Morning Review in IT Security — May 24, 2026

The cybersecurity landscape continues to face escalating threats as multiple critical incidents emerge across global organizations. From messaging platform vulnerabilities to government agency breaches, today's threat intelligence reveals a pattern of sophisticated attacks targeting both commercial and public sector entities.

WhatsApp Zero-Day Exploit Advertised for Sale

A threat actor operating on an underground forum is claiming to offer a WhatsApp zero-day exploit for sale. According to the threat actor's claims, the exploit is capable of installing malware or backdoors through private messages and reportedly functions on multiple phone platforms. Source: DarkWebInformer

This development represents a significant concern for the billions of WhatsApp users worldwide, as successful exploitation of such a vulnerability could enable attackers to compromise devices without user interaction or awareness.

WisERP Customer Records Auctioned Following Alleged Breach

Approximately 1.5 million U.S. customer records allegedly belonging to WisERP users have been advertised in an auction on dark web forums. The breach affects Enterprise Resource Planning customers across the United States and represents a substantial supply chain risk. Source: DarkWebInformer

The exposure of ERP system data poses particular concern due to the sensitive nature of business operations and financial information typically stored within such platforms.

Chilean Fire Department System Compromised

The VIPER Platform operated by the Chilean Fire Department has allegedly been breached, with internal records and documents exposed to threat actors. This incident affects critical infrastructure responsible for emergency response operations in Chile. Source: DarkWebInformer

The compromise of emergency services infrastructure underscores the expanding scope of cyberattacks targeting government agencies and public safety systems.

South African Revenue Service Data Breach Attributed to Nullsec

The South African Revenue Service (SARS) has allegedly fallen victim to a data breach attributed to the Nullsec threat group. This breach of a government financial institution raises concerns regarding sensitive taxpayer information and national economic security. Source: DarkWebInformer

Today's threat landscape demonstrates that threat actors continue to target high-value assets across government, financial, and commercial sectors with increasing frequency and sophistication. Organizations should prioritize vulnerability patching, incident response readiness, and threat intelligence monitoring to mitigate these evolving risks.