matlock.ca // THREAT INTELLIGENCE

127Articles

10Categories

2026-05-13Date

🐛

May Patch Tuesday roundup: Critical holes in Windows Netlogon, DNS, and SAP S/4HANA

CSOONLINE.COM — 13 May 2026

🐛

Patch Tuesday - May 2026

RAPID7.COM — 13 May 2026

🐛

CVE-2026-43894 jq: Wild stack write via signed-integer overflow in decNumber D2U() macro

MSRC.MICROSOFT.COM — 13 May 2026

🐛

CVE-2026-43896 jq: Stack Overflow in Recursive Object Merge

MSRC.MICROSOFT.COM — 13 May 2026

🐛

CVE-2026-43895 jq: Embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts

MSRC.MICROSOFT.COM — 13 May 2026

🐛

CVE-2026-40612 jq: Stack overflow via unbounded recursion in jv_contains

MSRC.MICROSOFT.COM — 13 May 2026

🐛

CVE-2026-41256 jq: Embedded NUL truncates top-level jq programs loaded with -f

MSRC.MICROSOFT.COM — 13 May 2026

🐛

CVE-2026-31767 drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode

MSRC.MICROSOFT.COM — 13 May 2026

🐛

CVE-2026-43249 9p/xen: protect xen_9pfs_front_free against concurrent calls

MSRC.MICROSOFT.COM — 13 May 2026

🐛

CVE-2026-8177 XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences

MSRC.MICROSOFT.COM — 13 May 2026

🐛

CVE-2026-6210 Type confusion and heap-buffer-overflow in Qt SVG marker handling causing application crash

MSRC.MICROSOFT.COM — 13 May 2026

🐛

CVE-2026-41257 jq: Signed-int overflow in `stack_reallocate` (jq VM stack)

MSRC.MICROSOFT.COM — 13 May 2026

🐛

Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator

SECURITYAFFAIRS.COM — 13 May 2026

🐛

Microsoft’s agentic security system found four critical Windows RCE flaws

HELPNETSECURITY.COM — 13 May 2026

🐛

Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs

CSOONLINE.COM — 13 May 2026

🐛

Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations

SECURITYAFFAIRS.COM — 13 May 2026

🐛

When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise

RAPID7.COM — 13 May 2026

🐛

Fortinet fixes two critical RCE flaws in FortiAuthenticator and FortiSandbox

KEVCSOONLINE.COM — 13 May 2026

⚠️

Canvas Breach 'Deal' With ShinyHunters, AI Zero-Day Warning, Checkmarx Hit Again

CYBERSECURITYTODAY.LIBSYN.COM — 13 May 2026

⚠️

Researchers open-source a Wi-Fi cyber range for security training

HELPNETSECURITY.COM — 13 May 2026

⚠️

Risky Business #837 -- GitHub Actions footgun claims TanStack

RISKY.BIZ — 13 May 2026

⚠️

Sandyaa: Open-source autonomous security bug hunter

HELPNETSECURITY.COM — 13 May 2026

⚠️

ClickFix Evolves Using Decade-Old Open-Source Python SOCKS5 Proxy

GBHACKERS.COM — 13 May 2026

⚠️

2026 CSO Award winners showcase business-enabling cyber innovation

KEVCSOONLINE.COM — 13 May 2026

⚠️

Google entdeckt erstmals KI-basierten Zero-Day-Exploit

CSOONLINE.COM — 13 May 2026

⚠️

NetSPI AI-powered Continuous Pentesting identifies high-impact vulnerabilities

HELPNETSECURITY.COM — 13 May 2026

⚠️

Report: 4 in 10 UK Businesses Were Breached by Phishing Last Year

KNOWBE4.COM — 13 May 2026

⚠️

CISA’s AI SBOM guidance pushes software supply-chain oversight into new territory

CSOONLINE.COM — 13 May 2026

⚠️

Breaking things to keep them safe with Philippe Laulheret

TALOSINTELLIGENCE.COM — 13 May 2026

⚠️

ClickFix finds a backup plan in PySoxy proxy chains

CSOONLINE.COM — 13 May 2026

⚠️

May 2026 Patch Tuesday: no zero-days but plenty to fix

MALWAREBYTES.COM — 13 May 2026

⚠️

KDE gets over €1 million investment to strengthen security and core infrastructure

HELPNETSECURITY.COM — 13 May 2026

⚠️

May 2026 Patch Tuesday: 137 Vulnerabilities, No Zero-Days

KEVSOCRADAR.IO — 13 May 2026

⚠️

Most Remediation Programs Never Confirm the Fix Actually Worked

THEHACKERNEWS.COM — 13 May 2026

⚠️

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

THEHACKERNEWS.COM — 13 May 2026

⚠️

Palo Alto bets on identity security for autonomous AI with Idira launch

CSOONLINE.COM — 13 May 2026

⚠️

Securing data centers in the agentic AI era

TENABLE.COM — 13 May 2026

⚠️

Microsoft on pace to break annual vulnerability record as AI-driven patch wave takes hold

THERECORD.MEDIA — 13 May 2026

⚠️

Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

THEHACKERNEWS.COM — 13 May 2026

⚠️

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

THEHACKERNEWS.COM — 13 May 2026

⚠️

What happens when China’s AI catches up to Mythos?

CSOONLINE.COM — 13 May 2026

⚠️

How to Identify and Exploit New Vulnerabilities

BLACKHILLSINFOSEC.COM — 13 May 2026

⚠️

Rapid7 Partner Academy: Driving Impact with Gold Stevie Award-Winning Partner Services Certifications

RAPID7.COM — 13 May 2026

⚠️

Microsoft Teams Vulnerability Allows Hackers to Perform Spoofing Attacks

GBHACKERS.COM — 13 May 2026

⚠️

Patch Tuesday notes: Microsoft patches over a hundred flaws, none of which are zero-days.

THECYBERWIRE.COM — 13 May 2026

⚠️

Viral ‘RuView’ GitHub project uses Wi-Fi to track movement through walls

CYBERINSIDER.COM — 13 May 2026

⚠️

Microsoft’s Patch Tuesday Update Targets 120 Security Flaws

TECHREPUBLIC.COM — 13 May 2026

⚠️

Exaforce raises $125 million in Series B funding.

THECYBERWIRE.COM — 13 May 2026

⚠️

Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape

DARKREADING.COM — 13 May 2026

⚠️

Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak

DARKREADING.COM — 13 May 2026

⚠️

Fired employee sought AI help to hide deletion of hosting firm’s customer data

CSOONLINE.COM — 13 May 2026

📋

Microsoft Fixes 17 Critical Flaws in May Patch Tuesday

INFOSECURITY-MAGAZINE.COM — 13 May 2026

📋

Microsoft Releases Cumulative Update for Windows 11, Version 25H2 and 24H2

GBHACKERS.COM — 13 May 2026

📋

Google Launches New Android Security Features to Fight Scams, Theft

TECHREPUBLIC.COM — 13 May 2026

📋

Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming

SECURITYAFFAIRS.COM — 13 May 2026

📋

Every layer needs a patch now.

THECYBERWIRE.COM — 13 May 2026

📢

Versa CSPM brings continuous visibility to cloud risk and compliance exposure

HELPNETSECURITY.COM — 13 May 2026

📢

Apricorn hardens ASK3 encrypted USB drive for extreme conditions

HELPNETSECURITY.COM — 13 May 2026

📢

Signal responds to phishing attacks with new in-app security warnings

HELPNETSECURITY.COM — 13 May 2026

📢

Navigating the Cybersecurity Landscape in India Empowering Human and AI Agents

KNOWBE4.COM — 13 May 2026

📢

PCI PIN and P2PE compliance packages for AWS Payment Cryptography are now available

AWS.AMAZON.COM — 13 May 2026

📢

Introducing the updated AWS User Guide to Governance, Risk, and Compliance for Responsible AI Adoption

AWS.AMAZON.COM — 13 May 2026

📢

Checkbox Assessments Aren't Fit to Measure to Risk

DARKREADING.COM — 13 May 2026

🔥

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

THEHACKERNEWS.COM — 13 May 2026

🔥

Ransomware Gangs Use BYOVD and EDR Killers to Disable Security Tools

GBHACKERS.COM — 13 May 2026

🔥

Infostealer Malware Fuels Corporate Breaches From Personal Devices

GBHACKERS.COM — 13 May 2026

🔥

Q1 2026 Ransomware Attacks Hits 2,122 Orgs Amid Fewer, More Impactful Groups

GBHACKERS.COM — 13 May 2026

🔥

Canada Life - 237,810 breached accounts

HAVEIBEENPWNED.COM — 13 May 2026

🔥

Optimize Legal Operations as the CISO Role Changes to Address Skills Gaps and AI - BSW #447

YOUTUBE.COM — 2026-05-13

🔥

New SOC-Ready Reporting for Faster Triage, Escalation, and Incident Response with ANY.RUN

ANY.RUN — 13 May 2026

🔥

Instructure settles with hackers following massive student data theft

SECURITYAFFAIRS.COM — 13 May 2026

🔥

Ransomware: Over Half of CISOs Would Consider Paying Ransom to Hackers

INFOSECURITY-MAGAZINE.COM — 13 May 2026

🔥

Canvas owner reaches ‘agreement’ with threat actors after data breach

CYBERSECURITYDIVE.COM — 13 May 2026

🔥

Thus Spoke…The Gentlemen

RESEARCH.CHECKPOINT.COM — 13 May 2026

🔥

Tuskira’s Kairo exposes hidden AI-driven breach paths

HELPNETSECURITY.COM — 13 May 2026

🔥

US lawmakers demand answers from Instructure after Canvas data breaches

TECHCRUNCH.COM — 13 May 2026

🔥

The Real Work Starts After Breach

YOUTUBE.COM — 2026-05-13

🔥

Canvas Owner Reaches Agreement With Cybercriminals After Ransomware Attack

INFOSECURITY-MAGAZINE.COM — 13 May 2026

🔥

Ransomware hackers claim breach at Foxconn, a major electronics manufacturer for Apple, Google, and Nvidia

TECHCRUNCH.COM — 13 May 2026

🔥

Hackers Claim 11M Files Stolen From Foxconn, Supplier to Apple and Nvidia

TECHREPUBLIC.COM — 13 May 2026

🔥

Canvas Breach Hackers Reach Deal After Claiming 275M Records Stolen

TECHREPUBLIC.COM — 13 May 2026

🔥

Google Enhances Android Mobile Security with New AI-powered Protections

GBHACKERS.COM — 13 May 2026

🔥

Foxconn confirms cyberattack affecting some North American facilities

CYBERSECURITYDIVE.COM — 13 May 2026

🔥

Student Messages Were the Real Target

YOUTUBE.COM — 2026-05-13

🔥

OpenLoop Health confirms January 2026 Data breach affecting 716,000

SECURITYAFFAIRS.COM — 13 May 2026

🔥

Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities

GRAHAMCLULEY.COM — 13 May 2026

🕵️

ISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930, (Wed, May 13th)

ISC.SANS.EDU — 13 May 2026

🕵️

Android pushes new scam, theft, and AI protections in 2026 update wave

HELPNETSECURITY.COM — 13 May 2026

🕵️

The hidden risk of non-human identities in AI adoption

HELPNETSECURITY.COM — 13 May 2026

🕵️

Fake FinalShell and Xshell Sites Push Kong RAT Malware

GBHACKERS.COM — 13 May 2026

🕵️

Proton Pass rated “well above par” in independent security audit

CYBERINSIDER.COM — 13 May 2026

🕵️

OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities

SCHNEIER.COM — 2026-05-13

🕵️

LW ROUNDTABLE: Microsoft Edge normalizes credential exposure — security pros push back

LASTWATCHDOG.COM — 13 May 2026

🕵️

Android adds ‘Intrusion Logging’ system to detect spyware attacks

CYBERINSIDER.COM — 13 May 2026

🕵️

AI Agents Generate Custom Hacking Tools on the Fly

DARKREADING.COM — 13 May 2026

🕵️

China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm

DARKREADING.COM — 13 May 2026

🕵️

The Rise of Cyber Threats and AI in the Philippines: A New Era Beyond Legacy Security

KNOWBE4.COM — 13 May 2026

🕵️

Daybreak is OpenAI’s answer to the AI arms race in cybersecurity

CYBERSCOOP.COM — 13 May 2026

🕵️

OpenAI launches Daybreak to combat cyber threats

CYBERSECURITYDIVE.COM — 13 May 2026

🕵️

WhatsApp adds Incognito Chat for private Meta AI conversations

HELPNETSECURITY.COM — 13 May 2026

🕵️

Weaponized AI: The new frontier of fraud and identity spoofing

CYBERSCOOP.COM — 13 May 2026

🕵️

Google Introduces Googlebook, a Gemini-First Laptop Platform

TECHREPUBLIC.COM — 13 May 2026

🕵️

TIOBE Index for May 2026: R Ascends as Statistical Tools Consolidate

TECHREPUBLIC.COM — 13 May 2026

🕵️

DOJ releases legal rationale for nationwide voter data collection

CYBERSCOOP.COM — 13 May 2026

🕵️

WhatsApp launches “Incognito Chat” for private AI conversations

CYBERINSIDER.COM — 13 May 2026

🕵️

AI Won’t Invent the Future

YOUTUBE.COM — 2026-05-13

🕵️

Attackers Weaponize RubyGems for Data Dead Drops

DARKREADING.COM — 13 May 2026

🕵️

Researchers say AI just broke every benchmark for autonomous cyber capability

CYBERSCOOP.COM — 13 May 2026

🕵️

Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks

CYBERSCOOP.COM — 13 May 2026

🌐

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

THEHACKERNEWS.COM — 13 May 2026

🌐

Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks

INFOSECURITY-MAGAZINE.COM — 13 May 2026

🌐

This is what some the world’s largest banks of malware look like stacked as hard drives

TECHCRUNCH.COM — 13 May 2026

📰

[Webinar] Why Your AppSec Tools Miss the "Lethal Path" (and How to Fix It)

THEHACKERNEWS.COM — 13 May 2026

📰

UK moves to shield security researchers in cybercrime law overhaul

THERECORD.MEDIA — 13 May 2026

🎙️

Cyber Creator Tyler Ramsbey Shares How to Grow an Audience & Community in Cyber

THECYBERWIRE.COM — 13 May 2026

📡

Weekly Threat Bulletin – May 13th, 2026

F5.COM — 13 May 2026

📡

Proxying the Unproxyable? Sending EXE traffic to a Proxy, (Wed, May 13th)

ISC.SANS.EDU — 13 May 2026

📡

[GUEST DIARY] Tearing apart website fraud to see how it works., (Wed, May 13th)

ISC.SANS.EDU — 13 May 2026

📡

UK Cybersecurity Market Expands to £14.7bn with Strong Growth in AI Security Firms

INFOSECURITY-MAGAZINE.COM — 13 May 2026

📡

Dark Web Profile: Keymous+

SOCRADAR.IO — 13 May 2026

📡

Texas sued Netflix over claims it secretly collected and sold users’ data

MALWAREBYTES.COM — 13 May 2026

📡

Avada Builder Flaws Expose One Million WordPress Sites

INFOSECURITY-MAGAZINE.COM — 13 May 2026

📡

WhatsApp Adds Meta AI Chats That Are Built to Be Fully Private

WIRED.COM — 13 May 2026

📡

European Commission head pushes creation of new law delaying teens’ social media access

THERECORD.MEDIA — 13 May 2026

📡

Alleged Dream Market admin arrested in Germany after US indictment

THERECORD.MEDIA — 13 May 2026

📡

DHS Plans Experiment Running ‘Reconnaissance’ Drones Along the US-Canada Border

WIRED.COM — 13 May 2026

📡

Detecting and preventing crypto mining in your AWS environment

AWS.AMAZON.COM — 13 May 2026