Cybersecurity News | Daily Recap [30 May 2026]

Exploits & Vulnerabilities

• PAN-OS GlobalProtect auth bypass CVE-2026-0257 is being actively exploited in the wild, putting exposed firewalls at immediate risk – PAN-OS Bypass
• ChatGPT web summaries can be abused as a phishing surface via the ChatGPhish flaw, while share links are also being used to host fake outage pages that deliver malware – ChatGPhish, Fake Outages
• Attackers are chaining the Marimo CVE-2026-39987 exploit with an LLM agent for post-exploitation automation, showing how AI tools are being weaponized after intrusion – Marimo Exploit

Data Breaches & Legal

• Charter Communications says a data breach could affect nearly 5 million people, adding to a day of major privacy and breach disclosures – Charter Breach
• The California AG is suing 23andMe over its 2023 breach that exposed sensitive health data, intensifying legal fallout from the incident – 23andMe Lawsuit
• Trump Mobile breach reports and FIFA World Cup phishing activity were also highlighted in the latest roundup of notable incidents – In Other News

Threat Ops & Botnets

• MokN raised $15 million to expand its phish-back platform, underscoring investor interest in anti-phishing offensive tooling – MokN Funding
• The Netherlands disrupted a malware botnet tied to 17 million infected devices, while the DDoS-as-a-Service market continues to offer attacks for as little as $5 – Botnet Bust, DDoS Market

Governance & Enforcement

• A federal audit says NIST‘s NVD suffers from poor planning and duplication, raising concerns about the quality and reliability of the vulnerability database – NVD Audit
• A Tennessee man linked to 764 was charged in crimes against children tied to coercion, blackmail, and violent activity across multiple states – 764 Charges
• CISA also responded to ongoing supply chain attack concerns in the latest security briefing – CISA Response

Cybersecurity News | Daily Recap – hendryadrian.com