CISO Security Intel

20h ago

CISO Security Intel · 2026-05-27 Daily Digest

No significant updates today.

1d ago

US Executives Aided Microsoft Tech Support Scams

Former CEO and CSO of C.A. Cloud Attribution Ltd pleaded guilty to supplying phone infrastructure and coaching Indian scammers on evasion tactics.
-...

Scammers pretending to be Microsoft had help from US executives

malwarebytes.com

Scammers pretending to be Microsoft had help from US executives

1d ago

CISA KEV Form Crowdsources Exploitation Intel for Faster CISO Patching

CISA's new nomination form converts the KEV catalog from a trailing government list into a crowdsourced, high-velocity threat weapon by letting...

CISA Enhances Known Exploited Vulnerabilities Catalog to Include ...

1d ago·

hstoday.us

1d ago

BOLA Patterns Revealed in 100+ Bug Bounty Reports

An empirical study of 107 HackerOne disclosures classifies real-world Broken Object Level Authorization cases, confirming 78.5% as in-scope BOLA.
-...

An Empirical Taxonomy from 100+ Bug Bounty Disclosures

arxiv.org

An Empirical Taxonomy from 100+ Bug Bounty Disclosures

1d ago

Zero-Day Hits Japanese LMS, Delivers Cobalt Strike

A zero-day in Digital Knowledge KnowledgeDeliver (CVE-2026-5426) enabled unauthenticated RCE through hard-coded ASP.NET machine keys and ViewState...

Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike

scworld.com

Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike

1d ago

DockSec Bridges Container Remediation Gap with AI Fixes

DockSec tackles the persistent remediation gap in container security by correlating outputs from Trivy, Hadolint, and Docker Scout, then using an LLM...

Open Source DockSec Uses AI to Cut Through Vulnerability Noise in ...

securityweek.com

Open Source DockSec Uses AI to Cut Through Vulnerability Noise in ...

1d ago

AI Discovery Races Ahead, Leaving Supply Chains Exposed

AI tools like Anthropic's Mythos under Project Glasswing are uncovering 10,000+ high-severity vulnerabilities in weeks, but human patching lags...

1d ago

May 26 Emerging Threats: NGINX Exploit Hits Fast

NGINX CVE-2026-42945 moved from disclosure to active exploitation in just three days, despite patches being available.
FrostyNeighbor renewed...

1d ago

Jeremiah Grossman on Vulnerability Management Flaws

Jeremiah Grossman highlights why traditional vulnerability management remains broken despite decades of progress.

Only 1-2% of all CVEs have ever...

1d ago

Zero-Day Readiness: Prepare People, Processes, and Leadership

Zero-day attacks test human systems as much as tools, exposing weak approvals and rigid hierarchies.

Build human capability: Run cyber ranges and...

How to Build a Zero-Day Incident Response-Ready Team

seniorexecutive.com

How to Build a Zero-Day Incident Response-Ready Team

1d ago

Session Hijacking Bypasses MFA via Token Theft

Session hijacking now dominates initial access as attackers steal tokens instead of passwords, bypassing MFA and login alerts entirely. Short-lived...

From Cookies to Keys: The Threat of Session Hijacking

huntress.com

From Cookies to Keys: The Threat of Session Hijacking

1d ago

Universal Linux Kernel Exploit Raises Enterprise Alarm

A kernel flaw hidden since 2017 now hands root access to any standard user via a simple 732-bit Python script.

No conditions required:...

1d ago

CISA Sets May 27 Deadline for Drupal KEV Patch

CISA has directed federal agencies to patch the actively exploited CVE-2026-9082 SQL injection flaw in Drupal by May 27, 2026, after adding it to the...

CISA orders feds to patch actively exploited Drupal vulnerability

bleepingcomputer.com

CISA orders feds to patch actively exploited Drupal vulnerability

1d ago

Attackers Exploit Load-Bearing Infrastructure with AI Help

Attackers are targeting load-bearing infrastructure like VS Code extensions and Exchange servers that scaled before security caught up, compromising...