IT Security Weekend Catch Up – May 30, 2026

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

1. [PL] Age verification means internet filtering
2. [PL][VIDEO] Another VPN mishap? Not quite
3. [PL] Paid disinformation takes a new turn as AI enters the game
4. [PL] AI transparency in public administration must be the standard
5. [PL] CRA: good practices for managing software security
6. [PL] Identifying someone by their phone number under GDPR
7. [PL] Arrests over false alerts about threats to life and health
8. [PL] Alarm at the president’s family home. An expert debunks myths about scam tactics
9. [PL] Otomoto: posting a listing can expose your data to scammers
10. [PL] The bank employee scam: a call transcript and analysis
11. [PL] Scammers’ “corporations”: inside the cybercrime market
12. [PL] A trap for domain owners: how phishing targeting home.pl works
13. [PL] Scammers working for Russia: how they impersonate well-known organizations
14. Silent Ransom Group impersonating IT personnel through social engineering
15. Cybercriminal VPN used by ransomware actors dismantled in global crackdown
16. How we got a CISA GitHub leak taken down in under a day
17. Lithuania investigates theft of 600,000 state registry records by foreign actor
18. Canadian man arrested by international authorities, charged with administrating KimWolf DDoS botnet
19. 2026 World Cup: Discussing the world’s biggest game’s attack surface
20. US law enforcement warns of “anti-tech extremism” as AI hatred grows

For the more technical

1. [PL] How to set up a home flight tracking radar
2. Microsoft Defender can now automatically isolate hacked endpoints
3. Authenticated RCE via argument injection in Gogs
4. FROST: Fingerprinting Remotely using OPFS-based SSD Timing
5. FortiClient EMS exploited via CVE-2026-35616 to deliver EKZ infostealer disguised as a Fortinet patch
6. From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence
7. Heap buffer write overflow in 7-Zip
8. Mini Shai-Hulud: Compromised @antv npm packages enable CI/CD credential theft
9. Mini Shai-Hulud strikes again: TanStack + more npm packages compromised
10. Megalodon: New CI/CD malware spreads across GitHub, infecting ~5,000+ repositories
11. Staged publishing and new install-time controls for npm
12. Malware-slop: New malicious npm package leaks its own GitHub private token
13. Laravel-Lang supply chain attack: Every tag across multiple composer packages rewritten to steal CI secrets
14. Ghost CMS mass compromised via CVE-2026-26980, now fueling ClickFix attacks
15. Detecting Tycoon 2FA AiTM attacks across Entra ID and Google Workspace
16. RatPressto phish kit
17. SHub Reaper: macOS stealer spoofs Apple, Google, and Microsoft in a single attack chain
18. From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
19. Disrupting Glassworm: Inside CrowdStrike’s takedown of a developer-targeting botnet
20. The Gentlemen ransomware group is scaling faster than any other group on record

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.