ICYMI: 2026-05-12
Latest Headlines
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android
Iran Is Using Tiny ‘Mosquito’ Boats to Shut Down the Strait of Hormuz
BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months
Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware
Deal Reached With Hackers to Delete Data Stolen From the Canvas Educational Platform
West Pharmaceutical Services Hit by Disruptive Ransomware Attack
Microsoft Patch Tuesday May 2026 – 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws
Fortinet Patches Five Vulnerabilities Across FortiAP, FortiOS, and Enterprise Products
Critical Fortinet FortiSandbox Vulnerability Enables Code Execution Attacks
Open WebUI Vulnerability via File Upload Leads to 1-Click RCE Attack
Ivanti Patches Multiple Vulnerabilities in Secure Access, Xtraction, vTM and Endpoint Manager
No Blind Spots: How Top MSSPs Prevent Incidents withLive Threat Visibility
Threat Actors Leverage Vercel’s AI Tools to Mass‑Produce Realistic Phishing Sites
Zoom Rooms and Workplace Vulnerabilities Allow Attackers to Escalate Privileges
New Stealthy Vidar Stealer Campaign Bypass EDR and Steal Credentials
SAP Patches Critical SQL injection Vulnerability in SAP S/4HANA
US govt seeks Instructure testimony on massive Canvas cyberattack
UK fines water supplier $1.3M for exposing data of 664k customers
Signal adds security warnings for social engineering, phishing attacks
Microsoft releases Windows 10 KB5087544 extended security update
Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Windows 11 KB5089549 & KB5087420 cumulative updates released
Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
Android 17 to expand banking scam call and privacy protections
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
Instructure reaches ‘agreement’ with ShinyHunters to stop data leak
– MTZ