Ghostwire — Trending Cybersecurity Threats
What the cybersecurity community is reporting right now.
Feed
Vulnerabilities
Trending
Daily Briefing
The New Economics of Cyber Risk
Reported by 12 sources : Google News · WSJ Cyber, Infosecurity Magazine, New Zealand NCSC via Google News, DoublePulsar, Huntress
economic cyb risk
Microsoft Patches SharePoint Remote Code Execution Bug
Reported by 8 sources : Google News · Vulnerabilities, The Hacker News, GBHackers, Exploit-DB, Zero Day Initiative
microsoft patch sharepoint remote code execu bug
Microsoft Edge Multiple Vulnerabilities
Reported by 8 sources : Google News · Vulnerabilities, Canadian Cyber Centre, Malwarebytes Labs, Cisco Talos Blog, Zero Day Initiative
microsoft edge multiple vulnerabil
Opportunities for AI in cyber defence - Cyber.gov
Reported by 7 sources : ASD ACSC via Google News, NATO CCDCOE via Google News, RUSI via Google News, UK NCSC, New Zealand NCSC via Google News
opportun cyb def cybergov
Microsoft SharePoint Server Flaw Enables Remote Code Execution Attacks
Reported by 7 sources : GBHackers, The Hacker News, Exploit-DB, Zero Day Initiative, DIVD CSIRT
microsoft sharepoint serv flaw enabl remote code execu
Hackers Compromised 34 Packages in npm, PyPI, and Crates in New Supply Chain Attack
Reported by 7 sources : Google News · Supply Chain, The Hacker News, Snyk, The Register, Infosecurity Magazine
hacker compromis packag npm pypi crat sup chain
【漏洞通告】Palo Alto Networks PAN-OS身份验证绕过漏洞(CVE-2025-0108)
Reported by 6 sources : NSFOCUS, Codeby, Rapid7, Rapid7 Cybersecurity Blog , DIVD CSIRT
palo alto network panoscve20250108
Qatar strengthens critical infrastructure security with ‘Cyber Shield’ initiative
Reported by 6 sources : Google News · Critical Infrastructure, Infosecurity Magazine, CSIS via Google News, NSA via Google News, Snyk
qatar strengthen critic infrastructure secur cyb shield initiat
nginx-poolslip Flaw Enables DoS and Remote Code Execution
Reported by 6 sources : CyberPress, GBHackers, The Hacker News, Zero Day Initiative, Exploit-DB
nginxpoolslip flaw enabl dos remote code execu
Active Exploitation Alert: Laravel Lang PHP Packages Compromised in Supply Chain Attack to Deploy Credential-Stealing Malware
Reported by 6 sources : Google News · APT Groups, BleepingComputer, The Hacker News, Xianzhi, Infosecurity Magazine
act exploita alert laravel lang php packag compromis
25th May – Threat Intelligence Report
Reported by 6 sources : Check Point Research, AhnLab ASEC, Dark Reading, Recorded Future, WeLiveSecurity
25th threat intellig report
CVE-2026-8680 - Apache HTTP Server Remote Code Execution
Reported by 6 sources : CVE Feed, GBHackers, Exploit-DB, Zero Day Initiative, CERT/CC
cve20268680 apache http serv remote code execu
Drupal bug added to CISA list of known exploited vulnerabilities | news | SC Media
Reported by 6 sources : Google News · SC World, CISA Advisories, BleepingComputer, The Hacker News, S2W Talon
drup bug ad cisa list known exploit vulnerabil
Well-architected best practices for software supply chain security
Reported by 6 sources : AWS Security, Huntress, Infosecurity Magazine, GitHub Security, Risky Business
wellarchitect best practic software sup chain secur
TrapDoor Supply Chain Attack Actively Exploiting npm, PyPI, and CratesIO to Steal Developer Credentials in Crypto, DeFi, Solana, and AI Sectors
Reported by 6 sources : Google News · APT Groups, The Hacker News, Infosecurity Magazine, Huntress, Snyk
trapdo sup chain attack active exploit npm pypi
Ubuntu security advisory (AV26-505)
Reported by 6 sources : Canadian Cyber Centre, Singapore CSA via Google News, New Zealand NCSC via Google News, Snyk, NSA via Google News
ubuntu secur advisory av26505
Roundcube security advisory (AV26-503)
Reported by 6 sources : Canadian Cyber Centre, Singapore CSA via Google News, New Zealand NCSC via Google News, Snyk, NSA via Google News
roundcube secur advisory av26503
Angular Language Service Flaws Enable Remote Code Execution
Reported by 6 sources : CyberPress, GBHackers, Exploit-DB, Zero Day Initiative, DIVD CSIRT
angular language service flaw en remote code execu
GitHub Hacker Claims Security Breach Involved About 4,000 Internal Repositories, Takes Bids on Stolen Data
Reported by 6 sources : Google News · CPO Magazine, Google News · Healthcare Security, The Hacker News, Dark Reading, Infosecurity Magazine
github hack claim secur breach involv 4000 intern
FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens
Reported by 6 sources : Graham Cluley, BleepingComputer, Infosecurity Magazine, CyberScoop, The Record
fbi warn kali365 phish kit hijack microsoft 365
Critical Vulnerability in LiteSpeed User-End cPanel Plugin - Cyber Security Agency of Singapore
Reported by 5 sources : Singapore CSA via Google News, New Zealand NCSC via Google News, Huntress, Snyk, German BSI via Google News
critic vulnerabil litespe userend cpanel plugin cyb secur
Will AI driven Security Applications wipe businesses of Cybersecurity firms
Reported by 5 sources : Google News · AI Security, Infosecurity Magazine, Snyk, Huntress, Xinhua Cyber via Google News
driven secur application wipe busines cybersecur firm
Carnival class action claims cruise line failed to notify customers of data breach
Reported by 5 sources : Google News · Data Breach, Google News · Healthcare Security, Infosecurity Magazine, Have I Been Pwned latest breaches, WeLiveSecurity
carniv clas ac claim cruise line fail notify
CVE-2026-24937 - WordPress Broadcast Live Video plugin < 7.1.3 - Remote Code Execution (RCE) vulnerability
Reported by 5 sources : CVE Feed, CIS Advisories, Exploit-DB, Zero Day Initiative, Snyk
cve202624937 wordpres broadcast live video plugin 713 remote
CVE-2026-8453 - Apache HTTP Server Cross-Site Request Forgery
Reported by 5 sources : CVE Feed, Exploit-DB, CERT Sweden, Zero Day Initiative, IPA Japan
cve20268453 apache http serv crosssite request forgery
CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks
Reported by 5 sources : GBHackers, The Hacker News, Belgium CCB via Google News, Zero Day Initiative, Snyk
cisa warn drup core sql injec vulnerabil exploit
Anthropic’s restricted Claude Mythos model may be coming to Claude Code
Reported by 5 sources : BleepingComputer, FreeBuf, Snyk, WeLiveSecurity BR, The Register
anthropic restrict claude mytho model com claude code
NCSA flags heightened cyber threat to critical systems over Eid
Reported by 5 sources : Google News · Critical Infrastructure, New Zealand NCSC via Google News, Saudi NCA via Google News, ASD ACSC via Google News, Huntress
ncsa flag heighten cyb threat critic system eid
Week 15 – 2026
Reported by 5 sources : This Week in 4n6, AhnLab ASEC, NIST Cyber, Cloudflare Blog, WeLiveSecurity
week 2026
AI Threat Landscape Digest March-April 2026
Reported by 5 sources : Check Point Research, Rapid7, Recorded Future, CrowdStrike, Huntress
threat landscape digest marchapril 2026
CVE-2026-4372 - Arbitrary Remote Code Execution via `_attn_implementation_internal` Config Injection in huggingface/transformers
Reported by 5 sources : CVE Feed, Zero Day Initiative, Exploit-DB, DIVD CSIRT, Huntress
cve20264372 arbitrary remote code execu attnimplementationintern config injec
Iranian hackers responsible for Los Angeles transit system breach, Israeli researchers say
Reported by 4 sources : Reuters Cyber via Google News, Google News · Reuters Cyber, Google News · Middle East Cyber, TechCrunch
iranian hacker respons los angel transit system breach
Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects
Reported by 4 sources : SecurityWeek, Security Affairs, Cloudflare Blog, Snyk
anthropic mytho detect 2300 potenti vulnerabil acros 1000
CVE-2026-48999 - Stored Cross-Site Scripting (XSS) vulnerability in ZTE ZXUniPOS NDS-LTE product
Reported by 4 sources : CVE Feed, CERT Poland, JVNDB, Snyk
cve20264899 stor crosssite script xss vulnerabil zte zxunipo
Ghost CMS Vulnerability Exploited to Hack Over 700 Websites
Reported by 4 sources : SecurityWeek, Securelist, JVNDB, Snyk
ghost cms vulnerabil exploit hack 700 websit
[webapps] Grav CMS 2.0.0-beta.2 - Remote Code Execution
Reported by 4 sources : Exploit-DB, Zero Day Initiative, DIVD CSIRT, Snyk
webap grav cms 200beta2 remote code execu
CVE-2026-9207 - Command Injection in Connect Allows Privilege Escalation on Windows Tanium Module Server
Reported by 4 sources : CVE Feed, Exploit-DB, Zero Day Initiative, JVNDB
cve20269207 command injec connect allow privilege escala window
Атака Megalodon затронула более 5500 репозиториев на GitHub
Reported by 4 sources : Xakep, The Register, HackRead, The Hacker News
megalodon 5500 github
CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day
Reported by 4 sources : SecurityWeek, Belgium CCB via Google News, The Hacker News, Infosecurity Magazine
cisa urg immediate patch exploit litespe cpanel plugin
CISO Diaries: Jason Scanlon on Security Culture, Leadership, and the Human Side of Cybersecurity
Reported by 4 sources : CISO Whisperer, Microsoft Security, Huntress, Snyk
ciso diary jason scanlon secur culture leadership human
Lessons for organizations from the Verizon 2026 Data Breach Investigations Report
Reported by 4 sources : Help Net Security, Reuters Cyber via Google News, AhnLab ASEC, Huntress
lesson organization verizon 2026 data breach investigation report
Kali365 Phishing Kit Hijacks Microsoft 365 Access
Reported by 4 sources : Google News · Phishing, The Record, Microsoft MSTIC via Google News, Huntress
kali365 phish kit hijack microsoft 365 acces
Critical Active Exploitation Alert: CVE-2026-48172 in LiteSpeed cPanel Plugin Enables Root Privilege Escalation
Reported by 4 sources : Google News · Vulnerabilities, The Hacker News, ASD ACSC via Google News, Huntress
critic act exploita alert cve202648172 litespe cpanel plugin
Rejected but Rewarded — What a GraphQL Misconfiguration Taught Me About Bug Bounty Triage.
Reported by 4 sources : InfoSec Write-ups, Codeby, The Register, Huntress
reject reward graphql misconfigura taught bug bounty triage
Multiple 7-Zip Vulnerabilities Enable Arbitrary Code Execution
Reported by 4 sources : GBHackers, Zero Day Initiative, Exploit-DB, DIVD CSIRT
multiple 7zip vulnerabil en arbitrary code execu
CVE-2026-9476 - Totolink A8000RU Web Management cstecgi.cgi setPasswordCfg os command injection
Reported by 4 sources : CVE Feed, JVNDB, Snyk, Chocapikk's Cybersecurity Blog
cve20269476 totolink a8000ru web manage cstecgicgi setpasswordcfg command
CVE-2026-6059 - Aterm Cross-Site Scripting (XSS) Vulnerability
Reported by 4 sources : CVE Feed, Exploit-DB, Zero Day Initiative, Snyk
cve20266059 aterm crosssite script xss vulnerabil
UK spy chief warns Russia cyber threats could overwhelm Britain and allies
Reported by 4 sources : Google News · China Cyber, Reuters Cyber via Google News, Google News · Bloomberg Cyber, New Zealand NCSC via Google News
spy chief warn russia cyb threat overwhelm britain
Reduce supply chain risk with SBOM-based dependency scanning
Reported by 4 sources : GitLab, WeLiveSecurity, Risky Business, Snyk
reduce sup chain risk sbombas dependency scan
Kali365 Microsoft 365 phishing: FBI warns of OAuth token theft
Reported by 4 sources : Google News · Phishing, BleepingComputer, Infosecurity Magazine, The Record
kali365 microsoft 365 phish fbi warn oauth token