This threat briefing covers the 24-hour period from May 26-27, 2026, highlighting significant vulnerabilities and malware distribution activity. The most critical findings include four CRITICAL-severity vulnerabilities (CVSSv3 9.1-9.9) affecting the Lumiverse AI chat application, enabling remote code execution and command injection through multiple attack vectors. Additional high-severity vulnerabilities were identified in widely-used libraries including GnuTLS, LangChain, and various enterprise applications.
Malware distribution activity remained active with 50 malicious URLs identified, predominantly distributing Mozi botnet variants targeting IoT devices through various MIPS and ARM architectures. ClearFake campaigns continue to leverage compromised Hungarian domains, while cryptocurrency miners and information stealers (Formbook, GuLoader, MassLogger) were distributed through phishing infrastructure. The absence of law enforcement seizure activity suggests threat actor infrastructure remains largely operational during this period.
Organizations should prioritize patching the critical Lumiverse vulnerabilities immediately if deployed, review GnuTLS implementations for RSA key exchange weaknesses, and maintain vigilant monitoring for Mozi botnet indicators on IoT devices and network infrastructure.
Four critical-severity vulnerabilities identified in Lumiverse AI chat application, enabling remote code execution, command injection, and unsafe code evaluation
MCP server creation endpoint validates binary names but fails to validate args array, allowing arbitrary command execution through inline code flags in allowlisted binaries (node, python3, npx, uvx)
Component override system transpiles and evaluates user-supplied TSX code. Validation bypass allows attackers to recover shadowed globals (fetch, eval) and execute arbitrary code remotely
Error handling in toSmbPath function concatenates unvalidated basename directly into smbclient command script, enabling command injection via specially crafted filenames
Spindle extension build pipeline executes 'bun install' without --ignore-scripts flag before safety scanning, allowing malicious extensions to execute arbitrary code via npm lifecycle scripts
Incomplete fix for CVE-2025-62582 allows unauthenticated remote attackers to access all configured databases in DIAView projects without authentication
Critical weaknesses identified in cryptographic libraries, AI frameworks, and common development dependencies affecting certificate validation and memory safety
Short premaster secret during RSA key exchange to PKCS#11-backed server triggers heap overread, potentially leaking sensitive cryptographic material
Oversized Subject Alternative Name fields cause validation to incorrectly fall back to Common Name checking, enabling certificate validation bypass attacks
Certificates with URI or SRV Subject Alternative Names trigger improper fallback to CN validation, allowing attackers to bypass certificate checks with crafted certificates
Legacy runtime code paths deserialize application-controlled payloads using overly broad allowlists, enabling arbitrary object instantiation and potential RCE
Integer overflow in capacity calculation leads to undersized heap allocation, causing heap buffer overflow through safe APIs. Affects versions 1.0.1-2.6.0
Processing #set directives in attacker-controlled Velocity templates enables prototype pollution, potentially leading to property injection and RCE scenarios
Authentication bypasses, privilege escalation, and injection vulnerabilities affecting enterprise systems and healthcare infrastructure
Mobile API allows unauthenticated user impersonation via crafted JSON payload in 'g' HTTP header when Auth-Key header is present, bypassing identity validation
Authenticated users with only users.edit permission can escalate to admin by sending PATCH request with permissions[admin]=1. API controller only strips superuser key
Default Dozzle deployment allows unauthenticated POST to /api/notifications/test-webhook, forwarding attacker-controlled URLs to internal WebhookDispatcher
ePA 3.0 Java client accepts any TLS certificate (self-signed, expired, wrong CN) between ePA service and Konnektor, enabling MITM attacks on patient data
SignedPublicKeysTrustValidatorImpl discards boolean return value of Signature.verify(), failing to validate ECDSA signatures while performing certificate chain validation
Multiple SQL injection flaws in legacy enterprise applications enabling remote unauthenticated database access
SQL injection in chk.php login component of Project Management System 1.0 allows remote attackers to bypass authentication and extract database contents
Improper access controls in LoginController.selectDepart function (/sys/selectDepart) enable unauthorized access in JeecgBoot versions up to 3.9.1
SQL injection in /admin/modules/class/index.php ID parameter allows remote attackers to manipulate database queries and extract sensitive student data
Unsandboxed jinja2.Environment() renders user-supplied prompt templates, enabling Server-Side Template Injection when applications pass untrusted strings to Prompt()
Sustained Mozi botnet distribution targeting IoT devices across multiple architectures with 40+ malicious download URLs identified
40+ URLs distributing Mozi botnet variants for 32-bit MIPS and ARM architectures targeting vulnerable IoT devices. Distribution infrastructure spans Asian IP ranges (China, Vietnam) with varied high ports (33859-59839)
Multiple information stealers actively distributed: Formbook/GuLoader via clemanimpianti.it.com and alkurdi-sa.cam, MassLogger via Cloudflare Workers (dawn-bush-ddd1.yasminanthonyy.workers.dev), and Amadey-dropped CoinMiner from 91.92.242.236
8 URLs identified distributing ClearFake malware through compromised Hungarian business domains (buborekjatszohaz.hu, budapesthandmade.hu, business360.hu) and container-pulse.digital infrastructure
Privilege escalation and denial-of-service vulnerabilities affecting macOS, Bluetooth, and automotive V2X protocols
Race condition in macOS Sequoia 15.7 and Tahoe 26 allows apps to gain root privileges. Addressed with additional validation in latest releases
Logic flaw in macOS allows malicious applications to gain root privileges. Affects Sequoia 15.7, Sonoma 14.8, and Tahoe 26
Attackers can downgrade Bluetooth LE connection security by deleting existing bonds, spoofing bonded devices, and establishing new bonds with weaker security parameters
Denial-of-service in Vanetza cryptographic verification pipeline. ASN.1 decoder accepts syntactically valid but malformed V2X messages, exhausting verification resources
Malformed network packets with corrupted ASN.1/OER structures cause denial-of-service in Vanetza V2X protocol implementation through invalid length fields