Author Archives: Christian Yng

Webinar: What the Riskiest SOC Alerts Go Unanswered – and How Radiant Security Can Help

Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts....

12
May
Why Agentic AI Is Security’s Next Blind Spot

Agentic AI is already running in production environments across many organizations today. It is executing...

12
May
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the...

12
May
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement”...

12
May
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI)...

12
May
iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android

Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich...

12
May
TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to...

11
May
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed...

11
May
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit...

11
May
⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public...

11
May
10 questions to ask when using AI models to find vulnerabilities
May 11, 2026

Using Artificial Intelligence to find vulnerabilities can bring added security considerations....

Your Purple Team Isn’t Purple — It’s Just Red and Blue in the Same Room

Defending a network at 2 am looks a lot like this: an analyst copy-pasting a...

11
May
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

A malicious Hugging Face repository managed to take a spot in the platform’s trending list...

11
May
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could...

10
May
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM)...

09
May
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that’s capable of...

08
May
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads

Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that...

08
May
One Click, Total Shutdown: The “Patient Zero” Webinar on Killing Stealth Breaches

The hardest part of cybersecurity isn’t the technology, it’s the people. Every major breach you’ve...

08
May
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise

A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers’ systems to...

08
May
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk

The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice...

08
May
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that’s being advertised...

08
May
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
May 8, 2026

Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux...

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux...

08
May
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been...

07
May
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets...

07
May
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a...

07
May
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories

Bad week. Turns out the easiest way to get hacked in 2026 is still the...

07
May
Day Zero Readiness: The Operational Gaps That Break Incident Response

Having an incident response retainer, or even a pre-approved external incident response firm, is not...

07
May
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are...

07
May
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could...

07
May