Infosec bits for 2026 week 23

Zoya Vilakazi | June 5, 2026, 3:44 p.m.

Cybersecurity News:

Global cybersecurity leader officially sets up South African presence [Robin-Leigh Chetty, Hypertext]

Let’s Encrypt works toward post-quantum certificates at web scale [Anamarija Pogorelec, Help Net Security]

CISA warns of active attacks exploiting Android, Linux bugs [Bill Toulas, Bleeping Computer]

Vulnerabilities & Patches:

Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089) [Zeljka Zorz, Help Net Security]

Chrome 149 Patches 429 Vulnerabilities [Ionut Arghire, Security Week]

Laravel CRLF Injection Vulnerability Enables an Attacker to Interfere with Outbound Email Processing [Abinaya, Cyber Security News]

Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit [Elizabeth Montalbano, Dark Reading]

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites [Ravie Lakshmanan, The Hacker News]

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories [Swati Khandelwal, The Hacker News]

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) [Zeljka Zorz, Help Net Security]

Malware & Rasomware:

New IronWorm malware hits 36 packages in npm supply-chain attack [Bill Toulas, Bleeping Computer]

Weaponized ChatGPT Download Site Delivers Malware Via Sponsored Search Results [Abinaya, Cyber Security News]

Payouts King Ransomware Evades EDR With Obfuscation and Direct System Calls [Tushar Subhra Dutta, Cyber Security News]

Attacks & Data Breaches:

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks [Elizabeth Montalbano, Dark Reading]

New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute [Bill Toulas, Bleeping Computer]

Hola Browser for Windows compromised to deliver cryptominer [Bill Toulas, Bleeping Computer]

Tooling:

MazeBolt brings AI-generated attack simulation to DDoS security testing [Industry News, Help Net Security]