DJBSEC's CyberNews 2026-05-22
Today’s daily news covers the following categories: Vulnerability Malware Policy & Legislation Authentication Insider Threat
Deleted Google API Keys Remained Active for 23 Minutes
Vulnerability
Threat hunters discovered that deleted Google API keys could remain active and usable for up to 23 minutes after removal. Researchers warn that this delay creates a potential security gap attackers could exploit if credentials are exposed or compromised. API keys are widely used to authenticate cloud services and automation workflows, making lingering access particularly risky. The issue highlights the importance of immediate credential revocation in cloud security operations. Organizations are encouraged to rotate keys regularly and monitor for suspicious API activity.
Read More
Fake Microsoft Teams Downloads Deliver ValleyRAT Malware
Malware
Cybercriminals are using fake Microsoft Teams download pages to distribute ValleyRAT malware to unsuspecting users. Victims are tricked into downloading trojanized installers that appear legitimate but contain malicious payloads. Once installed, ValleyRAT can steal information, establish persistence, and allow remote access to compromised systems. Attackers continue abusing trusted enterprise software brands to improve phishing and malware success rates. Users are advised to download software only from official sources and verify URLs carefully.
Read More
Critical Chrome Vulnerabilities Expose Users to Remote Code Execution
Vulnerability
Researchers have identified critical vulnerabilities in Google Chrome that could allow attackers to achieve remote code execution through malicious web content. Successful exploitation could enable attackers to compromise systems simply by convincing users to visit a crafted website. Because Chrome is widely deployed across enterprise and personal environments, the vulnerabilities carry significant risk. Google is expected to push emergency updates to address the flaws quickly. Organizations and users are being urged to apply browser updates immediately.
Read More
First VPN Service Officially Taken Down by Authorities
Policy & Legislation
Authorities have reportedly carried out the first official takedown of a VPN service tied to criminal activity and abuse investigations. Law enforcement agencies say the VPN infrastructure was allegedly used to facilitate cybercrime and conceal malicious operations. The move marks a significant escalation in efforts to disrupt anonymization services linked to criminal misuse. Privacy advocates warn that such actions may raise concerns about legitimate VPN usage and digital privacy rights. The case highlights the growing tension between cybersecurity enforcement and online anonymity.
Read More
Attackers Bypass MFA on SonicWall VPNs After Incomplete Fix
Authentication
Researchers say attackers are bypassing MFA protections on SonicWall VPN appliances because an earlier security fix did not fully resolve the underlying issue. The flaw allows threat actors to circumvent authentication controls under certain conditions, potentially exposing enterprise networks to unauthorized access. SonicWall VPNs are widely used in remote access environments, increasing the potential impact. Security experts warn that attackers are actively exploiting the weakness in real-world attacks. Organizations are urged to apply updated patches and closely monitor VPN activity.
Read More
Cisco Releases Patch for Critical Secure Workload Vulnerability
Vulnerability
Cisco has released fixes for another critical vulnerability affecting its Secure Workload platform, with the flaw receiving the maximum CVSS severity rating of 10. Successful exploitation could allow attackers to compromise administrative functionality and potentially gain elevated access. Security researchers warn that internet-facing management systems are especially attractive targets. The disclosure continues a trend of high-severity vulnerabilities impacting enterprise infrastructure platforms. Organizations are being urged to prioritize patching and review exposed management interfaces.
Read More
Microsoft Warns of New Defender Zero-Days Exploited in Attacks
Vulnerability
Microsoft has warned that new zero-day vulnerabilities affecting Microsoft Defender are already being exploited in active attacks. The flaws could potentially allow attackers to bypass protections, escalate privileges, or evade detection mechanisms. Defender products are widely used across enterprise environments, making these vulnerabilities particularly concerning. Security teams are being urged to apply patches immediately and monitor systems for indicators of compromise. The incident demonstrates how attackers continue targeting security products themselves to weaken defenses.
Read More
U.S. Executives Plead Guilty in Tech Support Fraud Scheme
Insider Threat
Several U.S.-based executives have pleaded guilty in connection with a large-scale fraudulent tech support operation. Prosecutors say the scheme targeted victims through deceptive support tactics designed to extract money and gain unauthorized access to devices. The case highlights how insider participation and corporate leadership can play direct roles in cyber-enabled fraud operations. Authorities continue to investigate the broader network tied to the scheme. The incident underscores the importance of oversight and accountability in technology service organizations.
Read More
Claude Code Network Sandbox Vulnerability Disclosed
Vulnerability
Researchers have disclosed a vulnerability affecting the network sandbox used by Claude Code environments. The flaw could potentially allow attackers to bypass isolation controls and access restricted resources or services. As AI coding assistants become more integrated into enterprise workflows, vulnerabilities in sandboxing mechanisms pose growing security concerns. Researchers warn that weak isolation could expose sensitive development environments or connected infrastructure. Organizations using AI-assisted coding tools are encouraged to review security configurations and apply available fixes.
Read More
Enjoy Reading This Article?
Here are some more articles you might like to read next: