{"error":null,"fallback":false,"headlines":[{"link":"https://www.darkreading.com/events/celebrate-20-years-of-dark-reading-name-that-toon-contest","links":["https://www.darkreading.com/events/celebrate-20-years-of-dark-reading-name-that-toon-contest"],"published":"2026-06-26T11:00:00+00:00","source":"Dark Reading","sources":["Dark Reading"],"summary_plain":null,"title":"Name That Toon Contest"},{"link":"https://www.darkreading.com/events/infosecurity-europe","links":["https://www.darkreading.com/events/infosecurity-europe"],"published":"2026-06-02T13:30:00+00:00","source":"Dark Reading","sources":["Dark Reading"],"summary_plain":null,"title":"[An RX Global Event] Infosecurity Europe"},{"link":"https://www.securityweek.com/charter-communications-data-breach-could-impact-nearly-5-million/","links":["https://www.securityweek.com/charter-communications-data-breach-could-impact-nearly-5-million/","https://www.theregister.com/cyber-crime/2026/05/29/shinyhunters-adds-charter-to-trophy-shelf-after-49m-customer-records-leak/5248281","https://www.bleepingcomputer.com/news/security/charter-communications-data-breach-affects-49-million-accounts/"],"published":"2026-05-29T14:49:58+00:00","source":"SecurityWeek","sources":["SecurityWeek","The Register: Security","BleepingComputer"],"summary_plain":"The notorious ShinyHunters extortion group leaked over 42 million records allegedly stolen from Charter in April. The post Charter Communications Data Breach Could Impact Nearly 5 Million appeared first on SecurityWeek .","title":"ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak"},{"link":"https://www.darkreading.com/cybersecurity-operations/asias-cyber-insurance-market-signs-of-life","links":["https://www.darkreading.com/cybersecurity-operations/asias-cyber-insurance-market-signs-of-life"],"published":"2026-05-29T14:35:33+00:00","source":"Dark Reading","sources":["Dark Reading"],"summary_plain":"The cyber insurance industry has made relatively weak inroads into Asia due to a a variety of factors, but that could be changing.","title":"Asia's Cyber Insurance Market Shows Signs of Life"},{"link":"https://www.securityweek.com/mokn-raises-15-million-for-phish-back-platform/","links":["https://www.securityweek.com/mokn-raises-15-million-for-phish-back-platform/"],"published":"2026-05-29T14:34:15+00:00","source":"SecurityWeek","sources":["SecurityWeek"],"summary_plain":"MokN's platform deploys realistic decoy access points to lure attackers into revealing compromised credentials, enabling organizations to respond before abuse occurs. The post MokN Raises $15 Million for Phish-Back Platform appeared first on SecurityWeek .","title":"MokN Raises $15 Million for Phish-Back Platform"},{"link":"https://www.bleepingcomputer.com/news/security/from-5-attacks-to-botnet-powered-platforms-inside-the-ddos-as-a-service-market/","links":["https://www.bleepingcomputer.com/news/security/from-5-attacks-to-botnet-powered-platforms-inside-the-ddos-as-a-service-market/"],"published":"2026-05-29T14:32:02+00:00","source":"BleepingComputer","sources":["BleepingComputer"],"summary_plain":"DDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare explores how the DDoS-as-a-Service market has evolved from scattered tools into polished attack platforms. [...]","title":"From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market"},{"link":"https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/","links":["https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/"],"published":"2026-05-29T14:26:36+00:00","source":"BleepingComputer","sources":["BleepingComputer"],"summary_plain":"Dutch authorities have taken offline a massive botnet of 17 million devices and seized more than 200 servers at a local provider that supported the operation. [...]","title":"Dutch govt disrupts malware botnet with 17 million infected devices"},{"link":"https://www.darkreading.com/vulnerabilities-threats/complex-cloud-integrations-small-errors-compromises","links":["https://www.darkreading.com/vulnerabilities-threats/complex-cloud-integrations-small-errors-compromises","https://thehackernews.com/2026/05/malicious-sicoob-nuget-steals-banking.html"],"published":"2026-05-29T13:00:01+00:00","source":"Dark Reading","sources":["Dark Reading","The Hacker News"],"summary_plain":"Researchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have compromised a popular automation service.","title":"Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets"},{"link":"https://www.theregister.com/security/2026/05/29/dutch-cops-liberate-17m-devices-from-botnets-clutches/5248312","links":["https://www.theregister.com/security/2026/05/29/dutch-cops-liberate-17m-devices-from-botnets-clutches/5248312","https://www.darkreading.com/cyber-risk/dutch-raid-russian-bulletproof-host"],"published":"2026-05-29T13:00:00+00:00","source":"The Register: Security","sources":["The Register: Security","Dark Reading"],"summary_plain":"Hosting provider pulled the plug after police traced 200 servers to the Netherlands","title":"Dutch cops wrest 17M devices from mystery botnet's clutches"},{"link":"https://www.securityweek.com/gogs-zero-day-exposes-servers-to-remote-code-execution/","links":["https://www.securityweek.com/gogs-zero-day-exposes-servers-to-remote-code-execution/","https://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html","https://www.bleepingcomputer.com/news/security/new-gogs-zero-day-flaw-lets-hackers-get-remote-code-execution/"],"published":"2026-05-29T12:59:37+00:00","source":"SecurityWeek","sources":["SecurityWeek","The Hacker News","BleepingComputer"],"summary_plain":"The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with malicious branch names. The post Gogs Zero-Day Exposes Servers to Remote Code Execution appeared first on SecurityWeek .","title":"Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code"},{"link":"https://www.bleepingcomputer.com/news/security/google-chrome-adds-session-cookie-theft-protection-for-all-users/","links":["https://www.bleepingcomputer.com/news/security/google-chrome-adds-session-cookie-theft-protection-for-all-users/"],"published":"2026-05-29T12:08:08+00:00","source":"BleepingComputer","sources":["BleepingComputer"],"summary_plain":"Google says the Chrome Device Bound Session Credentials (DBSC) security feature is now generally available and is rolling out to all users to prevent account takeovers. [...]","title":"Google Chrome adds session cookie theft protection for all users"},{"link":"https://www.theregister.com/research/2026/05/29/chatgpt-prompt-injection-turns-web-pages-into-phishing-lures/5248137","links":["https://www.theregister.com/research/2026/05/29/chatgpt-prompt-injection-turns-web-pages-into-phishing-lures/5248137"],"published":"2026-05-29T12:00:00+00:00","source":"The Register: Security","sources":["The Register: Security"],"summary_plain":"You and me go ChatGPhish-ing in the dark","title":"ChatGPT blindly trusts browser content, turning the page into a payload"},{"link":"https://www.darkreading.com/threat-intelligence/the-com-cyberattacks-violence-sexploitation","links":["https://www.darkreading.com/threat-intelligence/the-com-cyberattacks-violence-sexploitation"],"published":"2026-05-29T12:00:00+00:00","source":"Dark Reading","sources":["Dark Reading"],"summary_plain":"Your organization's security failures have consequences for everyone else too, since this neo-Nazi-infested criminal gang uses its cyber winnings to support more violent and widespread crimes.","title":"'The Com' Cyberattacks Support Violence & Sexploitation"},{"link":"https://www.theregister.com/research/2026/05/29/russia-linked-threat-group-put-chatgpt-to-work-from-lure-to-payload/5248368","links":["https://www.theregister.com/research/2026/05/29/russia-linked-threat-group-put-chatgpt-to-work-from-lure-to-payload/5248368","https://www.bleepingcomputer.com/news/security/greyvibe-hackers-use-chatgpt-gemini-to-power-cyberattacks/","https://www.securityweek.com/russia-linked-greyvibe-attackers-use-ai-to-supercharge-cyberattacks/"],"published":"2026-05-29T11:49:45+00:00","source":"The Register: Security","sources":["The Register: Security","BleepingComputer","SecurityWeek"],"summary_plain":"Researchers say 'GREYVIBE' crew used AI tools throughout a campaign targeting Ukrainian military and government","title":"Russia-Linked \u2018GreyVibe\u2019 Attackers Use AI to Supercharge Cyberattacks"},{"link":"https://thehackernews.com/2026/05/new-russian-linked-greyvibe-targets.html","links":["https://thehackernews.com/2026/05/new-russian-linked-greyvibe-targets.html"],"published":"2026-05-29T11:31:59+00:00","source":"The Hacker News","sources":["The Hacker News"],"summary_plain":"A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian time zone, with the activities aligning with Kremlin state interests, specifically when it comes to","title":"New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks"},{"link":"https://www.securityweek.com/california-sues-23andme-alleging-it-failed-to-protect-user-data-in-2023-breach/","links":["https://www.securityweek.com/california-sues-23andme-alleging-it-failed-to-protect-user-data-in-2023-breach/"],"published":"2026-05-29T11:12:15+00:00","source":"SecurityWeek","sources":["SecurityWeek"],"summary_plain":"Attorney General Rob Bonta filed the lawsuit against Chrome Holding Co., which 23andMe rebranded under after filing for bankruptcy last March. The post California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach appeared first on SecurityWeek .","title":"California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach"},{"link":"https://www.bleepingcomputer.com/news/security/man-sent-to-prison-for-selling-data-of-7-millions-elderly-americans/","links":["https://www.bleepingcomputer.com/news/security/man-sent-to-prison-for-selling-data-of-7-millions-elderly-americans/"],"published":"2026-05-29T11:07:07+00:00","source":"BleepingComputer","sources":["BleepingComputer"],"summary_plain":"A North Carolina man was sentenced to more than 10 years in prison for selling the personal information of over 7 million elderly Americans to Jamaican scammers. [...]","title":"Man sent to prison for selling data of 7 millions elderly Americans"},{"link":"https://www.schneier.com/blog/archives/2026/05/chilling-effects.html","links":["https://www.schneier.com/blog/archives/2026/05/chilling-effects.html"],"published":"2026-05-29T11:02:22+00:00","source":"Schneier on Security","sources":["Schneier on Security"],"summary_plain":"Younger Americans have soured on the second Donald Trump presidency , but they are not protesting it. Despite an unpopular Iran war and an even more unpopular Trump administration , college campus protests nationwide have gone silent . And at many schools, student activism is virtually nonexistent . This silence comes in the wake of a relentless Trump administration war on campus speech that has involved lawsuits , arrests , deportations and expulsions . Reports cite a range of complicated factors for the restraint, from apathy to technology-induced incapacity. But as ...","title":"Chilling Effects"},{"link":"https://thehackernews.com/2026/05/what-2000-exposed-vibe-coded-apps.html","links":["https://thehackernews.com/2026/05/what-2000-exposed-vibe-coded-apps.html"],"published":"2026-05-29T10:30:00+00:00","source":"The Hacker News","sources":["The Hacker News"],"summary_plain":"Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing them on the open internet. Without Security or IT in the loop. The artifact moved from a prompt to a product. The risk surface moved with it. In The Shadow Builders report (get it here), a","title":"What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks"},{"link":"https://www.securityweek.com/chrome-148-update-patches-151-vulnerabilities/","links":["https://www.securityweek.com/chrome-148-update-patches-151-vulnerabilities/"],"published":"2026-05-29T10:17:23+00:00","source":"SecurityWeek","sources":["SecurityWeek"],"summary_plain":"The browser update resolves critical-severity security defects that could potentially lead to remote code execution. The post Chrome 148 Update Patches 151 Vulnerabilities appeared first on SecurityWeek .","title":"Chrome 148 Update Patches 151 Vulnerabilities"},{"link":"https://www.bleepingcomputer.com/news/security/us-charges-google-security-engineer-with-polymarket-insider-trading/","links":["https://www.bleepingcomputer.com/news/security/us-charges-google-security-engineer-with-polymarket-insider-trading/"],"published":"2026-05-29T10:11:44+00:00","source":"BleepingComputer","sources":["BleepingComputer"],"summary_plain":"A Google security engineer was charged with insider trading after winning $1.2 million using confidential company data to place bets on the cryptocurrency-based Polymarket decentralized prediction market. [...]","title":"US charges Google security engineer with Polymarket insider trading"},{"link":"https://thehackernews.com/2026/05/kimsuky-deploys-httpspy-expands-arsenal.html","links":["https://thehackernews.com/2026/05/kimsuky-deploys-httpspy-expands-arsenal.html"],"published":"2026-05-29T05:57:41+00:00","source":"The Hacker News","sources":["The Hacker News"],"summary_plain":"The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026. \"Kimsuky employed a range of tailored social engineering tactics, such as spoofing security software installation pages and crafting a fake Webex meeting page that leveraged","title":"Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels"},{"link":"https://www.bleepingcomputer.com/news/artificial-intelligence/anthropic-confirms-claude-mythos-class-models-will-roll-out-to-the-public/","links":["https://www.bleepingcomputer.com/news/artificial-intelligence/anthropic-confirms-claude-mythos-class-models-will-roll-out-to-the-public/"],"published":"2026-05-29T00:21:03+00:00","source":"BleepingComputer","sources":["BleepingComputer"],"summary_plain":"Anthropic has confirmed that it plans to bring Mythos-class models to the general public after delaying the rollout due to security risks to public and private software. [...]","title":"Anthropic confirms Claude Mythos-class models will roll out to the public"},{"link":"https://www.theregister.com/security/2026/05/28/troops-phones-leaked-location-data-to-foreign-adversaries/5248108","links":["https://www.theregister.com/security/2026/05/28/troops-phones-leaked-location-data-to-foreign-adversaries/5248108"],"published":"2026-05-28T21:35:36+00:00","source":"The Register: Security","sources":["The Register: Security"],"summary_plain":"Lawmakers push DoD to tighten smartphone controls after adversaries exploited commercial tracking data","title":"Troops\u2019 phones gave away location data to foreign adversaries"},{"link":"https://www.bleepingcomputer.com/news/security/btmob-android-malware-service-generates-custom-phishing-payloads/","links":["https://www.bleepingcomputer.com/news/security/btmob-android-malware-service-generates-custom-phishing-payloads/"],"published":"2026-05-28T21:10:11+00:00","source":"BleepingComputer","sources":["BleepingComputer"],"summary_plain":"An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware payloads tailored to phishing lures. [...]","title":"BTMOB Android malware service generates custom phishing payloads"},{"link":"https://www.theregister.com/security/2026/05/28/microsoft-0-day-feud-escalates-as-researcher-threatens-another-windows-exploit-dump/5248085","links":["https://www.theregister.com/security/2026/05/28/microsoft-0-day-feud-escalates-as-researcher-threatens-another-windows-exploit-dump/5248085"],"published":"2026-05-28T20:19:09+00:00","source":"The Register: Security","sources":["The Register: Security"],"summary_plain":"Six 0-days, three under active exploitation, more to come on July 14?","title":"Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops"},{"link":"https://www.theregister.com/ai-ml/2026/05/28/snowflake-buys-natoma-to-help-freeze-out-rogue-agents/5248062","links":["https://www.theregister.com/ai-ml/2026/05/28/snowflake-buys-natoma-to-help-freeze-out-rogue-agents/5248062"],"published":"2026-05-28T19:52:47+00:00","source":"The Register: Security","sources":["The Register: Security"],"summary_plain":"It is the database titan\u2019s sixth acquisition announcement since June 2025","title":"Snowflake buys Natoma to help freeze out rogue agents"},{"link":"https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-fifa-websites-running-world-cup-fraud-schemes/","links":["https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-fifa-websites-running-world-cup-fraud-schemes/"],"published":"2026-05-28T19:08:10+00:00","source":"BleepingComputer","sources":["BleepingComputer"],"summary_plain":"The FBI is warning of fake websites impersonating FIFA ahead of the 2026 World Cup, to steal personal and financial information, sell fake tickets and hospitality packages, and push other fraud related to the event. [...]","title":"FBI warns of fake FIFA websites running World Cup fraud schemes"},{"link":"https://www.bleepingcomputer.com/news/security/hackers-exploit-forticlient-ems-flaw-to-push-infostealer-malware/","links":["https://www.bleepingcomputer.com/news/security/hackers-exploit-forticlient-ems-flaw-to-push-infostealer-malware/"],"published":"2026-05-28T17:25:43+00:00","source":"BleepingComputer","sources":["BleepingComputer"],"summary_plain":"Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. [...]","title":"Hackers exploit FortiClient EMS flaw to push infostealer malware"},{"link":"https://www.securityweek.com/geordie-raises-30-million-for-ai-security-and-governance-platform/","links":["https://www.securityweek.com/geordie-raises-30-million-for-ai-security-and-governance-platform/"],"published":"2026-05-28T17:07:16+00:00","source":"SecurityWeek","sources":["SecurityWeek"],"summary_plain":"The funding round was led by Balderton Capital, with additional support from Crosspoint Capital and previous investors General Catalyst and Ten Eleven Ventures. The post Geordie Raises $30 Million for AI Security and Governance Platform appeared first on SecurityWeek .","title":"Geordie Raises $30 Million for AI Security and Governance Platform"},{"link":"https://www.theregister.com/oses/2026/05/28/microsoft-tests-the-15-character-limit-of-windows-server-admins-patience/5247943","links":["https://www.theregister.com/oses/2026/05/28/microsoft-tests-the-15-character-limit-of-windows-server-admins-patience/5247943"],"published":"2026-05-28T16:30:00+00:00","source":"The Register: Security","sources":["The Register: Security"],"summary_plain":"May security update trips over hostnames of a very specific length","title":"Microsoft tests the 15-character limit of Windows Server admins' patience"},{"link":"https://www.darkreading.com/application-security/agentic-ai-risky","links":["https://www.darkreading.com/application-security/agentic-ai-risky"],"published":"2026-05-28T15:36:25+00:00","source":"Dark Reading","sources":["Dark Reading"],"summary_plain":"AI agents aren't black boxes \u2014 they're models interacting with software tools. The risk lies in their overlap.","title":"Agentic AI Isn't Risky; the Way Orgs Deploy It Is"},{"link":"https://thehackernews.com/2026/05/threat-actors-exploit-critical.html","links":["https://thehackernews.com/2026/05/threat-actors-exploit-critical.html","https://www.securityweek.com/critical-forticlient-ems-vulnerability-exploited-in-fresh-attacks/"],"published":"2026-05-28T15:26:04+00:00","source":"The Hacker News","sources":["The Hacker News","SecurityWeek"],"summary_plain":"Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver credential-stealing malware. \"The campaign abused trusted endpoint management infrastructure to deliver malware across managed endpoints,\" Arctic Wolf said. \"Threat actors disguised the credential stealer payload as a Fortinet endpoint","title":"Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer"}],"overview":{"by_source":[{"count":12,"name":"BleepingComputer"},{"count":8,"name":"SecurityWeek"},{"count":8,"name":"The Register: Security"},{"count":7,"name":"Dark Reading"},{"count":6,"name":"The Hacker News"},{"count":1,"name":"Schneier on Security"}],"earliest_local":"15:26","fallback":false,"feeds_configured":8,"latest_local":"11:00","sources_in_view":6,"total":33,"tz_label":"UTC","window_hours":24,"window_label":"Last 24 hours","window_since_local":"Thu May 28 \u00b7 15:10"},"patching_brief":{"empty":false,"entries":[{"cves":[],"link":"https://www.securityweek.com/gogs-zero-day-exposes-servers-to-remote-code-execution/","links":["https://www.securityweek.com/gogs-zero-day-exposes-servers-to-remote-code-execution/","https://thehackernews.com/2026/05/critical-gogs-rce-vulnerability-lets.html","https://www.bleepingcomputer.com/news/security/new-gogs-zero-day-flaw-lets-hackers-get-remote-code-execution/"],"outline":"The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with malicious branch names.","priority_score":18,"source":"SecurityWeek, The Hacker News, BleepingComputer","time_local":"12:59","title":"Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code"},{"cves":["CVE-2026-35616"],"link":"https://www.bleepingcomputer.com/news/security/hackers-exploit-forticlient-ems-flaw-to-push-infostealer-malware/","links":["https://www.bleepingcomputer.com/news/security/hackers-exploit-forticlient-ems-flaw-to-push-infostealer-malware/"],"outline":"Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. [...]","priority_score":16,"source":"BleepingComputer","time_local":"17:25","title":"Hackers exploit FortiClient EMS flaw to push infostealer malware"},{"cves":[],"link":"https://www.securityweek.com/chrome-148-update-patches-151-vulnerabilities/","links":["https://www.securityweek.com/chrome-148-update-patches-151-vulnerabilities/"],"outline":"The browser update resolves critical-severity security defects that could potentially lead to remote code execution. The post Chrome 148 Update Patches 151 Vulnerabilities appeared first on SecurityWeek .","priority_score":5,"source":"SecurityWeek","time_local":"10:17","title":"Chrome 148 Update Patches 151 Vulnerabilities"}],"intro":"CVEs, advisories, and patch-focused items from your current feed view \u2014 use for patch planning and change windows.","note":"Heuristic filter on headline + RSS summary (CVE patterns, vuln/patch language). Verify severity and applicability in your environment."},"soc_brief":{"empty":false,"intro":"High-signal items \u2014 worth prioritizing for SOC triage and manager awareness.","note":"Ranked using headline + RSS summary text (CVEs, incidents, vulns, ransomware, phishing, and related terms). Not a replacement for analyst judgment.","spotlight":[{"link":"https://www.securityweek.com/charter-communications-data-breach-could-impact-nearly-5-million/","links":["https://www.securityweek.com/charter-communications-data-breach-could-impact-nearly-5-million/","https://www.theregister.com/cyber-crime/2026/05/29/shinyhunters-adds-charter-to-trophy-shelf-after-49m-customer-records-leak/5248281","https://www.bleepingcomputer.com/news/security/charter-communications-data-breach-affects-49-million-accounts/"],"outline":"The notorious ShinyHunters extortion group leaked over 42 million records allegedly stolen from Charter in April. The post Charter Communications Data Breach Could Impact Nearly 5 Million appeared first on SecurityWeek .","priority_score":9,"source":"SecurityWeek, The Register: Security, BleepingComputer","themes":["Ransomware / extortion","Breach / leak"],"time_local":"14:49","title":"ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak"},{"link":"https://www.bleepingcomputer.com/news/security/from-5-attacks-to-botnet-powered-platforms-inside-the-ddos-as-a-service-market/","links":["https://www.bleepingcomputer.com/news/security/from-5-attacks-to-botnet-powered-platforms-inside-the-ddos-as-a-service-market/"],"outline":"DDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare explores how the DDoS-as-a-Service market has evolved from scattered tools into polished attack platforms.","priority_score":6,"source":"BleepingComputer","themes":["Malware / botnet","Availability / DDoS"],"time_local":"14:32","title":"From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market"},{"link":"https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/","links":["https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/"],"outline":"Dutch authorities have taken offline a massive botnet of 17 million devices and seized more than 200 servers at a local provider that supported the operation. [...]","priority_score":6,"source":"BleepingComputer","themes":["Malware / botnet"],"time_local":"14:26","title":"Dutch govt disrupts malware botnet with 17 million infected devices"},{"link":"https://thehackernews.com/2026/05/kimsuky-deploys-httpspy-expands-arsenal.html","links":["https://thehackernews.com/2026/05/kimsuky-deploys-httpspy-expands-arsenal.html"],"outline":"The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026.","priority_score":5,"source":"The Hacker News","themes":["Nation-state / APT"],"time_local":"05:57","title":"Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels"},{"link":"https://www.theregister.com/security/2026/05/29/dutch-cops-liberate-17m-devices-from-botnets-clutches/5248312","links":["https://www.theregister.com/security/2026/05/29/dutch-cops-liberate-17m-devices-from-botnets-clutches/5248312","https://www.darkreading.com/cyber-risk/dutch-raid-russian-bulletproof-host"],"outline":"Hosting provider pulled the plug after police traced 200 servers to the Netherlands","priority_score":3,"source":"The Register: Security, Dark Reading","themes":["Malware / botnet"],"time_local":"13:00","title":"Dutch cops wrest 17M devices from mystery botnet's clutches"},{"link":"https://www.bleepingcomputer.com/news/security/btmob-android-malware-service-generates-custom-phishing-payloads/","links":["https://www.bleepingcomputer.com/news/security/btmob-android-malware-service-generates-custom-phishing-payloads/"],"outline":"An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware payloads tailored to phishing lures. [...]","priority_score":3,"source":"BleepingComputer","themes":["Phishing / fraud","Malware / botnet"],"time_local":"21:10","title":"BTMOB Android malware service generates custom phishing payloads"}]}}