Claude AI Finds 10,000 Flaws, Laravel-Lang Compromised, LiteSpeed cPanel Exploit

THN Daily Updates Webinar ➞ Beyond the Zero-Day: Mapping the Network Attackers Actually See Learn how to identify hidden assets, map attack paths, and fix segmentation gaps across IT, IoT, and OT networks to reduce real-world breach risk. Download Now Sponsored LATEST NEWS May 23, 2026 Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most "systemically" important software across the world since the cy... Read More Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing framework. The affe... Read More Build a scalable IT policy for remote and distributed teams Take control of IT procurement, security, and compliance with a standardized policy built for distributed teams. Download the free IT policy template. Read More LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of inc... Read More Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of activ... Read More First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, an... Read More Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in the count... Read More Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window. "Using throwaway accounts and... Read More Webinar ➞ Beyond the Zero-Day: Mapping the Network Attackers Actually See Learn how to identify hidden assets, map attack paths, and fix segmentation gaps across IT, IoT, and OT networks to reduce real-world breach risk. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi