ALERT - Microsoft Defender 0-Days, Linux Root Exploit, Drupal RCE Uncovered

THN Daily Updates Webinar ➞ Beyond the Zero-Day: Mapping the Network Attackers Actually See Learn how to identify hidden assets, map attack paths, and fix segmentation gaps across IT, IoT, and OT networks to reduce real-world breach risk. Download Now Sponsored LATEST NEWS May 21, 2026 ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories This week starts small. A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. T... Read More Microsoft Warns of Two Actively Exploited Defender Vulnerabilities Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring syste... Read More 5 Defaults Mythos-Class AI Finds in Every Enterprise Environment Salesforce guest access, M365 legacy auth, Snowflake, SSO, GitHub. Check yours. Read More When Identity is the Attack Path Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything... Read More 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper pri... Read More The Non-Human Identity Crisis: Why Your Machine Identities Are Your Biggest Governance Gap NHIs outnumber users 45:1 as AI agents expand access, raising breach and compliance risk. Read More GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS ... Read More Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information disclosure. ... Read More Webinar ➞ Beyond the Zero-Day: Mapping the Network Attackers Actually See Learn how to identify hidden assets, map attack paths, and fix segmentation gaps across IT, IoT, and OT networks to reduce real-world breach risk. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi