Your Daily Dose of Cybersecurity News

Technology

Carnival Data Breach Impacts Nearly 6 Million Customers

According to filings with the Maine Attorney General , the cruise operator is sending notification letters to 5,995,277 customers and employees. Hackers got in and exfiltrated sensitive files.

May 31, 2026 · SecurityXP Intelligence Desk

Vulnerabilities & Exploits

Active Exploitation of PAN-OS GlobalProtect Gateways (CVE-2026-0257) Triggers Urgent Patches

Attackers are actively exploiting a high-severity authentication bypass vulnerability in Palo Alto Networks GlobalProtect portals and gateways, allowing remote attackers to establish unauthorized VPN access to corporate networks.

May 31, 2026 · SecurityXP Intelligence Desk

Technology

7-Eleven Data Breach Exposes Personal Information of 185,000 People

The ShinyHunters extortion gang claimed responsibility, leaked a 9.4GB archive of stolen data, and is now selling it on underground forums after the company refused to pay a ransom.

May 29, 2026 · SecurityXP Team

Latest News

TechnologyMay 29, 2026·5 min read

FBI Warns of Kali365: The Fast-Growing Phishing Kit Stealing Microsoft 365 Access Tokens

By exploiting legitimate OAuth device code authentication, Kali365 bypasses multi-factor authentication entirely... and that's a game-changer.

TechnologyMay 29, 2026·4 min read

Ghost CMS Flaw Abused to Push ClickFix Attacks on Hundreds of Sites

and it's getting out of hand. Over 700 legitimate domains have been poisoned, including university portals and major technology brands.

Vulnerabilities & ExploitsMay 26, 2026·2 min read Breaking

Critical VMware Zero-Day Vulnerability Under Active Exploitation

A critical remote code execution vulnerability in VMware vCenter Server is being actively exploited in the wild. CVE-2025-1234 carries a CVSS score of 9.8 and affects all recent versions. Immediate patching is recommended.

Malware & RansomwareMay 25, 2026·1 min read

Ransomware Attack Disrupts Major Healthcare Provider Operations

A sophisticated ransomware attack has disrupted operations at a major healthcare provider, affecting patient care systems across multiple facilities. Learn about the attack vectors, impact, and mitigation strategies.

AI/ML SecurityMay 24, 2026·1 min read

New EU AI Security Regulations: What Organizations Need to Know

The European Union has introduced comprehensive AI security regulations requiring organizations to implement security measures for AI systems. We break down the requirements, timelines, and compliance steps.

Threat IntelligenceSep 18, 2025·3 min read

CISA Issues Nine Urgent Advisories on Industrial Control Systems Vulnerabilities

In a critical bulletin released on September 18, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published nine new advisories detailing high-severity vulnerabilities affecti...

Threat IntelligenceSep 18, 2025·2 min read

Critical Google Chrome Zero-Day CVE-2025-10585: What You Need to Know

Google has just patched a critical zero-day vulnerability in its Chrome web browser—CVE-2025-10585—which has been actively exploited in the wild. This flaw, a type confusion issue in Chrome’s V8 Ja...

Threat IntelligenceSep 18, 2025·4 min read

Malware Analysis Report on a malicious listener deployed on Ivanti Endpoint Manager Mobile (EPMM) systems

U.S. Cybersecurity and Infrastructure Security Agency’s new Malware Analysis Report on a malicious listener deployed on Ivanti Endpoint Manager Mobile (EPMM) systems by chaining CVE-2025-4427 and C...

Threat IntelligenceJun 22, 2025·5 min read

MSSP Alert Top 250 for 2024: A Deep Dive into the State of Cybersecurity

Discover the key findings from the 2024 MSSP Alert Top 250 report. Explore trends in MSSP growth, profitability, in-house SOCs, and the critical services defining modern cyber defense.

Threat IntelligenceApr 26, 2025·4 min read

Pakistan-Linked APT36 Exploits "Pahalgam Terror Attack" Theme in Multi-Pronged Cyber Espionage Campaign Against India

In a recent and concerning development in the ongoing cyber conflict landscape, the Pakistan-linked Advanced Persistent Threat (APT) group known as APT36 (also referred to as Transparent Tribe) has...

Security Digest

Get the latest cybersecurity news, vulnerability alerts, and threat intelligence delivered to your inbox.

SecurityXP — Cybersecurity News, Threat Intelligence & Infosec Utilities