0.68
There's a gap between knowing your attack paths and actually managing them. We surveyed the industry to find out how wide that gap really is. Check out our Trends in Identity Attack Path Management report → https:// ghst.ly/4uzFVT3
Official intelligence summary
HAIJA INTEL REPORT
Generated 06/05/2026, 09:10. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources8
Tweets / X7
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.
Tweets / X
7 itemsAS
0.62
Our team discovered a vulnerability in Salesforce Marketing Cloud that allowed us to leak PII of subscribers and emails sent through SFMC, without any auth. Assigned CVE-2026-22585, CVE-2026-22586, CVE-2026-22582, CVE-2…
0.50
New C2 infrastructure and lures detected associated with #Coruna and #DarkSword malware. Threat actors are using fake crypto reward scam web pages to deliver malicious URLs and RCE exploits to iOS users. Details at: https:// bit.ly/4d8mOs7
0.48
Day Zero: The 2026 Threat Research Summit is bringing together featured speakers from Amazon, Cisco, Google, Microsoft, Recorded Future, CrowdStrike, and more to share original research on emerging adversary tradecraft. Applications are now open: https:// crwdstr.ke/6013BBdka5 Jo
0.46
Earlier this year @SLCyberSec ’s research team disclosed a vulnerability that allowed us to leak PII and emails stored inside Salesforce Marketing Cloud instances, for any customer, without authentication. You can read more about our research here:
0.44
Apache HTTP Server version 2.4.66 double free and possible RCE https:// httpd.apache.org/security/vulne rabilities_24.html …
0.35
Finger protocol LOLBin #ClickFix campaign that uses fake AI tools, background removers and LinkedIn lures and injects “finger <username> @ C2” with 12+ lure domains containing fake reCAPTCHA, 6 Finger usernames and 6 rotating C2 domains. Details at: https:// bit.ly/3Rmc4Pl
Regular sources
8 itemsThe Dangerous Momentum of Autodownload Phishing
Learn how attackers weaponize SaaS auto-download links and rotating phishing lures to deliver RMM malware. See how Cortex Email Security stops this forced-momentum attac…
Hacker Conversations: Joey Melo on Hacking AI
AI red team specialist details his methods for manipulating AI guardrails through jailbreaking and data poisoning, helping developers harden machine learning models. The…
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under active exploitation in the…
Nix/Lix: local privilege escalation in daemon process
Posted by Martin Weinelt on May 04 Nix is a package manager and build system for Unix-like systems. Lix is a community-maintained fork of Nix. Both provide a daemon used…
Local privilege escalation in Lix and Nix
Posted by Thomas GERBET on May 04 ## Summary Nix and Lix daemon implementations are affected by buffer overflows vulnerabilities that allow a local attacker to gain arbi…
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services…
Security audit of Paramiko completed, fixes coming in 5.0 release
Posted by Alan Coopersmith on May 05 https://ostif.org/paramiko-audit-complete/ announces: The findings listed in the audit report at higher than "Informational" are: wi…
Re: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16
Posted by Solar Designer on May 04 Yes, I think your judgement fits what many of us would like to see on this list. Thank you! As to this specific issue, I guess Wietse …