CISA contractor exposes credentialsA contractor working for CISAleft a public GitHub repositorynamed Private-CISA openly accessible for months, exposing administrative keys to multiple AWS GovCloud accounts along with plaintext passwords for internal CISA systems, Brian Krebs reported. While CISA states there is no evidence of unauthorized access to sensitive data so far, the exposed credentials could have allowed attackers to move laterally into government systems or tamper with internal software packages.Anthropic enables Mythos users to share cyber threat intelAnthropic hasintroduced a new featurein itsMythosvulnerability discovery platform that allows users to share information about cyber threats with others. This update aims to improve collective defense by enabling faster dissemination of threat details among security teams and researchers.Cloudflare highlights Mythos strengths and limitsCloudflare ranAnthropic’s Mythos model against over 50 of its internal repositories. The model stood out for its ability to construct exploit chains from multiple low-severity primitives and autonomously generate working proofs of concept. However, Cloudflare noted some challenges, including inconsistent model refusals on legitimate research tasks, high false positive rates especially in C/C++ codebases, and the necessity of a multi-stage harness rather than generic agent usage to achieve useful coverage and low-noise results.Huawei router flaw triggered Luxembourg telecom blackoutAzero-day vulnerabilityin Huawei enterprise router software caused a complete outage of Luxembourg’s telecom network in July 2025, knocking out landline, 4G, and 5G services for over three hours. The attack involved specially crafted network traffic that forced routers into a continuous restart loop, disrupting emergency communications for hundreds of thousands of residents. POST Luxembourg confirmed it was a denial-of-service incident exploiting undocumented behavior for which no patch existed at the time. It’s unclear if the vulnerability has since been patched.NanoCo raises $12 million in seed fundingNanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
A contractor working for CISAleft a public GitHub repositorynamed Private-CISA openly accessible for months, exposing administrative keys to multiple AWS GovCloud accounts along with plaintext passwords for internal CISA systems, Brian Krebs reported. While CISA states there is no evidence of unauthorized access to sensitive data so far, the exposed credentials could have allowed attackers to move laterally into government systems or tamper with internal software packages.Anthropic enables Mythos users to share cyber threat intelAnthropic hasintroduced a new featurein itsMythosvulnerability discovery platform that allows users to share information about cyber threats with others. This update aims to improve collective defense by enabling faster dissemination of threat details among security teams and researchers.Cloudflare highlights Mythos strengths and limitsCloudflare ranAnthropic’s Mythos model against over 50 of its internal repositories. The model stood out for its ability to construct exploit chains from multiple low-severity primitives and autonomously generate working proofs of concept. However, Cloudflare noted some challenges, including inconsistent model refusals on legitimate research tasks, high false positive rates especially in C/C++ codebases, and the necessity of a multi-stage harness rather than generic agent usage to achieve useful coverage and low-noise results.Huawei router flaw triggered Luxembourg telecom blackoutAzero-day vulnerabilityin Huawei enterprise router software caused a complete outage of Luxembourg’s telecom network in July 2025, knocking out landline, 4G, and 5G services for over three hours. The attack involved specially crafted network traffic that forced routers into a continuous restart loop, disrupting emergency communications for hundreds of thousands of residents. POST Luxembourg confirmed it was a denial-of-service incident exploiting undocumented behavior for which no patch existed at the time. It’s unclear if the vulnerability has since been patched.NanoCo raises $12 million in seed fundingNanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
Anthropic enables Mythos users to share cyber threat intelAnthropic hasintroduced a new featurein itsMythosvulnerability discovery platform that allows users to share information about cyber threats with others. This update aims to improve collective defense by enabling faster dissemination of threat details among security teams and researchers.Cloudflare highlights Mythos strengths and limitsCloudflare ranAnthropic’s Mythos model against over 50 of its internal repositories. The model stood out for its ability to construct exploit chains from multiple low-severity primitives and autonomously generate working proofs of concept. However, Cloudflare noted some challenges, including inconsistent model refusals on legitimate research tasks, high false positive rates especially in C/C++ codebases, and the necessity of a multi-stage harness rather than generic agent usage to achieve useful coverage and low-noise results.Huawei router flaw triggered Luxembourg telecom blackoutAzero-day vulnerabilityin Huawei enterprise router software caused a complete outage of Luxembourg’s telecom network in July 2025, knocking out landline, 4G, and 5G services for over three hours. The attack involved specially crafted network traffic that forced routers into a continuous restart loop, disrupting emergency communications for hundreds of thousands of residents. POST Luxembourg confirmed it was a denial-of-service incident exploiting undocumented behavior for which no patch existed at the time. It’s unclear if the vulnerability has since been patched.NanoCo raises $12 million in seed fundingNanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
Anthropic hasintroduced a new featurein itsMythosvulnerability discovery platform that allows users to share information about cyber threats with others. This update aims to improve collective defense by enabling faster dissemination of threat details among security teams and researchers.Cloudflare highlights Mythos strengths and limitsCloudflare ranAnthropic’s Mythos model against over 50 of its internal repositories. The model stood out for its ability to construct exploit chains from multiple low-severity primitives and autonomously generate working proofs of concept. However, Cloudflare noted some challenges, including inconsistent model refusals on legitimate research tasks, high false positive rates especially in C/C++ codebases, and the necessity of a multi-stage harness rather than generic agent usage to achieve useful coverage and low-noise results.Huawei router flaw triggered Luxembourg telecom blackoutAzero-day vulnerabilityin Huawei enterprise router software caused a complete outage of Luxembourg’s telecom network in July 2025, knocking out landline, 4G, and 5G services for over three hours. The attack involved specially crafted network traffic that forced routers into a continuous restart loop, disrupting emergency communications for hundreds of thousands of residents. POST Luxembourg confirmed it was a denial-of-service incident exploiting undocumented behavior for which no patch existed at the time. It’s unclear if the vulnerability has since been patched.NanoCo raises $12 million in seed fundingNanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
Cloudflare highlights Mythos strengths and limitsCloudflare ranAnthropic’s Mythos model against over 50 of its internal repositories. The model stood out for its ability to construct exploit chains from multiple low-severity primitives and autonomously generate working proofs of concept. However, Cloudflare noted some challenges, including inconsistent model refusals on legitimate research tasks, high false positive rates especially in C/C++ codebases, and the necessity of a multi-stage harness rather than generic agent usage to achieve useful coverage and low-noise results.Huawei router flaw triggered Luxembourg telecom blackoutAzero-day vulnerabilityin Huawei enterprise router software caused a complete outage of Luxembourg’s telecom network in July 2025, knocking out landline, 4G, and 5G services for over three hours. The attack involved specially crafted network traffic that forced routers into a continuous restart loop, disrupting emergency communications for hundreds of thousands of residents. POST Luxembourg confirmed it was a denial-of-service incident exploiting undocumented behavior for which no patch existed at the time. It’s unclear if the vulnerability has since been patched.NanoCo raises $12 million in seed fundingNanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
Cloudflare ranAnthropic’s Mythos model against over 50 of its internal repositories. The model stood out for its ability to construct exploit chains from multiple low-severity primitives and autonomously generate working proofs of concept. However, Cloudflare noted some challenges, including inconsistent model refusals on legitimate research tasks, high false positive rates especially in C/C++ codebases, and the necessity of a multi-stage harness rather than generic agent usage to achieve useful coverage and low-noise results.Huawei router flaw triggered Luxembourg telecom blackoutAzero-day vulnerabilityin Huawei enterprise router software caused a complete outage of Luxembourg’s telecom network in July 2025, knocking out landline, 4G, and 5G services for over three hours. The attack involved specially crafted network traffic that forced routers into a continuous restart loop, disrupting emergency communications for hundreds of thousands of residents. POST Luxembourg confirmed it was a denial-of-service incident exploiting undocumented behavior for which no patch existed at the time. It’s unclear if the vulnerability has since been patched.NanoCo raises $12 million in seed fundingNanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
Huawei router flaw triggered Luxembourg telecom blackoutAzero-day vulnerabilityin Huawei enterprise router software caused a complete outage of Luxembourg’s telecom network in July 2025, knocking out landline, 4G, and 5G services for over three hours. The attack involved specially crafted network traffic that forced routers into a continuous restart loop, disrupting emergency communications for hundreds of thousands of residents. POST Luxembourg confirmed it was a denial-of-service incident exploiting undocumented behavior for which no patch existed at the time. It’s unclear if the vulnerability has since been patched.NanoCo raises $12 million in seed fundingNanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
Azero-day vulnerabilityin Huawei enterprise router software caused a complete outage of Luxembourg’s telecom network in July 2025, knocking out landline, 4G, and 5G services for over three hours. The attack involved specially crafted network traffic that forced routers into a continuous restart loop, disrupting emergency communications for hundreds of thousands of residents. POST Luxembourg confirmed it was a denial-of-service incident exploiting undocumented behavior for which no patch existed at the time. It’s unclear if the vulnerability has since been patched.NanoCo raises $12 million in seed fundingNanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
NanoCo raises $12 million in seed fundingNanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
NanoCo, the developer of NanoClaw, a secure open source alternative AI professional assistant to OpenClaw, has raised $12 million in seed funding. The funding was led by Valley Capital Partners, with participation from Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Clem Delangue, CEO of Hugging Face.Four-Faith industrial router vulnerability exploited by botnetsAttackers are aggressivelyexploiting CVE-2024-9643, an authentication bypass flaw in Four-Faith F3x36 industrial cellular routers that stems from hardcoded administrative credentials. CrowdSec has tracked a surge in exploitation since late April 2026, with activity reaching mass exploitation levels by mid-May as attackers fold compromised devices into botnets for further campaigns. Other Four-Faith router vulnerabilities have also beenexploited in attacks.Solo operator runs 5-year AI-powered Patriot Bait influence and fraud schemeA single individual has orchestrated a sophisticated five-year operation using one primary fake persona, heavily assisted by AI tools, to run an influence campaign targeting patriotic and conservative audiences in the US while conducting financial fraud. ThePatriot Baitcampaign combined social media manipulation, content generation, and scam tactics to build trust and defraud victims. The threat actor targeted credentials and cryptocurrency wallets.Open WebUI vulnerabilityResearcher Chinmohan Nayak has discovered a high-severity SSRFvulnerability in Open WebUI(CVE-2026-45401). The flaw allows attackers to bypass URL validation via redirect handling and access internal resources, including cloud metadata endpoints. The researcher says the application implemented outbound request validation, but only for the initial request — not for redirect chains — leading to a trust-boundary bypass.CISA launches new form for crowdsourcing exploited vulnerability reportsCISA has introduced anonline Nomination Formthat lets researchers, vendors, and industry partners submit known exploited vulnerabilities (KEVs) directly for faster review and inclusion in itscatalog. The new tool strengthens the agency’s ability to validate and rapidly share actively exploited flaws with clear remediation guidance, complementing existing email submissions.Related:In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App FlawsRelated:In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
Source: SecurityWeek
