VulnHub

Real-time Cybersecurity News

Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit

Hackread – Cybersecurity News, Data Breaches, AI and More
Actively Exploited
VulnerabilityData BreachDDoS

Overview

Bluesky, a social media platform, experienced a significant disruption due to a DDoS attack that lasted approximately 24 hours. The attack was claimed by a group known as the 313 Team, which is linked to Iran. Fortunately, the company reported that no user data was compromised during the incident. This attack raises concerns about the vulnerability of online platforms to such disruptions, especially as geopolitical tensions can lead to cyberattacks targeting specific services. Users and organizations that rely on Bluesky for communication and engagement should remain vigilant about potential future attacks.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Bluesky platform
  • Timeline: Ongoing since 24 hours prior to the article's publication

Original Article Summary

Bluesky is back online after a roughly 24-hour DDoS attack disrupted services, with the Iran-linked 313 Team claiming responsibility and no data breach reported.

Impact

Bluesky platform

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Ongoing since 24 hours prior to the article's publication

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Vulnerability, Data Breach, DDoS.

Read Original Article

Related Coverage

Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning

Hackread – Cybersecurity News, Data Breaches, AI and More

Cybercriminals are exploiting search engine optimization (SEO) techniques to direct developers to fake installer sites for popular tools like Gemini and Claude. These counterfeit sites are designed to deliver fileless malware, which can operate without traditional files on the disk, making detection more challenging. Once infected, developers risk having sensitive data stolen, which could lead to significant security breaches. This is particularly concerning given the reliance on these tools in development environments. Developers and companies need to be vigilant about where they download software to avoid falling victim to these malicious schemes.

May 26, 2026

Critical vulnerability in Universal Robots' PolyScope OS allows remote command execution

SCM feed for Latest

A serious vulnerability in Universal Robots' PolyScope operating system has been identified, allowing potential attackers to execute commands remotely. This flaw, tracked as CVE-2026-8153, has a high severity rating of 9.8, indicating a significant risk. It affects all versions of PolyScope software prior to 5.25.1, which means any users operating older versions are at risk. The ability for remote command execution could enable unauthorized access to connected systems, posing a threat to operational security. Users and organizations utilizing Universal Robots' systems need to take immediate action to update their software to the latest version to mitigate this risk.

May 26, 2026

Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike

SCM feed for Latest

A zero-day vulnerability identified as CVE-2026-5426 has been discovered in a Japanese Learning Management System (LMS). This security flaw arises from the use of hard-coded ASP.NET machine keys, which attackers can exploit to deploy Cobalt Strike, a popular penetration testing tool that can also be used for malicious purposes. The exploitation of this vulnerability poses significant risks to educational institutions and organizations using the LMS, potentially allowing unauthorized access to sensitive information and systems. Users of the affected LMS should take immediate steps to secure their systems to prevent potential intrusions.

May 26, 2026

Zero-click attack hijacks WhatsApp accounts on iOS 16

SCM feed for Latest

A new zero-click attack has been discovered that targets WhatsApp accounts on devices running iOS 16. This attack takes advantage of vulnerabilities in the ImageIO framework, specifically identified as CVE-2025-43300, and potentially CVE-2025-55177. By exploiting these flaws, attackers can gain unauthorized access to WhatsApp sessions without any user interaction. This is particularly concerning for users of iOS 16, as it opens the door for unauthorized access to private messages and data. Users should remain vigilant and consider updating their devices as soon as patches are available to mitigate this risk.

May 26, 2026

Claude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month

Hackread – Cybersecurity News, Data Breaches, AI and More

Anthropic's Claude Mythos AI has reportedly identified over 10,000 software vulnerabilities in just one month, with a notable number of these flaws found in open-source code. This discovery raises significant concerns for developers and organizations relying on open-source software, as these vulnerabilities could be exploited by malicious actors if not addressed promptly. The identified flaws range from minor issues to critical vulnerabilities, potentially affecting a wide array of software applications. This highlights the importance of continuous security assessments and the need for developers to prioritize vulnerability management in their software supply chains. With software vulnerabilities being a common entry point for cyberattacks, organizations should take immediate action to patch any flaws identified by AI tools like Claude Mythos.

May 26, 2026

Anthropic: Mythos finds more than 10,000 software flaws in first month

CyberScoop

Anthropic's new tool, Mythos, has identified over 10,000 software flaws in its first month of operation. This impressive figure indicates a tenfold increase in the rate of bug discovery among some partnered organizations. However, there is a concerning trend of a growing gap between identifying these flaws and actually fixing them, which could leave systems vulnerable. The findings suggest that while many companies are becoming more aware of their software vulnerabilities, they may not be equipped to address them promptly. This situation highlights the ongoing challenges in software security and the need for effective remediation strategies to protect against potential exploitation.

May 26, 2026