Microsoft: Domain Controller lookup may fail on Windows Server 2016 (2026-05-26 07:41 UTC)
Kurz: Microsoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail after installing the KB5087537 May 2026 security update. […]
7-Eleven data breach exposes personal information of 185,000 people (2026-05-26 07:01 UTC)
Kurz: The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach notification service Have I Been Pwned. […]
Anthropic’s restricted Claude Mythos model may be coming to Claude Code (2026-05-25 17:07 UTC)
Kurz: Anthropic appears to be preparing for the public rollout of the Mythos model, which was announced in April as a restricted model that poses major security risks to private and public software. […]
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike (2026-05-26 05:19 UTC)
Kurz: A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deploym…
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos (2026-05-25 14:13 UTC)
Kurz: Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten …
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks (2026-05-25 12:02 UTC)
Kurz: Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26…