Hulud worm copycats emerge after source code leak

 | 

Grafana confirms GitHub token breach cybercrime group claims the attack

 | 

ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed

 | 

Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq

 | 

Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix

 | 

Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97

 | 

cURL

Pierluigi Paganini May 12, 2026
The world’s most “Dangerous” AI, Anthropic’s Mythos, found only one flaw in curl

Anthropic’s AI found five vulnerabilities in curl, but only one low-severity issue proved to be a real vulnerability. In April, Anthropic made considerable noise announcing Mythos, a new artificial intelligence model described as so effective at identifying vulnerabilities in code as to be, in the company’s own words, “dangerously good.” So good, in fact, that […]

Pierluigi Paganini November 29, 2016
An audit revealed dozen vulnerabilities in the cURL

Security experts who conducted an audit on cURL discovered nearly a dozen vulnerabilities that were patched in the last release. The cURL (read “see URL”) is an open source command line tool and library designed for transferring data through various protocols. The cURL is included in a wide range of applications, including networking devices, printers, smartphones, IoT devices […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix

Hacking / May 21, 2026

Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload

Security / May 21, 2026

Discord adds end-to-end encryption to voice and video calls by default

Security / May 21, 2026

PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch

Security / May 20, 2026

Microsoft issues YellowKey mitigation, no patch yet

Hacking / May 20, 2026