matlock.ca // THREAT INTELLIGENCE — 2026-05-19

134Articles

9Categories

2026-05-19Date

🚨

Key findings from the Verizon DBIR 2026: Slower vulnerability remediation meets faster exploitationThe 2026 Verizon Data Breach Investigations Report (DBIR) reveals a troubling trend: vulnerability exploitation has surged to become the number one initial access vector while remediation rates have worsened. Key takeaways Vulnerability exploitation has surged to become the leadi…

KEVTENABLE.COM — 19 May 2026

🐛

Exchange Zero-Day Under Attack, Ransomware Gets Smarter, Fortinet Critical Flaws

KEVCYBERSECURITYTODAY.LIBSYN.COM — 19 May 2026

🐛

CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()"

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-31721 usb: gadget: f_hid: move list and spinlock inits from bind to alloc

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-31704 ksmbd: use check_add_overflow() to prevent u16 DACL size overflow

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-31702 f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io()

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-37458 Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE message.

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-4873 connection reuse ignores TLS requirement

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-6429 netrc credential leak with reused proxy connection

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-5545 wrong reuse of HTTP Negotiate connection

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-6253 proxy credentials leak over redirect-to proxy

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-5773 wrong reuse of SMB connection

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-37459 An integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-6276 stale custom cookie host causes cookie leak

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2026-7168 cross-proxy Digest auth state leak

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2025-1176 GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2025-1178 GNU Binutils ld libbfd.c bfd_putl64 memory corruption

MSRC.MICROSOFT.COM — 19 May 2026

🐛

CVE-2025-0665 eventfd double close

MSRC.MICROSOFT.COM — 19 May 2026

🐛

Four-Faith Industrial Routers Targeted in Botnet Hijacking Campaign

GBHACKERS.COM — 19 May 2026

🐛

20-Year-Old PostgreSQL Flaw Gets Public PoC Exploit for Remote Code Execution

GBHACKERS.COM — 19 May 2026

🐛

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

THEHACKERNEWS.COM — 19 May 2026

🐛

macOS flaw allowed rogue apps to access chat and browser data

CYBERINSIDER.COM — 19 May 2026

🐛

Contractor’s public GitHub account exposed GovCloud and CISA credentials

CSOONLINE.COM — 19 May 2026

⚠️

CTT - 468,124 breached accounts

HAVEIBEENPWNED.COM — 19 May 2026

⚠️

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

THEHACKERNEWS.COM — 19 May 2026

⚠️

CISA Admin Reportedly Exposes AWS GovCloud Credentials in Public GitHub Repository

GBHACKERS.COM — 19 May 2026

⚠️

SEPPmail Gateway Flaws Expose Organizations to RCE and Email Traffic Interception

GBHACKERS.COM — 19 May 2026

⚠️

Mythos Preview Automates PoC Exploit Creation for Vulnerability Research

GBHACKERS.COM — 19 May 2026

⚠️

Public Instagram posts provide raw material for AI phishing campaigns

HELPNETSECURITY.COM — 19 May 2026

⚠️

Earbud sensors can authenticate users by their heartbeat, study finds

HELPNETSECURITY.COM — 19 May 2026

⚠️

Compromised GitHub Action Steals Workflow Credentials

GBHACKERS.COM — 19 May 2026

⚠️

Hackers Exploit Entra ID Accounts to Steal Microsoft 365, Azure Data

GBHACKERS.COM — 19 May 2026

⚠️

Protecting the Neglected: Measuring County Cyber Risk with Dr. Ido Sivan Sevilla

THECYBERWIRE.COM — 19 May 2026

⚠️

iProov brings identity verification to video meetings to reduce fraud risks

HELPNETSECURITY.COM — 19 May 2026

⚠️

PostgreSQL Flaws Expose Databases to Remote Code Execution and SQL Injection

GBHACKERS.COM — 19 May 2026

⚠️

Shai-Hulud worm copycats emerge after source code leak

SECURITYAFFAIRS.COM — 19 May 2026

⚠️

7 tips for accelerating cyber incident recovery

CSOONLINE.COM — 19 May 2026

⚠️

Grafana Labs Confirms Hackers Stole Source Code

INFOSECURITY-MAGAZINE.COM — 19 May 2026

⚠️

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access

THEHACKERNEWS.COM — 19 May 2026

⚠️

Operation Ramz Dismantles 53 Servers Used in Scam and Malware Campaigns

GBHACKERS.COM — 19 May 2026

⚠️

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare

THEHACKERNEWS.COM — 19 May 2026

⚠️

UAC-0184 Uses Bitsadmin and HTA Files to Deliver Gated Malware

GBHACKERS.COM — 19 May 2026

⚠️

AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software

INFOSECURITY-MAGAZINE.COM — 19 May 2026

⚠️

Phishing Campaign Exploits Google AppSheets to Target Facebook Accounts

KNOWBE4.COM — 19 May 2026

⚠️

Internet Explorer may be dead, but its ghost still runs malware

CSOONLINE.COM — 19 May 2026

⚠️

PureLogs infostealer is stealing credentials worldwide

HELPNETSECURITY.COM — 19 May 2026

⚠️

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

TECHCRUNCH.COM — 19 May 2026

⚠️

GitHub scales back bug bounties, reminds users security is their responsibility too

CSOONLINE.COM — 19 May 2026

⚠️

Mini Shai-Hulud returns, compromising hundreds of npm packages

CYBERSCOOP.COM — 19 May 2026

⚠️

Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN

CYBERSECURITYDIVE.COM — 19 May 2026

⚠️

Rapid7’s 2026 Global Cybersecurity Summit: Key Takeaways for Security Leaders

RAPID7.COM — 19 May 2026

⚠️

TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities

TALOSINTELLIGENCE.COM — 19 May 2026

⚠️

Governing infrastructure as code using pattern-based policy as code

AWS.AMAZON.COM — 19 May 2026

⚠️

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

THEHACKERNEWS.COM — 19 May 2026

⚠️

Microsoft dismantled malware-signing network Fox Tempest

SECURITYAFFAIRS.COM — 19 May 2026

⚠️

News alert: Orchid Security study finds invisible identities now outnumber managed accounts

LASTWATCHDOG.COM — 19 May 2026

⚠️

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

CSOONLINE.COM — 19 May 2026

⚠️

Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network

THERECORD.MEDIA — 19 May 2026

⚠️

CISA secrets left sitting on GitHub.

THECYBERWIRE.COM — 19 May 2026

⚠️

Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches

CYBERSCOOP.COM — 19 May 2026

⚠️

Windows Zero-Day Barrage Continues After Patch Tuesday

DARKREADING.COM — 19 May 2026

⚠️

AI Spam Is Breaking Bug Bounties

YOUTUBE.COM — 2026-05-19

⚠️

Verizon DBIR: Enterprises Face a Dangerous Vulnerability Glut

DARKREADING.COM — 19 May 2026

📋

macOS Malware Abuses Fake Google Update for Persistence

GBHACKERS.COM — 19 May 2026

📋

Drupal is rolling out an emergency security update on May 20. You cannot miss it

SECURITYAFFAIRS.COM — 19 May 2026

📢

Cybersecurity jobs available right now: May 19, 2026

HELPNETSECURITY.COM — 19 May 2026

📢

AI infrastructure is cracking under sovereignty demands

HELPNETSECURITY.COM — 19 May 2026

📢

Kimsuky Uses LNK, JSE Lures to Target Recruiters, Crypto Users, Defense Officials

GBHACKERS.COM — 19 May 2026

📢

US cyber agency CISA exposed reams of passwords and cloud keys to the open web

TECHCRUNCH.COM — 19 May 2026

📢

CISA contractor exposed AWS GovCloud keys on GitHub.

THECYBERWIRE.COM — 19 May 2026

📢

CISA Exposes Secrets, Credentials in 'Private' Repo

DARKREADING.COM — 19 May 2026

📢

CISA credential leak raises alarms, and Capitol Hill demands answers

CYBERSCOOP.COM — 19 May 2026

🔥

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

THEHACKERNEWS.COM — 19 May 2026

🔥

Compromised Nx Console VS Code Extension Steals Developer and Cloud Secrets

GBHACKERS.COM — 19 May 2026

🔥

Mini Shai-Hulud Attack Hits @antv npm Packages

GBHACKERS.COM — 19 May 2026

🔥

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

THEHACKERNEWS.COM — 19 May 2026

🔥

Gentlemen Ransomware Targets Windows, Linux, NAS, BSD, and ESXi Systems

GBHACKERS.COM — 19 May 2026

🔥

Poland shifts away from Signal following cyberattacks on officials’ accounts

SECURITYAFFAIRS.COM — 19 May 2026

🔥

ShinyHunters Takes Responsibility for Attack on Learning Management Platform

GBHACKERS.COM — 19 May 2026

🔥

The New Phishing Click: How OAuth Consent Bypasses MFA

THEHACKERNEWS.COM — 19 May 2026

🔥

CyberheistNews Vol 16 #20 [Heads Up] Today You Have Only 60 Seconds to Stop That Breach. Are You Ready?

KNOWBE4.COM — 19 May 2026

🔥

Looking Back, Looking Forward: Digesting a Dynamic Bouillabaisse of Cyber Evolution

DARKREADING.COM — 19 May 2026

🔥

Selector extends AI-driven observability into multi-cloud environments

HELPNETSECURITY.COM — 19 May 2026

🔥

When AI Starts Acting Malicious

YOUTUBE.COM — 2026-05-19

🔥

Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool

INFOSECURITY-MAGAZINE.COM — 19 May 2026

🔥

Microsoft disrupts cybercrime service that abused software verification systems en masse

CYBERSCOOP.COM — 19 May 2026

🔥

Biometrics, diagnoses, and bank details exposed in major healthcare breach

MALWAREBYTES.COM — 19 May 2026

🔥

Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs

THERECORD.MEDIA — 19 May 2026

🔥

CIRT insights: How to help prevent unauthorized account removals from AWS Organizations

AWS.AMAZON.COM — 19 May 2026

🕵️

ISC Stormcast For Tuesday, May 19th, 2026 https://isc.sans.edu/podcastdetail/9936, (Tue, May 19th)

ISC.SANS.EDU — 19 May 2026

🕵️

Microsoft to Retire Teams Together Mode to Improve Performance

GBHACKERS.COM — 19 May 2026

🕵️

JavaScript Malware Campaign Drops Crypto Clipper via PowerShell

GBHACKERS.COM — 19 May 2026

🕵️

Babel Street targets AI-driven threats with new agentic investigation capabilities

HELPNETSECURITY.COM — 19 May 2026

🕵️

Egnyte unveils Email Capture and AI features to unify fragmented data

HELPNETSECURITY.COM — 19 May 2026

🕵️

The State of AI & AppSec - Keith Hoodlet - ASW #383

YOUTUBE.COM — 2026-05-19

🕵️

Discord enables E2EE by default for all voice and video communications

CYBERINSIDER.COM — 19 May 2026

🕵️

Laurie Anderson Is Quoting Me

SCHNEIER.COM — 2026-05-19

🕵️

Microsoft Edge Enhances Security by Preventing Password Loading at Startup

GBHACKERS.COM — 19 May 2026

🕵️

Top 5 Phishing-Driven Social Engineering Attacks on Companies in 2026

ANY.RUN — 19 May 2026

🕵️

Anthropic Denies EU Access to Claude Mythos, ChatGPT 5.5 Comes to Rescue

TECHREPUBLIC.COM — 19 May 2026

🕵️

VoidStealer Malware Targets Chrome Data Despite Built-In Browser Protections

GBHACKERS.COM — 19 May 2026

🕵️

LaunchDarkly adds real-time controls for AI agents in production

HELPNETSECURITY.COM — 19 May 2026

🕵️

Canonical ships Ubuntu Core 26 with 15 years of security maintenance

HELPNETSECURITY.COM — 19 May 2026

🕵️

New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain

HELPNETSECURITY.COM — 19 May 2026

🕵️

The end of unencrypted Discord calls is here

HELPNETSECURITY.COM — 19 May 2026

🕵️

Microsoft’s legacy MSHTA tool heavily abused in malware attacks

CYBERINSIDER.COM — 19 May 2026

🕵️

Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report

GBHACKERS.COM — 19 May 2026

🕵️

Warning: Phishing Attacks Are Abusing the Kuse AI App

KNOWBE4.COM — 19 May 2026

🕵️

Mozilla hardens Firefox against fingerprinting, adds one-click session wipe

CYBERINSIDER.COM — 19 May 2026

🕵️

Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI & ASM

GBHACKERS.COM — 19 May 2026

🕵️

AI Isn’t Finding Novel Bugs

YOUTUBE.COM — 2026-05-19

🕵️

Microsoft Launches New Surface AI PCs for Business Buyers

TECHREPUBLIC.COM — 19 May 2026

🕵️

Anthropic Just Bought a Developer Tool Used by OpenAI, Google

TECHREPUBLIC.COM — 19 May 2026

🕵️

Agentic AI, Strong Racks, Weak Fabric: Inside Dell’s AI Bet

TECHREPUBLIC.COM — 19 May 2026

🕵️

Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft

TECHREPUBLIC.COM — 19 May 2026

🕵️

Apple’s Siri Could Get a Grammarly-Like AI Writing Tool at WWDC

TECHREPUBLIC.COM — 19 May 2026

🕵️

Apple Intelligence Powers New Accessibility Features for iPhone, Mac

TECHREPUBLIC.COM — 19 May 2026

🕵️

Microsoft Confirms Windows Update Bug Blocking Security Fixes

TECHREPUBLIC.COM — 19 May 2026

🕵️

My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, , GitHub, Aaran Leyland - SWN #582

YOUTUBE.COM — 2026-05-19

🌐

From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat

TALOSINTELLIGENCE.COM — 19 May 2026

🌐

From Ivory Tower to Iron Curtain: The Academics Who Reshaped the CIA

THECYBERWIRE.COM — 19 May 2026

🌐

Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS

DARKREADING.COM — 19 May 2026

📡

Hackers Bypass Security Tools to Target Users Directly

INFOSECURITY-MAGAZINE.COM — 19 May 2026

📡

How to Make Apps and Websites Remove Your Nonconsensual Nudes

WIRED.COM — 19 May 2026

📡

Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

SECURITYAFFAIRS.COM — 19 May 2026

📡

YouTube wants your face to fight deepfakes

MALWAREBYTES.COM — 19 May 2026

📡

Agentic AI Accelerates Software Builds and Mobile App Attacks

INFOSECURITY-MAGAZINE.COM — 19 May 2026

📡

Facebook scam promises cheap Aldi meat boxes, steals payment info instead

MALWAREBYTES.COM — 19 May 2026

📡

Tools for spotting and disabling AI systems in an enterprise

KASPERSKY.COM — 19 May 2026

📡

Telecom sector launches its own private ISAC

CYBERSECURITYDIVE.COM — 19 May 2026

📡

UK regulator to require tech firms to tackle deepfakes, non-consensual intimate images

THERECORD.MEDIA — 19 May 2026

📡

Discord enables end-to-end encrypted voice and video calling for every user

TECHCRUNCH.COM — 19 May 2026

📡

From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing

TECHCRUNCH.COM — 19 May 2026

📡

Microsoft Exchange ProxyShell Scanning Doubles in April 2026 as Two Distinct Campaign Clusters Emerge

F5.COM — 19 May 2026