🐛 COMMON VULNERABILITIES AND EXPOSURES 18[−]
13 MayMay Patch Tuesday roundup: Critical holes in Windows Netlogon, DNS, and SAP S/4HANACritical vulnerabilities in Windows Server’s networking and identity infrastructure, as well as a serious hole in Microsoft Dynamics 365 on-premises version, highlight Microsoft’s May Patch Tuesday fixes. They are among the 118 vulnerabilities identified this month by the company…CSOONLINE.COM
13 MayPatch Tuesday - May 2026Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday . Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are no…RAPID7.COM
13 MayCVE-2026-43894 jq: Wild stack write via signed-integer overflow in decNumber D2U() macroInformation published.MSRC.MICROSOFT.COM
13 MayCVE-2026-43896 jq: Stack Overflow in Recursive Object MergeInformation published.MSRC.MICROSOFT.COM
13 MayCVE-2026-43895 jq: Embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifactsInformation published.MSRC.MICROSOFT.COM
13 MayCVE-2026-40612 jq: Stack overflow via unbounded recursion in jv_containsInformation published.MSRC.MICROSOFT.COM
13 MayCVE-2026-41256 jq: Embedded NUL truncates top-level jq programs loaded with -fInformation published.MSRC.MICROSOFT.COM
13 MayCVE-2026-31767 drm/i915/dsi: Don't do DSC horizontal timing adjustments in command modeInformation published.MSRC.MICROSOFT.COM
13 MayCVE-2026-43249 9p/xen: protect xen_9pfs_front_free against concurrent callsInformation published.MSRC.MICROSOFT.COM
13 MayCVE-2026-8177 XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequencesInformation published.MSRC.MICROSOFT.COM
13 MayCVE-2026-6210 Type confusion and heap-buffer-overflow in Qt SVG marker handling causing application crashInformation published.MSRC.MICROSOFT.COM
13 MayCVE-2026-41257 jq: Signed-int overflow in `stack_reallocate` (jq VM stack)Information published.MSRC.MICROSOFT.COM
13 MayCritical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticatorFortinet patched critical flaws in FortiSandbox and FortiAuthenticator that could let attackers remotely execute code on unpatched systems. Fortinet addressed two critical vulnerabilities affecting FortiSandbox and FortiAuthenticator. The flaws could allow attackers to execute ar…SECURITYAFFAIRS.COM
13 MayMicrosoft’s agentic security system found four critical Windows RCE flawsMicrosoft responded to growing competition in AI security by announcing that its new agentic security system helped researchers discover 16 new vulnerabilities in the Windows networking and authentication stack, including four critical remote code execution (RCE) flaws. MDASH arc…HELPNETSECURITY.COM
13 MayMicrosoft’s new AI system finds 16 Windows flaws, including four critical RCEsMicrosoft has unveiled a new AI-driven vulnerability discovery system that identified 16 previously unknown Windows vulnerabilities, including four critical remote code execution flaws, in what security analysts say could mark a major shift in how software vulnerabilities are dis…CSOONLINE.COM
13 MayQuest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizationsCVE-2025-32975 is a critical flaw in Quest KACE SMA used for endpoint management. If exploited, it could impact all managed systems across organizations. CVE-2025-32975 is a critical flaw in Quest KACE SMA used for endpoint management. If exploited, it could impact all managed sy…SECURITYAFFAIRS.COM
13 MayWhen IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain CompromiseOverview Attackers do not need to break into the front door when they can convince employees to open it for them through the tools they already trust. In April 2026, Rapid7 investigated an enterprise intrusion that began with a Microsoft Teams message from a fake “IT Support” acc…RAPID7.COM
13 May KEVFortinet fixes two critical RCE flaws in FortiAuthenticator and FortiSandboxFortinet released a batch of patches across its products on Patch Tuesday, including two critical vulnerabilities that can lead to remote code execution. Fortinet flaws, both zero-day and n-day, have been exploited in the wild many times in the past, so companies should deploy pa…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 33[−]
13 MayCanvas Breach 'Deal' With ShinyHunters, AI Zero-Day Warning, Checkmarx Hit AgainCybersecurity Today examines a troubling set of new security developments affecting schools, software supply chains, and account security. Instructure says it reached an "agreement" with the ShinyHunters threat group after the massive Canvas breach that may have affected up to 27…CYBERSECURITYTODAY.LIBSYN.COM
13 MayResearchers open-source a Wi-Fi cyber range for security trainingWireless security training programs lean heavily on generic network labs, with Wi-Fi appearing as a checkbox alongside Bluetooth, Zigbee, and cellular. Hands-on environments dedicated to IEEE 802.11 are uncommon, even as Wi-Fi remains the default on-ramp to corporate networks and…HELPNETSECURITY.COM
13 MayRisky Business #837 -- GitHub Actions footgun claims TanStackOn this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Mini Shai-Hulud and the TanStack compromise using Github Actions Instructure pays Canvas elearning platform data extortionists More Linux privilege escalation 0days!…RISKY.BIZ
13 MaySandyaa: Open-source autonomous security bug hunterSource code auditing has traditionally relied on static analyzers that flag long lists of potential issues, leaving engineers to sort bugs from noise. A new open-source project from offensive-security firm SecureLayer7 takes a different route, using LLMs to read a codebase, trace…HELPNETSECURITY.COM
13 MayClickFix Evolves Using Decade-Old Open-Source Python SOCKS5 ProxyA newly observed ClickFix campaign is pushing beyond simple user-triggered infections, introducing a more persistent and stealthy intrusion chain using PySoxy, a 10-year-old open-source Python SOCKS5 proxy. Unlike traditional ClickFix attacks that rely on a single PowerShell exec…GBHACKERS.COM
13 May KEV2026 CSO Award winners showcase business-enabling cyber innovationThe annual CSO Awards annually recognize security projects that demonstrate outstanding security leadership and business value. For this year’s program, CSO honors 64 security organizations whose hard work and innovative approaches have had a significant impact on how their enter…CSOONLINE.COM
13 MayGoogle entdeckt erstmals KI-basierten Zero-Day-ExploitWillkommen im neuen, KI-geschwängerten Bedrohungszeitalter. Gorodenkoff / Shutterstock Die Google Threat Intelligence Group (GTIG) warnt davor, dass kriminelle Hacker mittlerweile KI einsetzen – sowohl, um Schwachstellen aufzuspüren, als auch um anschließend Malware zu entwickeln…CSOONLINE.COM
13 MayNetSPI AI-powered Continuous Pentesting identifies high-impact vulnerabilitiesNetSPI launched AI-powered Continuous Pentesting offerings, designed to help organizations continuously identify, validate and reduce risk across dynamic external and cloud environments. Organizations are managing an expanding number of potential entry points as new internet-faci…HELPNETSECURITY.COM
13 MayReport: 4 in 10 UK Businesses Were Breached by Phishing Last Year43% of businesses in the UK reported a breach last year, with phishing driving the vast majority (85%) of these attacks, the Register reports. A survey by the British government found that attacks involving only phishing grew by six percent in 2025.KNOWBE4.COM
13 MayCISA’s AI SBOM guidance pushes software supply-chain oversight into new territoryThe US Cybersecurity and Infrastructure Security Agency (CISA) and its G7 cyber agency partners have released a list of minimum elements for an AI software bill of materials, a move that could help CISOs assess the security and provenance of AI systems entering enterprise environ…CSOONLINE.COM
13 MayBreaking things to keep them safe with Philippe LaulheretPhilippe shares his unique journey from French engineering school to the front lines of cybersecurity, explaining how his lifelong love for solving puzzles helps him uncover critical security flaws before they can be exploited.TALOSINTELLIGENCE.COM
13 MayClickFix finds a backup plan in PySoxy proxy chainsClickFix, a one-shot social engineering technique that tricks victims into executing malicious workflows disguised as fixes to technical issues in their systems, has got a persistence upgrade. In a one-off instance, ReliaQuest researchers have spotted an intrusion chain using sch…CSOONLINE.COM
13 MayMay 2026 Patch Tuesday: no zero-days but plenty to fixMay’s Patch Tuesday may not be the giant release many expected, but there are still plenty of important fixes that shouldn’t be ignored.MALWAREBYTES.COM
13 MayKDE gets over €1 million investment to strengthen security and core infrastructureEuropean governments and public institutions have been shifting away from proprietary software for years, and the financial infrastructure supporting open-source alternatives is growing to match. Germany’s Sovereign Tech Fund announced today that it is investing more than €…HELPNETSECURITY.COM
13 May KEVMay 2026 Patch Tuesday: 137 Vulnerabilities, No Zero-DaysMay 2026 Patch Tuesday: 137 Vulnerabilities, No Zero-Days Microsoft released its May 2026 Patch Tuesday security updates, resolving a total of 137 vulnerabilities across Windows and a broad range of Microsoft products and components. Unlike the previous several months, this relea…SOCRADAR.IO
13 MayMost Remediation Programs Never Confirm the Fix Actually WorkedSecurity teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean time to exploit at an estimated negative seven days. The Verizon 2025 DBIR puts median time to remed…THEHACKERNEWS.COM
13 MayMicrosoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE FlawsMicrosoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 flaws, 30 are rated Critical, 104 are rated Important, three are rated Moderate, and …THEHACKERNEWS.COM
13 MayPalo Alto bets on identity security for autonomous AI with Idira launchPalo Alto Networks has launched Idira, a new identity security platform aimed at securing human users, machine identities, and AI agents amid the rising adoption of autonomous AI systems amongst enterprises. The company is positioning Idira as a next-generation identity security …CSOONLINE.COM
13 MaySecuring data centers in the agentic AI eraFind out how data center operators can protect critical building-management systems and cyber-physical infrastructure from AI-powered threats, as well as comply with evolving regulations. Key takeaways Data centers have evolved from simple storage hubs into critical national infr…TENABLE.COM
13 MayMicrosoft on pace to break annual vulnerability record as AI-driven patch wave takes holdFive months into 2026, Microsoft has already patched more than 500 vulnerabilities — although the exact monthly count varies depending on whether analysts include Edge, Chromium and fixes shipped earlier in the month.THERECORD.MEDIA
13 MayMicrosoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch TuesdayMicrosoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview. MDASH, short for multi-model agen…THEHACKERNEWS.COM
13 MayAzerbaijani Energy Firm Hit by Repeated Microsoft Exchange ExploitationA threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its targeting. The activity has been attributed by Bitdefender wit…THEHACKERNEWS.COM
13 MayWhat happens when China’s AI catches up to Mythos?The Trump-Xi summit opening in Beijing this week carries an agenda item unlike any in the history of US-China diplomacy: what to do about artificial intelligence that can autonomously find and exploit vulnerabilities in the world’s most critical software — and what happens when b…CSOONLINE.COM
13 MayHow to Identify and Exploit New VulnerabilitiesIn the ever-evolving world of cybersecurity, staying ahead of the curve is not just a goal—it’s a necessity. As new vulnerabilities emerge, the race to identify and mitigate them begins. But how do we, the guardians of the digital realm, rapidly pinpoint these threats as they bec…BLACKHILLSINFOSEC.COM
13 MayRapid7 Partner Academy: Driving Impact with Gold Stevie Award-Winning Partner Services CertificationsAt Rapid7, our commitment to our partners is built on the foundation of the PACT (Partnering with Accountability, Consistency, and Transparency) program. Central to this mission is the Rapid7 Partner Academy, which was recently honored with a Gold Stevie Award in the 2026 America…RAPID7.COM
13 MayMicrosoft Teams Vulnerability Allows Hackers to Perform Spoofing AttacksA newly discovered security flaw in Microsoft Teams for Android could allow attackers to carry out dangerous spoofing attacks. By exploiting improperly secured files, hackers can trick users and compromise sensitive corporate information. Microsoft has rapidly issued an official …GBHACKERS.COM
13 MayPatch Tuesday notes: Microsoft patches over a hundred flaws, none of which are zero-days.Foxconn confirms disruptive cyberattack as ransomware gang claims responsibility. Business news: Exaforce raises $125 million in Series B funding.THECYBERWIRE.COM
13 MayViral ‘RuView’ GitHub project uses Wi-Fi to track movement through wallsA new open-source project called “RuView” is drawing widespread attention online for demonstrating how ordinary Wi-Fi signals can be used to detect human movement, breathing patterns, and even body posture through walls without cameras or wearable devices. The project surged on G…CYBERINSIDER.COM
13 MayMicrosoft’s Patch Tuesday Update Targets 120 Security FlawsMicrosoft’s May Patch Tuesday fixes 120 flaws, including 31 remote code execution bugs, with no zero-days reported at release. The post Microsoft’s Patch Tuesday Update Targets 120 Security Flaws appeared first on TechRepublic .TECHREPUBLIC.COM
13 MayExaforce raises $125 million in Series B funding.Israeli security awareness training platform provider Frame Security emerges from stealth with $50 million.THECYBERWIRE.COM
13 MayDark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk LandscapeInforma TechTarget's flagship cybersecurity media brand launches a special content series to mark two decades as a trusted source for cybersecurity professionals.DARKREADING.COM
13 MayTables Turn on 'The Gentlemen' RaaS Gang With Data LeakAn OPSEC failure provides a window into what helped the ransomware group rise: a generous affiliate model, opportunistic TTPs, and an effective organizational structure.DARKREADING.COM
13 MayFired employee sought AI help to hide deletion of hosting firm’s customer dataThe apparent revenge deletion of US federal databases after the dismissal of twin brothers from an online hosting company is another reminder to IT and HR leaders that tough off-boarding procedures have to be implemented to prevent insider attacks. Destructive attacks either from…CSOONLINE.COM
📋 SECURITY BULLETINS 5[−]
13 MayMicrosoft Fixes 17 Critical Flaws in May Patch TuesdayMicrosoft has patched 120 vulnerabilities in this month’s security update roundINFOSECURITY-MAGAZINE.COM
13 MayMicrosoft Releases Cumulative Update for Windows 11, Version 25H2 and 24H2Microsoft has officially released its May 2026 Patch Tuesday updates, delivering critical security fixes and system improvements for multiple Windows 11 versions. According to Microsoft release notes, the deployment includes cumulative update KB5089549 for Windows 11 versions 25H…GBHACKERS.COM
13 MayGoogle Launches New Android Security Features to Fight Scams, TheftGoogle detailed Android security updates for 2026, including verified bank calls, stronger theft protection, OTP hiding, and spyware forensics. The post Google Launches New Android Security Features to Fight Scams, Theft appeared first on TechRepublic .TECHREPUBLIC.COM
13 MayMicrosoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarmingMicrosoft’s May 2026 Patch Tuesday fixed 138 flaws, including 30 critical bugs, across Windows, Office, Azure, Edge, SQL Server, and more. Microsoft’s May 2026 Patch Tuesday patched 138 vulnerabilities in a single release. That is a number that gives pause even for people a…SECURITYAFFAIRS.COM
13 MayEvery layer needs a patch now.Patch Tuesday. Global agencies update SBOM guidance. Iran-linked espionage group Seedworm breached a major South Korean electronics manufacturer. A telehealth platform breach affects 716,000. Foxconn confirms a cyberattack. Maria Varmazis has an update on orbital data centers. A …THECYBERWIRE.COM
📢 SECURITY ADVISORIES 7[−]
13 MayVersa CSPM brings continuous visibility to cloud risk and compliance exposureVersa has announced Versa Cloud Security Posture Management (CSPM), extending the VersaONE Universal SASE Platform to provide continuous visibility, prioritization, and remediation of cloud risk across environments. With CSPM, Versa combines secure access protection and cloud pos…HELPNETSECURITY.COM
13 MayApricorn hardens ASK3 encrypted USB drive for extreme conditionsApricorn has announced enhancements to its Aegis Secure Key 3.0 (ASK3), delivering faster performance and new environmental protection capabilities designed to secure the device and its data in the most demanding physical circumstances. The ASK3 was updated to meet and exceed the…HELPNETSECURITY.COM
13 MaySignal responds to phishing attacks with new in-app security warningsSignal is adding new protections for users following recent phishing and social engineering attacks. In March, the FBI and CISA issued a warning stating that Signal had become a primary target of Russian intelligence-linked hackers. Dutch and German security authorities were amon…HELPNETSECURITY.COM
13 MayNavigating the Cybersecurity Landscape in India Empowering Human and AI AgentsIntroduction The Asia-Pacific and Japan (APJ) region, with its dynamic economic growth and technological advancements, presents unique challenges and opportunities in the realm of human risk management and agentic risk management, particularly within the financial services sector…KNOWBE4.COM
13 MayPCI PIN and P2PE compliance packages for AWS Payment Cryptography are now availableAmazon Web Services (AWS) is pleased to announce the successful completion of Payment Card Industry Personal Identification Number (PCI PIN) and PCI Point-to-Point Encryption (PCI P2PE) assessments for the AWS Payment Cryptography service. This assessment expands the AWS Payment …AWS.AMAZON.COM
13 MayIntroducing the updated AWS User Guide to Governance, Risk, and Compliance for Responsible AI AdoptionThe financial services industry (FSI) is using AI to transform how financial institutions serve their customers. AI solutions can help proactively manage portfolios, automatically refinance mortgages when rates decrease, and negotiate insurance premiums for customers. However, th…AWS.AMAZON.COM
13 MayCheckbox Assessments Aren't Fit to Measure to RiskSecurity governance needs to be more than an annual compliance exercise. New companies are emerging to address risk-management gaps in current audit tools.DARKREADING.COM
🔥 INCIDENT REPORTING 23[−]
13 MayGemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal DataCybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that use the registry as a data exfiltration channel rather than for malware distribution. "The packages do not appear designed fo…THEHACKERNEWS.COM
13 MayRansomware Gangs Use BYOVD and EDR Killers to Disable Security ToolsRansomware is evolving faster than many defenses can keep up. In 2026, attackers are no longer just encrypting files they are systematically dismantling security tools, stealing sensitive data, and even preparing for a post-quantum future. Despite a slight global decline in ranso…GBHACKERS.COM
13 MayInfostealer Malware Fuels Corporate Breaches From Personal DevicesInfostealer malware is no longer just a consumer nuisance it has become a direct bridge between personal device infections and full-scale enterprise breaches. Once these credentials are harvested and posted on dark web forums, attackers gain immediate footholds into corporate env…GBHACKERS.COM
13 MayQ1 2026 Ransomware Attacks Hits 2,122 Orgs Amid Fewer, More Impactful GroupsRansomware activity remained elevated in Q1 2026, continuing the trend established over the past year. The latest State of Ransomware Q1 2026 report reveals that 2,122 organizations were listed on ransomware data leak sites (DLS), marking the second-highest Q1 total on record. Wh…GBHACKERS.COM
13 MayCanada Life - 237,810 breached accountsIn April 2026, Canada Life was the victim of a "pay or leak" extortion campaign by the ShinyHunters group . The group subsequently published the data which contained over 200k unique email addresses along with names, phone numbers, physical addresses and, in some cases, customer …HAVEIBEENPWNED.COM
13 MayOptimize Legal Operations as the CISO Role Changes to Address Skills Gaps and AI - BSW #447Legal departments are under continual pressure to solve problems effectively and integrate innovative technology all while reducing costs and complexity. Enter cybersecurity, a complex and potentially costly risk. How should legal departments prepare? Walter Wilkens, Head of Deli…YOUTUBE.COM
13 MayNew SOC-Ready Reporting for Faster Triage, Escalation, and Incident Response with ANY.RUNSuccessful SOC operations require more than accurate detections. Instant access to context, clear conclusions, and operationally relevant insights allow incidents to move across workflows without delays: Making ANY.RUN’…ANY.RUN
13 MayInstructure settles with hackers following massive student data theftEducational tech firm Instructure reached a deal with hackers after a major Canvas breach exposed data stolen from schools and universities. Educational tech firm Instructure says it reached an agreement with the cybercrime group behind a major Canvas data theft, after attackers …SECURITYAFFAIRS.COM
13 MayRansomware: Over Half of CISOs Would Consider Paying Ransom to HackersSurvey of cybersecurity leaders suggests that majority would strongly consider paying cybercriminals, if that’s what it took to help restore encrypted systemsINFOSECURITY-MAGAZINE.COM
13 MayCanvas owner reaches ‘agreement’ with threat actors after data breachCybersecurity experts suggest that Instructure appears to have made a ransomware payment, which the FBI highly discourages.CYBERSECURITYDIVE.COM
13 MayThus Spoke…The GentlemenKey Points Introduction The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. Its operators advertise the service across multiple underground forums, promoting their ransomware platform and inviting penetration testers and …RESEARCH.CHECKPOINT.COM
13 MayTuskira’s Kairo exposes hidden AI-driven breach pathsTuskira has announced the launch of Kairo, a breach modeling capability that detects deep, hidden breach paths by leveraging its security data mesh and digital twin technology. Kairo helps security teams improve breach resilience by modeling how attackers can leverage new AI mode…HELPNETSECURITY.COM
13 MayUS lawmakers demand answers from Instructure after Canvas data breachesU.S. House lawmakers want to know how hackers broke into education tech giant Instructure twice, and stole reams of data from students who use the company's flagship student data software Canvas.TECHCRUNCH.COM
13 MayThe Real Work Starts After BreachAfter a cyberattack, the first priority is containment and forensic analysis. But according to Walter Wilkens, another major phase begins immediately after: data mining the breached environment to determine what sensitive information was exposed. That includes identifying PII (pe…YOUTUBE.COM
13 MayCanvas Owner Reaches Agreement With Cybercriminals After Ransomware AttackInstructure says it reached an agreement with ShinyHunters over the Canvas breach dataINFOSECURITY-MAGAZINE.COM
13 MayRansomware hackers claim breach at Foxconn, a major electronics manufacturer for Apple, Google, and NvidiaA ransomware group has claimed responsibility for hacking the electronics manufacturing giant Foxconn, and is attempting to extort the company.TECHCRUNCH.COM
13 MayHackers Claim 11M Files Stolen From Foxconn, Supplier to Apple and NvidiaFoxconn confirmed a North American cyberattack after Nitrogen claimed it had stolen 11M files tied to major tech customer projects. The post Hackers Claim 11M Files Stolen From Foxconn, Supplier to Apple and Nvidia appeared first on TechRepublic .TECHREPUBLIC.COM
13 MayCanvas Breach Hackers Reach Deal After Claiming 275M Records StolenInstructure reached a deal with the Canvas hackers after they claimed to have stolen data tied to nearly 9,000 schools and 275 million people. The post Canvas Breach Hackers Reach Deal After Claiming 275M Records Stolen appeared first on TechRepublic .TECHREPUBLIC.COM
13 MayGoogle Enhances Android Mobile Security with New AI-powered ProtectionsMobile devices have become ground zero for a ruthless wave of cyberattacks, with invisible threat actors draining bank accounts and hijacking digital identities before victims even realize they’ve been compromised. Now, Google is striking back with a massive counteroffensiv…GBHACKERS.COM
13 MayFoxconn confirms cyberattack affecting some North American facilitiesA ransomware group has claimed a major attack against the electronics manufacturer.CYBERSECURITYDIVE.COM
13 MayStudent Messages Were the Real TargetMost breach headlines focus on passwords, credit cards, or government IDs. This breach hit somewhere more personal. Attackers reportedly breached Canvas — a learning platform used across colleges and universities — and may have accessed billions of private inbox messages exchange…YOUTUBE.COM
13 MayOpenLoop Health confirms January 2026 Data breach affecting 716,000In January 2026, telehealth infrastructure firm OpenLoop Health suffered a security breach that exposed information of 716,000 people. OpenLoop Health confirmed a January 2026 cyberattack that exposed personal information of 716,000 individuals using its telehealth services. The …SECURITYAFFAIRS.COM
13 MaySmashing Security podcast #467: How ShinyHunters hacked the world’s biggest universitiesWelcome to the largest educational data breach in history - affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas's parent company refused to pay and announced they had deployed "security patches" instead, the hackers we…GRAHAMCLULEY.COM
🕵️ THREAT INTELLIGENCE 23[−]
13 MayISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930, (Wed, May 13th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
13 MayAndroid pushes new scam, theft, and AI protections in 2026 update wavePhone scammers spoofing bank caller IDs have driven an estimated $980 million in annual losses worldwide, according to Europol. Android’s 2026 security roadmap takes direct aim at that pattern with a verified call system built in partnership with banks, alongside a wider se…HELPNETSECURITY.COM
13 MayThe hidden risk of non-human identities in AI adoptionAn employee with persistent, unsupervised admin access across critical systems, with no audit trail, no clear owner, and no regular access reviews, would raise immediate concern in most organizations. Yet non-human identities and AI agents are often granted that same kind of pers…HELPNETSECURITY.COM
13 MayFake FinalShell and Xshell Sites Push Kong RAT MalwareHackers are abusing fake download sites for popular tools like FinalShell and Xshell to deliver a new remote access trojan known as Kong RAT, in a highly staged and stealthy campaign that ran from at least May 2025 through March 2026. In this campaign, attackers poisoned search e…GBHACKERS.COM
13 MayProton Pass rated “well above par” in independent security auditProton Pass password manager has passed an independent security audit conducted by Recurity Labs, that described the product’s overall security posture as “well above par.” The audit, commissioned by Proton and carried out between January and April 2026, examined the Proton Pass …CYBERINSIDER.COM
13 MayOpenAI’s GPT-5.5 is as Good as Mythos at Finding Security VulnerabilitiesThe UK’s AI Security Institute evaluated GPT-5.5’s ability to find security vulnerabilities, and found that it is comparable to Claude Mythos. Note that the OpenAI model is generally available. Here is the Institute’s evaluation of Mythos. And here is an analysi…SCHNEIER.COM
13 MayLW ROUNDTABLE: Microsoft Edge normalizes credential exposure — security pros push backBy design. Two words that have done an awful lot of heavy lifting in the cybersecurity industry over the years. They tend to surface whenever a vendor wants to wave off a serious finding without fixing it. Related: The unending … (more…) The post LW ROUNDTABLE: Microsoft Ed…LASTWATCHDOG.COM
13 MayAndroid adds ‘Intrusion Logging’ system to detect spyware attacksGoogle has unveiled a new Android security feature called “Intrusion Logging,” a forensic logging system designed to help investigators detect spyware attacks and infections on mobile devices. The capability is rolling out as part of Android Advanced Protection Mode (AAPM) and wa…CYBERINSIDER.COM
13 MayAI Agents Generate Custom Hacking Tools on the FlyTwo threat campaigns heavily leveraged AI agents to support attacks against entities in Mexico and Brazil.DARKREADING.COM
13 MayChina's 'FamousSparrow' APT Nests in South Caucasus Energy FirmThe cyberthreat group targets an Azerbaijani oil and gas firm with repeated attacks, as the China-linked actors extend targeting beyond hospitality, telecom, and government sectors.DARKREADING.COM
13 MayThe Rise of Cyber Threats and AI in the Philippines: A New Era Beyond Legacy SecurityIntroduction The Philippines, like many other nations, is witnessing a dramatic increase in cyber threats, fueled by the rapid adoption of digital technologies and the proliferation of sophisticated cybercriminals. This article examines the evolution of cyber threats in the Phili…KNOWBE4.COM
13 MayDaybreak is OpenAI’s answer to the AI arms race in cybersecurityWith Daybreak, OpenAI is taking direct aim at Anthropic's tightly restricted Mythos model, offering a more open — but still carefully gated — path to AI-powered cyber defense. The post Daybreak is OpenAI’s answer to the AI arms race in cybersecurity appeared first on CyberS…CYBERSCOOP.COM
13 MayOpenAI launches Daybreak to combat cyber threatsThe cybersecurity initiative uses AI to detect software vulnerabilities, partnering with Cloudflare, Cisco and CrowdStrike to counter threats.CYBERSECURITYDIVE.COM
13 MayWhatsApp adds Incognito Chat for private Meta AI conversationsThe company launched Incognito Chat with Meta AI, a feature that lets users hold AI conversations the platform itself cannot read. The rollout will reach WhatsApp and the standalone Meta AI app over the coming months. How Incognito Chat works Incognito Chat runs on top of Meta…HELPNETSECURITY.COM
13 MayWeaponized AI: The new frontier of fraud and identity spoofingAs fake identity fraud is projected to cause $40 billion in losses next year, leaders must abandon static security in favor of rapid-iteration, AI-enabled defenses that adapt in days, not months. The post Weaponized AI: The new frontier of fraud and identity spoofing appeared fir…CYBERSCOOP.COM
13 MayGoogle Introduces Googlebook, a Gemini-First Laptop PlatformGooglebook brings Gemini Intelligence, Magic Pointer, Android app support, phone integration, and premium hardware to Google’s new laptop platform. The post Google Introduces Googlebook, a Gemini-First Laptop Platform appeared first on TechRepublic .TECHREPUBLIC.COM
13 MayTIOBE Index for May 2026: R Ascends as Statistical Tools ConsolidateMay 2026 TIOBE Index keeps Python #1 as Java edges past C++. R climbs to #8, and Paul Jansen says statistical tools are consolidating around Python and R. The post TIOBE Index for May 2026: R Ascends as Statistical Tools Consolidate appeared first on TechRepublic .TECHREPUBLIC.COM
13 MayDOJ releases legal rationale for nationwide voter data collectionThe memo claims a robust executive branch role vetting voter eligibility. One Secretary of State called it a “fantasy” that “isn’t worth the paper it’s printed on.” The post DOJ releases legal rationale for nationwide voter data collection appeared first on CyberScoop .CYBERSCOOP.COM
13 MayWhatsApp launches “Incognito Chat” for private AI conversationsMeta has announced “Incognito Chat with Meta AI,” a new private AI chat mode for WhatsApp and the Meta AI app. The feature is built on the firm’s existing “Private Processing” infrastructure and is designed for sensitive AI interactions involving personal, financial, health, or w…CYBERINSIDER.COM
13 MayAI Won’t Invent the FutureBen Carr argues that most AI systems — especially LLMs — are exceptional at processing and reusing existing information, but not necessarily creating fundamentally new approaches. They can optimize workflows, summarize knowledge, and accelerate execution. But true process inventi…YOUTUBE.COM
13 MayAttackers Weaponize RubyGems for Data Dead DropsThreat actors are publishing RubyGems packages that include scrapers targeting public-facing UK government servers, but with no clear objective.DARKREADING.COM
13 MayResearchers say AI just broke every benchmark for autonomous cyber capabilityTwo independent studies found that Anthropic's Claude Mythos Preview and OpenAI's GPT-5.5 have outpaced every trend line researchers were tracking. No one is sure if this is a one-time leap or the new normal. The post Researchers say AI just broke every benchmark for autonomous c…CYBERSCOOP.COM
13 MayClosed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risksThe committee held a closed briefing Wednesday with company reps, and more oversight is in the works. The post Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks appeared first on CyberScoop .CYBERSCOOP.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
13 MayAndroid Adds Intrusion Logging for Sophisticated Spyware ForensicsGoogle on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, available as part of Advanced Protection Mode, enables "persistent and privacy-preserving forensics loggi…THEHACKERNEWS.COM
13 MayGlobal Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain RisksThe G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chainsINFOSECURITY-MAGAZINE.COM
13 MayThis is what some the world’s largest banks of malware look like stacked as hard drivesWhat would some of the world's largest repositories of malware look like if they were stacked as hard drives, one on top of the other?TECHCRUNCH.COM
📰 CYBERSECURITY BRIEFINGS 2[−]
13 May[Webinar] Why Your AppSec Tools Miss the "Lethal Path" (and How to Fix It)TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz and Okta/GitLab to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register for the Strategic Briefing Here. Most security tools work like a smoke alarm that go…THEHACKERNEWS.COM
13 MayUK moves to shield security researchers in cybercrime law overhaulThe proposed reforms, outlined in briefing documents published alongside the King’s Speech opening a new parliamentary session, would update the Computer Misuse Act 1990 as part of a broader national security package focused on cybercrime and digital threats.THERECORD.MEDIA
🎙️ PODCASTS 1[−]
13 MayCyber Creator Tyler Ramsbey Shares How to Grow an Audience & Community in CyberThis episode is a little different. We're sharing a session from Behind the Cyber Creator, a live AMA series we run at the Cybersecurity Marketing Society, and Tyler Ramsbey was our first guest. Tyler went from pastor to pentester, built a study group into a community of 15,000 p…THECYBERWIRE.COM
📡 INFOSEC NEWS 12[−]
13 MayWeekly Threat Bulletin – May 13th, 2026These are the top threats you should know about this week.F5.COM
13 MayProxying the Unproxyable? Sending EXE traffic to a Proxy, (Wed, May 13th).. if “unproxyable†is a word that is ..
ISC.SANS.EDU
13 May[GUEST DIARY] Tearing apart website fraud to see how it works., (Wed, May 13th)&#;x26;#;x5b;This is a Guest Diary by Joshua Nikolson, an ISC Intern and part of the SANS.edu Bachelor&#;x26;#;39;s degree in Applied Cybersecurity (BACS) program.]
ISC.SANS.EDU
13 MayUK Cybersecurity Market Expands to £14.7bn with Strong Growth in AI Security FirmsUK cybersecurity sector reaches £14.7bn in revenue, driven by rapid growth in AI security firms, increased investment and rising employment across the industryINFOSECURITY-MAGAZINE.COM
13 MayDark Web Profile: Keymous+Dark Web Profile: Keymous+ Keymous Plus, also known as Keymous+ threat group, markets itself as a hacktivist collective fighting for humanity. What intelligence investigations have documented is structurally different: a North African hybrid actor blending political performance w…SOCRADAR.IO
13 MayTexas sued Netflix over claims it secretly collected and sold users’ dataThe Texas AG sued Netflix, accusing the company of secretly tracking viewers, selling user data, and using addictive features targeted at minors.MALWAREBYTES.COM
13 MayAvada Builder Flaws Expose One Million WordPress SitesAvada Builder flaws allowed file read and SQL injection on one million WordPress sitesINFOSECURITY-MAGAZINE.COM
13 MayWhatsApp Adds Meta AI Chats That Are Built to Be Fully PrivateThe company says its new Incognito Chat allows you to use its AI chatbot without anyone else—including Meta—being able to access your conversations.WIRED.COM
13 MayEuropean Commission head pushes creation of new law delaying teens’ social media accessThe comments come as several European countries, including Spain, Greece, Norway, France, Denmark, Turkey and the Netherlands have said they are considering or are implementing age verification protocols to restrict young teens from accessing social media platforms.THERECORD.MEDIA
13 MayAlleged Dream Market admin arrested in Germany after US indictmentCourt documents said Dream Market was launched in 2013 by Owe Martin Andresen and others before becoming one of the biggest criminal marketplaces online.THERECORD.MEDIA
13 MayDHS Plans Experiment Running ‘Reconnaissance’ Drones Along the US-Canada BorderAutonomous drones and ground vehicles will stream “battlefield intelligence” over 5G along the US-Canada border in a bilateral DHS experiment this fall.WIRED.COM
13 MayDetecting and preventing crypto mining in your AWS environmentThis article guides you on how to use Amazon GuardDuty to identify and mitigate cryptocurrency mining threats in your Amazon Web Services (AWS) environment. You’ll learn about the specialized detection capabilities of GuardDuty and best practices to build a multi-layered defense …AWS.AMAZON.COM