Advisories 4 May 2026

BlueKit Phishing-as-a-Service Platform – AI-Assisted Credential Theft Campaigns

Scope: Enterprise Platforms and Online Services (Broad)

Severity: High

Advisories 4 May 2026
ConsentFix v3 – OAuth Consent Phishing Campaign Targeting Microsoft Azure and M365

Scope: Microsoft Azure / Microsoft 365 (Entra ID)

Severity: Red

Advisories 4 May 2026
Atlassian Confluence Template Injection RCE (CVE-2023-22527)

Scope: Atlassian Confluence Data Center and Server

Severity: Red

Advisories 4 May 2026
Palo Alto PAN-OS GlobalProtect Command Injection Under Active Exploitation (CVE-2024-3400)

Scope: Palo Alto Networks PAN-OS (GlobalProtect Gateway)

Severity: Red

Advisories 4 May 2026
Broken VECT 2.0 Ransomware – Destructive Wiper Behavior Observed

Scope: Enterprise Endpoints and File Systems

Severity: Red

Advisories 4 May 2026
FortiOS & Atlassian Confluence Actively Exploited (CVE-2024-21762 / CVE-2023-22527)

Scope: Fortinet FortiOS/FortiProxy, Atlassian Confluence

Severity: Red

Advisories 4 May 2026
WordPress Redirect Plugin – Hidden Backdoor Discovered

Scope: WordPress (Affected Redirect Plugin)

Severity: Red

Subscribe to Advisories