Advisories 7 May 2026

Apache HTTP Server HTTP/2 Double-Free Vulnerability Enabling DoS and RCE (CVE-2026-23918)

Scope: Apache HTTP Server 2.4.66 (mod_http2 with multi-threaded MPM)

Advisories 7 May 2026
DAEMON Tools Supply Chain Attack – Official Installers Trojanized Since April 8, 2026

Scope: DAEMON Tools Lite (Versions 12.5.0.2421 – 12.5.0.2434)

Advisories 7 May 2026
Quasar Linux (QLNX) Implant Targeting Developer and DevOps Environments

Scope: Linux Developer Workstations, DevOps Infrastructure (npm, PyPI, GitHub, AWS, Docker, Kubernet

Advisories 6 May 2026
PAN-OS User-ID Authentication Portal Buffer Overflow Zero-Day Under Active Exploitation (CVE-2026-0300)

Scope: Palo Alto Networks PAN-OS (PA-Series and VM-Series Firewalls)

Advisories 6 May 2026
Cloudz RAT "Pheno" Plugin Hijacking Windows Phone Link to Steal OTPs and Credentials

Scope: Microsoft Windows Phone Link (Windows 10 and 11)

Severity: High

Advisories 6 May 2026
MuddyWater Iranian APT Deploying "False Flag" Ransomware via Microsoft Teams (Darkcomp RAT)

Scope: Microsoft Teams (Enterprise Environments)

Severity: Red

Advisories 6 May 2026
Google Android Binary Transparency Expanded to All Production Apps

Scope: Google Android (All Production Apps and Mainline Modules)

Subscribe to Advisories