category_news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	THN:0ACE1F8B00A...	Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts_THN:0ACE1F8B00AC011E78CEF054F3071566 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR5AZVDVlhPdPOYO4FsyfLsBmtohzgdjmh688BLU6VRpwi-MaKq4XYgE5-ygnQtcUDMKcR8R4-f9IrfiSFpC...	N/A	N/A	Jun 1, 2026	THN
NONE	MALWAREBYTES:6A...	A week in security (May 25 – May 31)_MALWAREBYTES:6A9909117A40839DDF1FB9CA7FEAD1BA Last week on Malwarebytes Labs: * Payment apps are watching what you say (Lock and Code S07E11) * Scammers pretending to be Microsoft had help...	N/A	N/A	Jun 1, 2026	MALWAREBYTES
NONE	MALWAREBYTES:C7...	Payment apps are watching what you say (Lock and Code S07E11)_MALWAREBYTES:C7ED59B949BA4151B85162D066563424 _This week on the Lock and Code podcast …_ In the United States today, you can have your bank account closed, your credit cards cancelled, and you...	N/A	N/A	Jun 1, 2026	MALWAREBYTES
NONE	H1:3769293	curl: Low priority HSTS bypass in curl_easy_duphandle()_H1:3769293 ## Summary: curl_easy_duphandle() creates a fresh HSTS store for the cloned handle and populates it from the configured files and callbacks, but n...	N/A	N/A	May 29, 2026	HACKERONE
NONE	HACKREAD:4D8CE6...	27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens_HACKREAD:4D8CE66CA7D4D8C25A00C5F9D69F75A9 A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeove...	N/A	N/A	May 31, 2026	HACKREAD
NONE	THN:CCBAEA4196D...	Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices_THN:CCBAEA4196DBC082BB67891C52B61960 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU44Ejz__EFKfpIrEypTxhK3KW7XV3oiEIJEWAC-_PyhbhUvOZzmv3SCAmiuGZdFNdzYIDR2GLwOAhX9nIaA...	N/A	N/A	May 31, 2026	THN
NONE	HACKREAD:94401D...	Fake Anthropic Sites Deliver Fileless Infostealer to Claude Code Users_HACKREAD:94401DAAEBDB4958EC2039048550655B Fake Anthropic websites are being used to target Claude Code users with a fileless infostealer campaign that steals browser credentials and evades ...	N/A	N/A	May 30, 2026	HACKREAD
NONE	WIRED:BAEB0AC16...	Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow_WIRED:BAEB0AC168BB85F580DD445421CFD6D8 Plus: A ransomware group is now stealing data in person, BusPatrol wants to hand its license plate surveillance data to the cops, and more.	N/A	N/A	May 30, 2026	WIRED
CRITICAL 9.1	THN:5420E058363...	PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation_THN:5420E05836399B582D9F84504D254736 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkaW0i4ALAlpWQ_cOjfhoqUlNgMlZysJA6ay0qPViGI_KxEEG-Hh0KdtWLqBXDH42ZBGSONs0ZJuzOqdRF7v...	N/A	N/A	May 30, 2026	THN
NONE	MSSECURE:3C5DF3...	Malicious npm packages abuse dependency confusion to profile developer environments_MSSECURE:3C5DF3D0AA26613EA1FD65DED6D3D94F In this article 1. Attack chain overview 2. Threat actor attribution 3. Mitigation and protection guidance 4. Indicators of Compromise (IO...	N/A	N/A	May 30, 2026	MSSECURE