Daily Hunt Feed - 2026-05-23

Threat Hunt Feed (2026-05-23)

Hacker News: Best

• Python 3.15: features that didn’t make the headlines — Thu, 21 May 2026 11:10:11 +0000
  • Matched TTPs: Python (T1059.006), At (T1053.002)

Krebs on Security

• Lawmakers Demand Answers as CISA Tries to Contain Data Leak — Fri, 22 May 2026 16:34:24 +0000
  • Matched TTPs: SSH (T1021.004), Private Keys (T1552.004), Code Repositories (T1213.003), Proxy (T1090), Tool (T1588.002), Software (T1592.002), Credentials (T1589.001), At (T1053.002)

BleepingComputer

• Trend Micro warns of Apex One zero-day exploited in the wild — Fri, 22 May 2026 09:39:19 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Cloud Services (T1021.007), Tool (T1588.002), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
• Why Chargebacks are Just One Piece of the Fraud Puzzle — Fri, 22 May 2026 09:09:18 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Software (T1592.002), At (T1053.002)
• Ubiquiti patches three max severity UniFi OS vulnerabilities — Fri, 22 May 2026 08:00:42 -0400
  • Matched TTPs: IP Addresses (T1590.005), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Botnet (T1584.005), Proxy (T1090), Tool (T1588.002), Software (T1592.002), At (T1053.002)
• US and Canada arrest and charge suspected Kimwolf botnet admin — Fri, 22 May 2026 05:01:20 -0400
  • Matched TTPs: IP Addresses (T1590.005), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Botnet (T1584.005), Domains (T1584.001), Proxy (T1090), Tool (T1588.002), Software (T1592.002), At (T1053.002)

The Hacker News

• Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware — Fri, 22 May 2026 21:50:32 +0530
  • Matched TTPs: Artificial Intelligence (T1588.007), Rootkit (T1014), JavaScript (T1059.007), DNS (T1071.004), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), At (T1053.002)
• Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective — Fri, 22 May 2026 17:08:12 +0530
  • Matched TTPs: Rootkit (T1014), JavaScript (T1059.007), DNS (T1071.004), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), PowerShell (T1059.001), Tool (T1588.002), Software (T1592.002), Social Media (T1593.001), Python (T1059.006), At (T1053.002)
• Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks — Fri, 22 May 2026 14:20:18 +0530
  • Matched TTPs: IP Addresses (T1590.005), Rootkit (T1014), DNS (T1071.004), Vulnerabilities (T1588.006), Botnet (T1584.005), Server (T1584.004), Social Media (T1593.001), At (T1053.002)
• CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV — Fri, 22 May 2026 11:17:33 +0530
  • Matched TTPs: Rootkit (T1014), DNS (T1071.004), Vulnerabilities (T1588.006), Server (T1584.004), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)

보안뉴스 > SECURITY

• 티디지, 스패로우와 ‘DevSecOps 기반 보안체계 구축’ 계약 — Fri, 22 May 2026 17:03:00 +0900
  • Matched TTPs: Software (T1592.002)