Daily Hunt Feed - 2026-05-30

Threat Hunt Feed (2026-05-30)

Hacker News: Best

• GitHub bans security researcher who posted zero-day Windows exploits — Thu, 28 May 2026 21:45:54 +0000
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
• Nitpicking the shell history scene in ‘Tron: Legacy’ — Thu, 28 May 2026 19:15:54 +0000
  • Matched TTPs: Screen Capture (T1113), Hardware (T1592.001), Shell History (T1552.003), Tool (T1588.002), Software (T1592.002), At (T1053.002)
• Anthropic raises $65B in Series H funding at $965B post-money valuation — Thu, 28 May 2026 18:09:44 +0000
  • Matched TTPs: Web Services (T1584.006), At (T1053.002)

BleepingComputer

• ChatGPT share links abused to host fake outage pages to deliver malware — Fri, 29 May 2026 14:21:36 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Botnet (T1584.005), Tool (T1588.002), Phishing (T1566), Software (T1592.002), At (T1053.002)
• From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market — Fri, 29 May 2026 10:32:02 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Botnet (T1584.005), Server (T1584.004), Proxy (T1090), Tool (T1588.002), Software (T1592.002), At (T1053.002)
• Dutch govt disrupts malware botnet with 17 million infected devices — Fri, 29 May 2026 10:26:36 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), IP Addresses (T1590.005), Malware (T1588.001), Hardware (T1592.001), Botnet (T1584.005), Proxy (T1090), Tool (T1588.002), Firmware (T1592.003), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
• Google Chrome adds session cookie theft protection for all users — Fri, 29 May 2026 08:08:08 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Botnet (T1584.005), Private Keys (T1552.004), Tool (T1588.002), Phishing (T1566), Multi-Factor Authentication (T1556.006), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)

The Hacker News

• ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface — Fri, 29 May 2026 23:37:12 +0530
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
• Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit — Fri, 29 May 2026 20:09:56 +0530
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), SSH (T1021.004), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001)
• New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks — Fri, 29 May 2026 17:01:59 +0530
  • Matched TTPs: Artificial Intelligence (T1588.007), JavaScript (T1059.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Domains (T1584.001), Masquerading (T1036), PowerShell (T1059.001), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), At (T1053.002)
• Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets — Fri, 29 May 2026 14:41:25 +0530
  • Matched TTPs: Keylogging (T1056.001), JavaScript (T1059.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Proxy (T1090), Shell History (T1552.003), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001)
• Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels — Fri, 29 May 2026 11:27:41 +0530
  • Matched TTPs: Scheduled Task (T1053.005), JavaScript (T1059.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), DLL (T1574.001), Server (T1584.004), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Regsvr32 (T1218.010), Software (T1592.002), Social Media (T1593.001), At (T1053.002)