Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data
[The Register - Security] [15 May 26 @ 00:42]
Other than Instructure execs - maybe?
U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog
[Security Affairs] [14 May 26 @ 20:35]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur...
Linux Kernel bug Fragnesia allows local root access attacks
[Security Affairs] [14 May 26 @ 19:57]
Fragnesia, a new Linux kernel flaw tracked as CVE-2026-46300, could let local attackers gain root access through page cache corruption. Researchers disclosed a new Linux kernel privilege escalation...
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
[THN : The Hacker News] [14 May 26 @ 19:45]
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as C...
DOJ Escalates War on Trans Youth Healthcare With Criminal Subpoenas
[The Intercept] [14 May 26 @ 19:30]
We already know how high the stakes are for patients and their families — and rolling over now could hurt all of medicine. The post DOJ Escalates War on Trans Youth Healthcare With Criminal Subpoen...
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
[THN : The Hacker News] [14 May 26 @ 19:22]
Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different...
“It’s Overwhelming But It’s Amazing” -- Richard Glossip Released From Jail After Three Decades
[The Intercept] [14 May 26 @ 18:22]
After nine execution dates, three last meals, and a Supreme Court ruling in his favor, Richard Glossip should soon walk free. The post “It’s Overwhelming But It’s Amazing” — Richard Glossip R...
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
[THN : The Hacker News] [14 May 26 @ 18:07]
Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game...
Upcoming Speaking Engagements
[Schneier on Security] [14 May 26 @ 18:01]
This is a current list of where and when I am scheduled to speak: I’m giving a virtual talk on “The Security of Trust in the Age of AI,” hosted by the Financial Women’s Association of New York , at...
Broadcom releases VMware Fusion security update for root access bug
[Security Affairs] [14 May 26 @ 17:46]
Broadcom patched a high-severity VMware Fusion flaw, CVE-2026-41702, that could let local attackers gain root privileges. Broadcom released a security update for VMware Fusion to address a high-sev...
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
[THN : The Hacker News] [14 May 26 @ 16:00]
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been...
NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light
[Security Affairs] [14 May 26 @ 15:30]
Researchers found a critical 18-year-old buffer overflow flaw in NGINX, tracked as CVE-2026-42945 and named NGINX Rift. If you run NGINX, and statistically speaking, there is a very good chance you...
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
[THN : The Hacker News] [14 May 26 @ 13:40]
Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disc...
How AI Hallucinations Are Creating Real Security Risks
[THN : The Hacker News] [14 May 26 @ 13:30]
AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lack...
Cops arrest man suspected of being Dream Market kingpin
[The Register - Security] [14 May 26 @ 13:26]
Owe Martin Andresen faces charges in both US and Germany connected with money laundering, claims he sent gold bars directly to his doorstep
How Dangerous Is Anthropic’s Mythos AI?
[Schneier on Security] [14 May 26 @ 13:04]
Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not release it...
This California Congressional Hopeful Opposes a Billionaire Tax. So Do His Tech CEO Backers.
[The Intercept] [14 May 26 @ 12:07]
The largest individual donor to a PAC backing Scott Wiener has spent millions fighting billionaire tax measures. The post This California Congressional Hopeful Opposes a Billionaire Tax. So Do His ...
Dirty Frag gets a sequel as Fragnesia hands Linux attackers root-level access
[The Register - Security] [14 May 26 @ 12:01]
Fresh kernel flaw comes with public exploit code and continues ugly run of highly reliable privilege escalation bugs tied to memory and page-cache handling
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
[THN : The Hacker News] [14 May 26 @ 11:25]
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting W...
FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign
[Security Affairs] [14 May 26 @ 10:17]
Chinese-linked FamousSparrow repeatedly targeted an Azerbaijani oil and gas company, reusing the same entry point in three intrusions from Dec 2025 to Feb 2026. Chinese-linked threat actor FamousSp...
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
[THN : The Hacker News] [14 May 26 @ 09:06]
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug ...
To gain root access at this company, all an intruder had to do was ask nicely
[The Register - Security] [14 May 26 @ 09:00]
Human IT managers thought they were being nice to the boss, but were assisting a threat actor
AI models are getting better at replacing cybersecurity pros on certain tasks
[The Register - Security] [14 May 26 @ 08:27]
UK researchers find LLMs are learning to finish jobs faster and improving all the time
Nitrogen Ransomware claims massive data theft from Foxconn
[Security Affairs] [14 May 26 @ 08:14]
Foxconn confirmed a cyberattack on some North American factories. The Nitrogen ransomware group claims it stole 8TB of data from the firm. Foxconn confirmed that several of its North American facto...
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
[THN : The Hacker News] [14 May 26 @ 08:00]
Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, d...
Cisco to fire 4,000 staff and generously give them free training – on Cisco
[The Register - Security] [14 May 26 @ 05:32]
Reducing memory requirements to control costs in a new wave of kit
Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits
[The Register - Security] [14 May 26 @ 01:27]
Palo Alto Networks found and fixed 75 flaws this month, up from its usual five
AWS to Quick admins: The access control didn't work, but you weren't using it anyway, so what's the problem?
[The Register - Security] [14 May 26 @ 00:56]
If a setting fails in the forest and nobody hears it ...
Bug hunter tracks down three massive MCP flaws and one vendor won't fix theirs
[The Register - Security] [13 May 26 @ 22:17]
Apache, Alibaba databases vulnerable and only one has a patch
Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming
[Security Affairs] [13 May 26 @ 21:28]
Microsoft’s May 2026 Patch Tuesday fixed 138 flaws, including 30 critical bugs, across Windows, Office, Azure, Edge, SQL Server, and more. Microsoft’s May 2026 Patch Tuesday patched 138 vulne...
OpenLoop Health confirms January 2026 Data breach affecting 716,000
[Security Affairs] [13 May 26 @ 20:45]
In January 2026, telehealth infrastructure firm OpenLoop Health suffered a security breach that exposed information of 716,000 people. OpenLoop Health confirmed a January 2026 cyberattack that expo...
Miami Beach Official Hired Billboard Truck to Call Pro-Palestine Activists “Jew Hater,” Lawsuit Alleges
[The Intercept] [13 May 26 @ 18:40]
City Commissioner David Suarez is accused of hiring the trucks to single out members of the activist group Jewish Voice for Peace. The post Miami Beach Official Hired Billboard Truck to Call Pro-Pa...
Mystery Microsoft bug leaker keeps the zero-days coming
[The Register - Security] [13 May 26 @ 18:16]
Security pros warn YellowKey claim could make stolen laptops a much bigger problem
Waals drinkwaterbedrijf beboet voor illegaal opnemen telefoongesprekken
[Security.NL maakt Nederland veilig] [13 May 26 @ 16:36]
Het Waalse drinkwaterbedrijf SWDE heeft een boete van 86.000 euro gekregen wegens het illegaal opnemen en afluisteren van ...
Kamervragen over groot datalek bij onderwijsplatform Canvas
[Security.NL maakt Nederland veilig] [13 May 26 @ 16:14]
In de Tweede Kamer zijn vragen gesteld aan ministers Van Weel van Justitie en Veiligheid en Letschert van Onderwijs over het ...
Amerikaanse bank lekt klantgegevens door gebruik van niet-toegestane AI-app
[Security.NL maakt Nederland veilig] [13 May 26 @ 15:49]
Een Amerikaanse bank heeft door het gebruik van een niet-toegestane AI-applicatie de gegevens van klanten gelekt. Dat blijkt ...
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
[THN : The Hacker News] [13 May 26 @ 15:46]
Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by som...
Minister: alleen commerciële hacksoftware beschikbaar voor politie
[Security.NL maakt Nederland veilig] [13 May 26 @ 15:29]
Bij de inzet van de hackbevoegdheid kan de politie alleen gebruikmaken van commerciële hacksoftware, omdat er geen ...
Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations
[Security Affairs] [13 May 26 @ 15:24]
CVE-2025-32975 is a critical flaw in Quest KACE SMA used for endpoint management. If exploited, it could impact all managed systems across organizations. CVE-2025-32975 is a critical flaw in Quest ...
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
[THN : The Hacker News] [13 May 26 @ 15:00]
A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking...
Google voorziet Android van feature voor onderzoek naar spyware-aanvallen
[Security.NL maakt Nederland veilig] [13 May 26 @ 14:45]
Google voorziet Androidtelefoons van een feature die moet helpen bij het onderzoeken van spyware-aanvallen. Intrusion Logging, ...
Geert Potjewijd wordt nieuwe voorzitter van Autoriteit Persoonsgegevens
[Security.NL maakt Nederland veilig] [13 May 26 @ 13:56]
Geert Potjewijd wordt vanaf 1 augustus dit jaar de nieuwe voorzitter van de Autoriteit Persoonsgegevens (AP) en volgt daarmee ...
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
[THN : The Hacker News] [13 May 26 @ 13:52]
TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register for the Strategic...
EFF prijst end-to-end versleutelde RCS-berichten tussen Android en iPhone
[Security.NL maakt Nederland veilig] [13 May 26 @ 13:44]
De mogelijkheid om end-to-end versleutelde RCS-berichten tussen Androidtelefoons en iPhones te sturen is een overwinning voor ...
Most Remediation Programs Never Confirm the Fix Actually Worked
[THN : The Hacker News] [13 May 26 @ 13:30]
Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean time to exploit a...
OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities
[Schneier on Security] [13 May 26 @ 13:03]
The UK’s AI Security Institute evaluated GPT-5.5’s ability to find security vulnerabilities, and found that it is comparable to Claude Mythos. Note that the OpenAI model is generally av...
Beveiliging gehackt Clinical Diagnostics voldeed niet aan verplichte norm
[Security.NL maakt Nederland veilig] [13 May 26 @ 12:44]
De beveiliging van het medisch laboratorium Clinical Diagnostics voldeed op het moment dat het werd gehackt niet aan de ...
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
[THN : The Hacker News] [13 May 26 @ 12:36]
Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 fl...
Broers in VS verwijderen minuten na ontslag 96 databases met overheidsdata
[Security.NL maakt Nederland veilig] [13 May 26 @ 12:21]
Twee broers die bij een Amerikaans it-bedrijf werkzaam waren hebben minuten na hun ontslag 96 databases met informatie van de ...
Instructure settles with hackers following massive student data theft
[Security Affairs] [13 May 26 @ 12:16]
Educational tech firm Instructure reached a deal with hackers after a major Canvas breach exposed data stolen from schools and universities. Educational tech firm Instructure says it reached an agr...