New Windows 0-Day, NGINX RCE, Grafana Breach, Fast16 Tampered with Nuclear Simulations

THN Daily Updates VMware to AWS: Four Solutions That Build the Business Case Migrating from VMware doesn't have to compound your financial pressure. Download Now Sponsored LATEST NEWS May 18, 2026 Developer Workstations Are Now Part of the Software Supply Chain Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Do... Read More Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the list is a critical f... Read More CTI Analysts: Build Intelligence Programs That Actually Drive Defense FOR578 at SANS San Antonio trains you to produce intelligence your SOC can act on. Save $500. Read More MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attacke... Read More Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP. The list of identified packages is below -... Read More 7 Signs Your Organization Is Vulnerable to Business Email Compromise BEC caused $3B in 2024 losses as trust-based email fraud bypasses filters, exposing finance teams to wire fraud. Read More Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations A new analysis of the Lua-based fast16 malware has confirmed that it was a cyber sabotage tool designed to tamper with nuclear weapons testing simulations. According to Broadcom-owned Symantec and Carbon Black teams, th... Read More NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck. The vulnerability, tracked as CVE-2026-42945 ... Read More VMware to AWS: Four Solutions That Build the Business Case Migrating from VMware doesn't have to compound your financial pressure. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi