Critical Gogs RCE, FortiClient EMS Exploited, AI-powered Attacks, Kimsuky Drops HTTPSpy

THN Daily Updates Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework ($115.95 Value) FREE for a Limited Time Cybersecurity Risk Management Download Now Sponsored LATEST NEWS May 29, 2026 New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is asses... Read More What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing them on the o... Read More Your SOC Is Generating Alerts. Is It Generating Intelligence? LDR551 LDR551 at SANS Virginia Beach teaches the strategy and structure behind high-performing SOCs. Read More Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon client IDs and PFX certi... Read More Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2... Read More Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The security flaw, pe... Read More Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver credential-stealing malware. "The campaign abused trusted endp... Read More Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the impact an... Read More Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework ($115.95 Value) FREE for a Limited Time Cybersecurity Risk Management Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi