VulnHub

Real-time Cybersecurity News

Kash Patel's merchandise site hacked to distribute malware

SCM feed for Latest
Actively Exploited
Malware

Overview

Based Apparel, a merchandise site linked to Kash Patel, was recently hacked to distribute infostealer malware aimed at stealing user credentials. This security incident came to light when a user on X shared the alarming news. The malware poses a serious risk to anyone who visited the site, as it can compromise sensitive information like login details. Users who made purchases or even just browsed the site should take immediate steps to protect their accounts, such as changing passwords and monitoring for suspicious activity. The attack underscores the ongoing risks associated with online shopping and the need for users to remain vigilant about their cybersecurity practices.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Based Apparel merchandise site
  • Action Required: Users should change their passwords and monitor accounts for suspicious activity.
  • Timeline: Newly disclosed

Original Article Summary

The attack on Based Apparel, reportedly an attempt to distribute infostealer malware designed to steal user credentials, was first brought to light by a user on X.

Impact

Based Apparel merchandise site

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Users should change their passwords and monitor accounts for suspicious activity.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Malware.

Read Original Article

Related Coverage

Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes

BleepingComputer

Italian officials have taken action against the CINEMAGOAL app, a piracy tool that illegally provided access to popular streaming services like Netflix, Disney+, and Spotify. The app was reportedly using stolen authentication codes to bypass payment systems, allowing users to access content without subscriptions. This crackdown is significant as it not only protects the intellectual property rights of these streaming platforms but also highlights ongoing challenges in combating online piracy. By dismantling this network, authorities aim to deter similar activities in the future and safeguard legitimate services. The action is part of a broader effort to enforce copyright laws and ensure users are not misled into using illegal services.

May 23, 2026

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

The Hacker News

Anthropic announced that its Project Glasswing has identified over 10,000 high- or critical-severity vulnerabilities in widely-used software since its launch last month. This initiative involves collaboration with around 50 partners and focuses on software deemed systemically important on a global scale. These vulnerabilities pose significant risks to organizations and users relying on this software, potentially exposing them to data breaches or cyberattacks. The findings emphasize the urgent need for software developers and companies to address these flaws promptly to safeguard their systems and users. This proactive approach highlights the role of AI in enhancing cybersecurity efforts.

May 23, 2026

‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains

SecurityWeek

A new vulnerability, dubbed 'Underminr', affects around 88 million domains, allowing attackers to hide malicious connections behind trusted domain names. This exploit can bypass DNS filtering mechanisms, making it easier for cybercriminals to manage command-and-control traffic without detection. As a result, organizations that rely on these domains for security may be at greater risk of compromise. The vulnerability raises concerns about the effectiveness of current DNS security measures, as attackers can leverage this flaw to blend in with legitimate traffic. Companies and system administrators are urged to review their DNS filtering strategies to mitigate potential risks associated with this vulnerability.

May 23, 2026

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

The Hacker News

Cybersecurity researchers have identified a software supply chain attack that compromised several PHP packages associated with Laravel-Lang. The affected packages include laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. These packages were manipulated to deliver a credential-stealing framework that could potentially affect developers and users utilizing these resources. This incident raises concerns about the security of software supply chains, particularly in open-source communities where such packages are widely used. Developers should remain vigilant and review their dependencies to ensure they are not using compromised versions of these packages.

May 23, 2026

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

The Hacker News

A severe security vulnerability has been discovered in the LiteSpeed User-End cPanel Plugin, identified as CVE-2026-48172, which has a maximum CVSS score of 10.0. This flaw allows attackers to exploit incorrect privilege assignments, enabling them to execute arbitrary scripts with root privileges. As a result, any cPanel user, including potential attackers or compromised accounts, can take advantage of this vulnerability. The ongoing exploitation of this flaw poses significant risks to server security and data integrity, making it crucial for affected users to take immediate action. The situation emphasizes the need for vigilance among web hosts and cPanel users to prevent unauthorized access and maintain secure environments.

May 23, 2026

Ubiquiti patches three critical vulnerabilities in UniFi OS

SCM feed for Latest

Ubiquiti has patched three serious vulnerabilities in its UniFi OS, labeled CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. These flaws could allow unauthorized users to make system changes, access sensitive system files through path traversal, and execute commands remotely via command injection. This is a significant concern for users of UniFi OS, as it could lead to unauthorized access and control over network devices. Ubiquiti is urging all users to apply the updates as soon as possible to protect their systems from potential exploitation. Given the nature of these vulnerabilities, companies using UniFi OS should prioritize updating their systems to ensure their networks remain secure.

May 22, 2026