category_news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	H1:3769293	curl: Low priority HSTS bypass in curl_easy_duphandle()_H1:3769293 ## Summary: curl_easy_duphandle() creates a fresh HSTS store for the cloned handle and populates it from the configured files and callbacks, but n...	N/A	N/A	May 29, 2026	HACKERONE
NONE	HACKREAD:4D8CE6...	27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens_HACKREAD:4D8CE66CA7D4D8C25A00C5F9D69F75A9 A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeove...	N/A	N/A	May 31, 2026	HACKREAD
NONE	THN:CCBAEA4196D...	Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices_THN:CCBAEA4196DBC082BB67891C52B61960 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU44Ejz__EFKfpIrEypTxhK3KW7XV3oiEIJEWAC-_PyhbhUvOZzmv3SCAmiuGZdFNdzYIDR2GLwOAhX9nIaA...	N/A	N/A	May 31, 2026	THN
NONE	HACKREAD:94401D...	Fake Anthropic Sites Deliver Fileless Infostealer to Claude Code Users_HACKREAD:94401DAAEBDB4958EC2039048550655B Fake Anthropic websites are being used to target Claude Code users with a fileless infostealer campaign that steals browser credentials and evades ...	N/A	N/A	May 30, 2026	HACKREAD
NONE	WIRED:BAEB0AC16...	Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow_WIRED:BAEB0AC168BB85F580DD445421CFD6D8 Plus: A ransomware group is now stealing data in person, BusPatrol wants to hand its license plate surveillance data to the cops, and more.	N/A	N/A	May 30, 2026	WIRED
CRITICAL 9.1	THN:5420E058363...	PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation_THN:5420E05836399B582D9F84504D254736 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkaW0i4ALAlpWQ_cOjfhoqUlNgMlZysJA6ay0qPViGI_KxEEG-Hh0KdtWLqBXDH42ZBGSONs0ZJuzOqdRF7v...	N/A	N/A	May 30, 2026	THN
NONE	MSSECURE:3C5DF3...	Malicious npm packages abuse dependency confusion to profile developer environments_MSSECURE:3C5DF3D0AA26613EA1FD65DED6D3D94F In this article 1. Attack chain overview 2. Threat actor attribution 3. Mitigation and protection guidance 4. Indicators of Compromise (IO...	N/A	N/A	May 30, 2026	MSSECURE
HIGH 7.8	AVLEONOV:DC2C56...	About Elevation of Privilege – Linux Kernel “Fragnesia” (CVE-2026-46300) vulnerability_AVLEONOV:DC2C567BE0A660C930F16FF6A180612B ![About Elevation of Privilege - Linux Kernel Fragnesia \(CVE-2026-46300\) vulnerability](https://avleonov.com/wp-content/uploads/2026/05/photo_i06...	N/A	N/A	May 28, 2026	AVLEONOV
NONE	WIRED:E3AFEEA08...	The White House’s Aliens.gov Site Brags That ICE Arrested More Than 700 US Citizens_WIRED:E3AFEEA08ACC038C3CB08703E115A94D The website, which compares human beings to extraterrestrials, touts arrest numbers from the Trump administration’s sweeping immigration crackdown....	N/A	N/A	May 29, 2026	WIRED
NONE	SCHNEIER:AB790A...	Friday Squid Blogging: Another Squid_SCHNEIER:AB790AACA9160C4160BA05434A27E6FA Someone named "Squid" seems to be a "West Country legend." As usual, you can also use this squid post to talk about the security stories in the ne...	N/A	N/A	May 29, 2026	SCHNEIER