Official intelligence summary

HAIJA INTEL REPORT

Generated 19/05/2026, 09:13. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources9
Tweets / X6
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.

Tweets / X

6 items
@SpecterOps avatar
SpecterOps @SpecterOps
18 May, 22:05 · core
0.68
How are security & identity leaders prioritizing, adopting, & operationalizing Identity APM? Save your spot for tomorrow’s webinar with @jaredcatkinson & @JustinKohler10 on key findings from our 2026 Identity Attack Path Management Trends report. https:// ghst.ly/3QQDhcJ
tweet media
open on X
AS
assetnote @assetnote
18 May, 16:22 · core
0.62
Our security research team discovered a pre-authentication arbitrary file read as root in cPanel (CVE-2026-29205) - a path traversal in cpdavd that we made exploitable by abusing Dovecot's + alias handling to create att…
open on X
AS
assetnote @assetnote
18 May, 16:22 · core
0.58
Assetnote @assetnote · 16h GitHub - assetnote/cpanel2shell-scanner: High fidelity scanner for CVE-2026-41940 (cPanel & WHM... From github.com 1 7 1K
open on X
@SpecterOps avatar
SpecterOps @SpecterOps
18 May, 17:19 · core
0.40
The #BloodHoundUnleashed Attack Path Championship launches this Wednesday! Complete our online challenge between 20th May-4th June for a chance to win swag & prizes. Top scores will appear on the leaderboard & have the chance for bonus points at #InfoSecEurope. Stay tuned!
tweet media
open on X
@nahamsec avatar
nahamsec @nahamsec
18 May, 14:50 · core
0.34
Your AI coding assistant can be turned into a worm. Hidden in a README file, a prompt injection can hijack your coding agents and spread from respository to repository like the old school MySpace XSS Worm. https:// youtu.be/4PBD-9IG13I
tweet media
open on X
@Sysdig avatar
Sysdig @Sysdig
18 May, 16:00 · secondary
0.32
Preventative controls are your pregame strategy. Runtime is where the game is actually played. Attackers are building working exploits within hours of a CVE dropping. 66% of orgs are running AI workloads on Kubernetes. The attack surface isn't waiting for you. Read the blog:
tweet media
open on X

Regular sources

9 items
1.00exploit · 18 May, 18:14seclists.orgWild exploit

CVE-2026-31431 Copy Fail Linux LPE - new public exploit

Posted by Andrei Berestov on May 18 Hello, https://github.com/4xura/CVE-2026-31431-CopyFail The repository contains: - exploit.c, exploit.py, exploit.pl, exploit.asm (x8…

github.com/4xura/CVE-2026-31431-CopyFail
primary · linked
1.00general · 18 May, 15:50thehackernews.com

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushe…

primary
1.00general · 18 May, 15:46bleepingcomputer.com

Grafana says stolen GitHub token let hackers steal codebase

Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. [...]

primary
1.00general · 18 May, 15:00darkreading.com

The Boring Stuff is Dangerous Now

AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentially flawed AI-generated code,…

primary
1.00general · 18 May, 12:54thehackernews.comRCETradecraft

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execut…

primary
1.00general · 18 May, 10:57thehackernews.comPoCTradecraft

MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems

Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows priv…

primary
1.00general · 18 May, 00:30bleepingcomputer.comPoCTradecraft

New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privil…

primary
0.92general · 18 May, 10:51helpnetsecurity.comAttack path

201 arrested in INTERPOL disruption of phishing and fraud networks

Operation Ramz, a cybercrime initiative coordinated by INTERPOL across the MENA region, focused on disrupting phishing campaigns, malware activity, and cyber scams that …

primary
0.84general · 18 May, 07:30helpnetsecurity.com

Lyrie: Open-source autonomous pentesting agent

Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous security agent bui…

primary