List cybersec
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
{ "priority": "CRITICAL", "cve": "CVE-2026-42945", "target": "NGINX Plus and NGINX Open", "threat_actor": "N/A", "patch_ready": false, "insight": "An 18-year-old heap buffer overflow flaw ..
7:10 am, May 14, 2026 Cybersecurity
Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th)
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Outlook", "threat_actor": "N/A", "patch_ready": false, "insight": "A method to bypass the link preview function in Outlook's Junk f..
7:10 am, May 14, 2026 Cybersecurity
ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast for Thursday, May 14th, 2026, discussing various cyberse..
5:10 am, May 14, 2026 Cybersecurity
West Pharmaceutical says hackers stole data, encrypted systems
West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. [...]
11:10 pm, May 13, 2026 Cybersecurity
Iranian hackers targeted major South Korean electronics maker
{ "priority": "HIGH", "cve": "N/A", "target": "Major South Korean electronics maker", "threat_actor": "MuddyWater (a.k.a. Seedworm, Static Kitten)", "patch_ready": false, "insight": "Iran-..
10:10 pm, May 13, 2026 Cybersecurity
New critical Exim mailer flaw allows remote code execution
{ "priority": "CRITICAL", "cve": "N/A", "target": "Exim mailer", "threat_actor": "N/A", "patch_ready": true, "insight": "A critical vulnerability in Exim mailer allows unauthenticated remo..
9:10 pm, May 13, 2026 Cybersecurity
Windows BitLocker zero-day gives access to protected drives, PoC released
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Windows BitLocker", "threat_actor": "N/A", "patch_ready": false, "insight": "A cybersecurity researcher published PoC exploits ..
5:10 pm, May 13, 2026 Cybersecurity
Microsoft fixes BitLocker recovery issue only for Windows 11 users
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft fixes BitLocker recovery issue for Windows 11 users" }
4:10 pm, May 13, 2026 Cybersecurity
Webinar tomorrow: Why security alone won't stop modern attacks
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A webinar discusses the importance of combining security, backups, and recover..
4:10 pm, May 13, 2026 Cybersecurity
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "This is a webinar about modern attack paths and how to protect against them." ..
3:10 pm, May 13, 2026 Cybersecurity
Microsoft fixes Windows Autopatch bug installing restricted drivers
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows Autopatch", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft fixed a bug in Windows Autopatch that caused restrict..
3:10 pm, May 13, 2026 Cybersecurity
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Exchange", "threat_actor": "FamousSparrow (aka UAT-9244)", "patch_ready": false, "insight": "A threat actor affiliated with China, ..
2:10 pm, May 13, 2026 Cybersecurity
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
``` { "priority": "INFO", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft's MDASH AI system discovered 16 Windows flaws fixed in Patch ..
2:10 pm, May 13, 2026 Cybersecurity
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft patches 138 vulnerabilities, including DNS and Netlogon RCE..
1:10 pm, May 13, 2026 Cybersecurity
Most Remediation Programs Never Confirm the Fix Actually Worked
Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean time to exploit at a..
1:10 pm, May 13, 2026 Cybersecurity
[Webinar] Why Your AppSec Tools Miss the "Lethal Path" (and How to Fix It)
TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz and Okta/GitLab to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register fo..
1:10 pm, May 13, 2026 Cybersecurity
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Autonomous validation is becoming critical for modern defense strategies due t..
1:10 pm, May 13, 2026 Cybersecurity
Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
Foxconn, the world's largest electronics manufacturer, says some of its North American factories are now working to resume normal operations after a cyberattack. [...]
1:10 pm, May 13, 2026 Cybersecurity
Microsoft says some users can't install Office on Windows 365 devices
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Office on Windows 365", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft reports issues with installing Office on..
12:10 pm, May 13, 2026 Cybersecurity
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
{ "priority": "HIGH", "cve": "N/A", "target": "RubyGems", "threat_actor": "GemStuffer", "patch_ready": false, "insight": "GemStuffer campaign uses over 150 RubyGems for data exfiltration."..
10:10 am, May 13, 2026 Cybersecurity
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
{"priority":"INFO","cve":"N/A","target":"Android","threat_actor":"N/A","patch_ready":false,"insight":"Google introduces Intrusion Logging for Android to enhance spyware attack forensics"}
8:10 am, May 13, 2026 Cybersecurity
[GUEST DIARY] Tearing apart website fraud to see how it works., (Wed, May 13th)
&#;x26;#;x5b;This is a Guest Diary by Joshua Nikolson, an ISC Intern and part of the SANS.edu Bachelor&#;x26;#;39;s degree in Applied Cybersecurity (BACS) program.]
7:10 am, May 13, 2026 Cybersecurity
ISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930, (Wed, May 13th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast details for Wednesday, May 13th, 2026." }
3:10 am, May 13, 2026 Cybersecurity
Proxying the Unproxyable? Sending EXE traffic to a Proxy, (Wed, May 13th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the concept of proxying unproxyable traffic, specificall..
2:10 am, May 13, 2026 Cybersecurity
US govt seeks Instructure testimony on massive Canvas cyberattack
{"priority": "HIGH", "cve": "N/A", "target": "Instructure Canvas", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "US House Committee on Homeland Security seeks Instructure testimony..
11:10 pm, May 12, 2026 Cybersecurity
Patch Tuesday, May 2026 Edition
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The May 2026 Patch Tuesday edition highlights the vulnerability of AI platform..
10:10 pm, May 12, 2026 Cybersecurity
UK fines water supplier $1.3M for exposing data of 664k customers
{ "priority": "MEDIUM", "cve": "N/A", "target": "South Staffordshire Water Plc", "threat_actor": "N/A", "patch_ready": false, "insight": "UK water supplier fined $1.3M for exposing data of..
9:10 pm, May 12, 2026 Cybersecurity
Signal adds security warnings for social engineering, phishing attacks
{ "priority": "INFO", "cve": "N/A", "target": "Signal", "threat_actor": "N/A", "patch_ready": false, "insight": "Signal introduces in-app security warnings to protect users from phishing a..
8:10 pm, May 12, 2026 Cybersecurity
Webinar: Fixing the gaps in network incident response
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A webinar discusses improving network incident response with automation and AI..
8:10 pm, May 12, 2026 Cybersecurity
Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
{"priority":"CRITICAL","cve":"N/A","target":"FortiSandbox and FortiAuthenticator","threat_actor":"N/A","patch_ready":true,"insight":"Fortinet patches critical RCE vulnerabilities in FortiSandbox and F..
7:10 pm, May 12, 2026 Cybersecurity
Microsoft May 2026 Patch Tuesday, (Tue, May 12th)
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Edge, Microsoft Windows", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft's May 2026 Patch Tuesday fixes 137 ..
7:10 pm, May 12, 2026 Cybersecurity
Microsoft releases Windows 10 KB5087544 extended security update
{ "priority": "INFO", "cve": "N/A", "target": "Windows 10", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft released a Windows 10 extended security update, KB5087544, to ..
7:10 pm, May 12, 2026 Cybersecurity
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
{ "priority": "CRITICAL", "cve": "CVE-2026-45185", "target": "Exim", "threat_actor": "N/A", "patch_ready": true, "insight": "Exim released security updates to address a severe vulnerabilit..
6:10 pm, May 12, 2026 Cybersecurity
Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
{ "priority": "MEDIUM", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft's May 2026 Patch Tuesday fixes 120 flaws with no zero-days di..
6:10 pm, May 12, 2026 Cybersecurity
Windows 11 KB5089549 & KB5087420 cumulative updates released
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft releases cumulative updates KB5089549 and KB5087420 for Wind..
6:10 pm, May 12, 2026 Cybersecurity
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
{"priority": "HIGH", "cve": "N/A", "target": "RubyGems", "threat_actor": "N/A", "patch_ready": false, "insight": "RubyGems paused new signups due to a major malicious attack involving hundreds of mali..
5:10 pm, May 12, 2026 Cybersecurity
Android 17 to expand banking scam call and privacy protections
{ "priority": "INFO", "cve": "N/A", "target": "Android", "threat_actor": "N/A", "patch_ready": false, "insight": "Android 17 will introduce security features to protect against device thef..
5:10 pm, May 12, 2026 Cybersecurity
Škoda warns of customer data breach after online shop hack
{ "priority": "HIGH", "cve": "N/A", "target": "Škoda Auto online shop", "threat_actor": "N/A", "patch_ready": false, "insight": "Škoda Auto disclosed a data breach after attackers hacked..
5:10 pm, May 12, 2026 Cybersecurity
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
{ "priority": "HIGH", "cve": "N/A", "target": "TrickMo Android banking trojan", "threat_actor": "N/A", "patch_ready": false, "insight": "New TrickMo variant uses TON C2 and SOCKS5 for Andr..
2:10 pm, May 12, 2026 Cybersecurity
Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help
Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn't always alert volume; it's the blind spots. The most dangerous alerts are the ..
1:10 pm, May 12, 2026 Cybersecurity
Why Agentic AI Is Security's Next Blind Spot
{ "priority": "INFO", "cve": "N/A", "target": "Agentic AI", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the potential security risks associated with Agen..
12:10 pm, May 12, 2026 Cybersecurity
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. [...]
12:10 pm, May 12, 2026 Cybersecurity
SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
{ "priority": "CRITICAL", "cve": "N/A", "target": "SAP Commerce Cloud and S/4HANA", "threat_actor": "N/A", "patch_ready": true, "insight": "SAP released May 2026 security updates fixing 15..
11:10 am, May 12, 2026 Cybersecurity
Instructure reaches 'agreement' with ShinyHunters to stop data leak
{ "priority": "HIGH", "cve": "N/A", "target": "Instructure Canvas", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "Instructure reached an agreement with ShinyHunters to ..
10:10 am, May 12, 2026 Cybersecurity
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
{"priority":"HIGH","cve":"N/A","target":"TanStack, Mistral AI, Guardrails AI","threat_actor":"TeamPCP","patch_ready":false,"insight":"The Mini Shai-Hulud Worm compromises multiple packages including T..
9:10 am, May 12, 2026 Cybersecurity
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"OpenAI launches Daybreak, an AI-powered vulnerability detection and patch validation initiative, to he..
8:10 am, May 12, 2026 Cybersecurity
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
{ "priority": "HIGH", "cve": "N/A", "target": "Instructure", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "Instructure reached a ransom agreement with ShinyHunters to s..
8:10 am, May 12, 2026 Cybersecurity
iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android
{"priority":"INFO","cve":"N/A","target":"iOS","threat_actor":"N/A","patch_ready":false,"insight":"Apple releases iOS 26.5 with end-to-end encrypted RCS messaging between iPhone and Android."}
7:10 am, May 12, 2026 Cybersecurity
ISC Stormcast For Tuesday, May 12th, 2026 https://isc.sans.edu/podcastdetail/9928, (Tue, May 12th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
4:10 am, May 12, 2026 Cybersecurity
Apple Patches Everything, (Mon, May 11th)
{ "priority": "CRITICAL", "cve": "N/A", "target": "Apple iOS, iPadOS, macOS, tvOS, watchOS, vision OS", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple patches 84 vulnerabili..
11:10 pm, May 11, 2026 Cybersecurity
