IT Security News Daily Summary 2026-05-15

133 posts were published in the last hour

• 21:32 : The Department of Know: GemStuffer attack, AI SBOMs, and AI-created zero-days
• 21:2 : The Next Cybersecurity Challenge May Be Verifying AI Agents
• 19:5 : IT Security News Hourly Summary 2026-05-15 21h : 4 posts
• 19:2 : Two Unpatched Windows Exploits Target BitLocker, SYSTEM Access
• 19:2 : OpenAI Warns Mac Users to Update Apps After Supply-Chain Attack
• 19:2 : A hotel check-in system left a million passports and driver’s licenses open for anyone to see
• 19:2 : Reducing CVE fatigue with Red Hat Hardened Images and Anchore
• 18:2 : CISA Adds One Known Exploited Vulnerability to Catalog
• 18:2 : The AWS AI Security Framework: Securing AI with the right controls, at the right layers, at the right phases
• 17:32 : Welcome to BlackFile: Inside a Vishing Extortion Operation
• 17:32 : Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
• 17:2 : Hackers Use PyInstaller and AMSI Patching to Deliver XWorm RAT v7.4
• 16:32 : Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
• 16:5 : IT Security News Hourly Summary 2026-05-15 18h : 12 posts
• 16:3 : Mini Shai-Hulud: The Worm Returns and Goes Public
• 16:3 : RaccoonLine Publishes Analysis of VPN Data Disclosure Risks and the Shift Toward Decentralized Routing
• 16:3 : US orders travelers on Air Force One to throw away gifts, pins, and burner phones after China trip
• 16:3 : PureLogs: Delivery via PawsRunner Steganography
• 16:3 : Microsoft Edge, Windows 11 and LiteLLM Hacked in Pwn2Own Berlin 2026
• 16:3 : Hackers Abuse OAuth Device Authorization Flow to Steal Microsoft 365 Tokens
• 16:3 : Shai-Hulud Worm Steals npm, GitHub, AWS, and Kubernetes Secrets From Developers
• 16:3 : OpenClaw Chain Vulnerabilities Expose 245,000 Public AI Agent Servers to Attack
• 16:3 : Gunra Ransomware Expands RaaS Operations After Shifting From Conti-Based Locker
• 16:2 : Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
• 16:2 : MSPs need AI to fight AI-fueled cyberthreats: Guardz
• 15:32 : Context-Aware Authorization for AI Agents
• 15:3 : In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws
• 15:3 : New ChatGPT Settings Will Improve User Privacy and Data Training
• 14:32 : The First AI-Crafted Zero-Day Was Easy to Spot. The Next One May Not Be
• 14:32 : 6 Best VPNs for Canada in 2026 (Free & Paid Options Compared)
• 14:32 : Google’s Default 15GB Free Storage Is Ending for Some New Accounts
• 14:32 : 7AI Uncovers Browser Extension Campaign Evading EDR Defenses
• 14:32 : CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day
• 14:32 : Gremlin Stealer Evolves into Modular Threat with Advanced Evasion Capabilities
• 14:32 : Cyber Briefing: 2026.05.15
• 13:34 : Gunra Ransomware Expands RaaS After Conti Locker Shift
• 13:34 : What is CI/CD Pipeline?
• 13:34 : Tycoon 2FA Operators Adopt OAuth Device Code Phishing to Bypass MFA
• 13:34 : Microsoft Warns of Attackers Using Trusted HPE Operations Agent for Malware-Free Intrusions
• 13:34 : Hackers Use OrBit Rootkit to Harvest SSH and Sudo Credentials From Linux Systems
• 13:34 : Attackers replaced JDownloader installer downloads with malware
• 13:5 : IT Security News Hourly Summary 2026-05-15 15h : 19 posts
• 13:3 : Shai-Hulud Worm Steals Dev Secrets Across npm, GitHub, AWS & Kubernetes
• 13:3 : VMware Fusion Flaw Could Allow Attackers to Gain Root Privileges
• 13:3 : The Case for a Vulnerability Operations Center
• 13:3 : Illicit Enterprise: An Anatomy of the Modern Underground Phishing Marketplace
• 13:3 : Cybersecurity Insider Survey: AI Is Fueling a New Generation of Threat Actors
• 13:3 : The Hidden Risk For IT Subcontractors: When Insurance, Not Security, Costs You The Contract
• 13:3 : Meta’s confusing new approach to chat privacy
• 13:3 : Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
• 13:3 : Google lets Workspace admins apply one policy across all SAML apps
• 13:3 : Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
• 13:3 : OpenAI Compromised in TanStack Supply Chain Attack
• 13:3 : Japan’s Banks Use Claude for Cybersecurity Testing
• 13:3 : UK King’s Speech Emphasizes Cyber Resilience
• 13:2 : OpenAI faces class-action privacy lawsuit over data sharing
• 13:2 : Scott Lashway Named to Cybersecurity Docket’s 2026 Elite Lis
• 12:32 : Hackers Exploit OAuth Device Flow to Steal Microsoft 365 Tokens
• 12:32 : Google Project Zero Details Pixel 10 Zero-Click Exploit Chain
• 12:32 : Your Identity Governance Is Lying to You
• 12:32 : Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild
• 12:3 : PraisonAI Vulnerability Actively Exploited Within Hours of Being Made Public
• 12:3 : TeamPCP Hackers Abuse CI/CD Pipelines to Steal Developer and Cloud Credentials
• 12:3 : Multiple cPanel Vulnerabilities Allows Access to Sensitive System Resources
• 12:3 : Amazon Redshift JDBC Driver Vulnerabilities Enables Remote Code Execution Attacks
• 12:2 : PraisonAI Vulnerability Exploited Within Hours of Public Disclosure
• 12:2 : TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
• 12:2 : What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
• 11:32 : Ghostwriter group resumes attacks on Ukrainian Government targets
• 11:32 : Bypassing On-Camera Age-Verification Checks
• 11:32 : American Lending Center Data Breach Affects 123,000 Individuals
• 11:32 : Akamai to acquire LayerX for $205 million
• 11:2 : OrBit Rootkit Targets Linux to Steal SSH and Sudo Credentials
• 11:2 : OpenAI Hit by TanStack Supply Chain Attack
• 11:2 : Thieves unlock stolen iPhones using cheap tools sold on Telegram
• 10:32 : Gremlin Stealer’s Evolved Tactics: Hiding in Plain Sight With Resource Files
• 10:32 : CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
• 10:32 : Microsoft Warns HPE Operations Agent Abused in Malware-Free Attacks
• 10:32 : OpenAI caught in TanStack npm supply chain chaos after employee devices compromised
• 10:32 : Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
• 10:5 : IT Security News Hourly Summary 2026-05-15 12h : 6 posts
• 10:2 : TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code
• 10:2 : Rocky Linux launches opt-in security repository for urgent fixes
• 9:32 : Microsoft Edge, Windows 11, and LiteLLM Fall to Exploits at Pwn2Own Berlin 2026
• 9:32 : Hackers Abuse Scheduled Tasks to Maintain Persistence in FrostyNeighbor Attacks
• 9:32 : VMware Fusion Vulnerability Let Attackers Escalate Privilege to Root
• 9:32 : Microsoft Details Kazuar Malware’s Modular Architecture and P2P Botnet Operations
• 9:3 : Amazon Redshift JDBC Driver Flaws Expose Systems to RCE Attacks
• 9:3 : Tycoon 2FA Operators Use OAuth Device Code Phishing to Bypass MFA
• 9:3 : Tenable warns AI adoption is outpacing governance as cloud exposure risks surge
• 9:3 : Cyberattack on West Pharmaceutical halts manufacturing across multiple sites
• 9:3 : Beyond deepfakes: Building identity resilience against AI impersonation
• 9:3 : MPs want social media treated more like unsafe toys than harmless apps
• 8:3 : Google Patches 79 Chrome Security Vulnerabilities, 14 Rated Critical
• 8:3 : Multiple cPanel Vulnerabilities Could Lead to Sensitive Resource Exposure
• 8:3 : Critical Next.js Vulnerability Exposes Cloud Credentials, API keys, and Admin Panels
• 8:3 : Critical Microsoft Exchange Server Vulnerability Actively Exploited in Attacks
• 8:3 : 79 Chrome Vulnerabilities Patched, Including 14 Critical One’s – Update Now!
• 8:3 : China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
• 7:33 : UK Regulator Begins Microsoft Software Probe
• 7:33 : Cisco Catalyst SD-WAN Controller Flaw Under Active Exploitation for Admin Access
• 7:33 : FrostyNeighbor: Fresh mischief and digital shenanigans
• 7:33 : Researchers uncover YellowKey and GreenPlasma Windows Zero-Days
• 7:32 : Chrome 148 Update Patches Critical Vulnerabilities
• 7:32 : Keycard helps developers secure autonomous AI agents with scoped access
• 7:32 : G7 releases AI SBOM, DELL SupportAssist BSOD, Dirty Frag sequel
• 7:5 : IT Security News Hourly Summary 2026-05-15 09h : 10 posts
• 7:3 : [Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
• 7:2 : Employees Report AI ‘Brain Fry’
• 7:2 : TeamPCP Hackers Exploit CI/CD Pipelines to Steal Cloud Credentials
• 7:2 : On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
• 6:32 : Microsoft Exposes Kazuar Malware’s Modular P2P Botnet Architecture
• 6:32 : Next.js Security Flaw Leaks Cloud Credentials, API Keys, and Admin Interfaces
• 6:32 : Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall
• 6:32 : Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026
• 6:32 : MDASH AI Helps Microsoft Detect 16 Critical Windows Security Flaws
• 6:5 : Indian Banks Step Up IT Spending Over AI Security Fears
• 6:4 : Deepfake detection is losing ground to generative models
• 6:4 : CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
• 5:32 : Dell SupportAssist Update Forces Windows Systems Into BSOD Loop
• 5:32 : Hackers Exploit Scheduled Tasks for Persistence in FrostyNeighbor Attacks
• 5:32 : Palo Alto Firewalls Hit by Zero-Day Allowing Arbitrary Code Execution as Root
• 5:32 : Zombie linkages are keeping expired domains trusted for years
• 5:2 : Popular node-ipc npm Library Hit by Supply Chain Attack, Impacting 822K Weekly Downloads
• 5:2 : The AI oversight paradox: Is the investment worth the cost of watching it?
• 4:32 : ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
• 4:32 : Cisco Catalyst SD-WAN Controller 0-Day Actively Exploited to Gain Admin Access
• 4:32 : OpenAI Confirms Security Breach Via TanStack npm Supply Chain Attack
• 4:32 : New infosec products of the week: May 15, 2026
• 4:32 : How a Google API Key Became an $8,000 AI Bill, Meta Scam Ads Lawsuit, and 73-Second Cyber Attacks
• 23:2 : Nobody believes the ‘criminals and scumbags’ who hacked Canvas really deleted stolen student data
• 22:5 : IT Security News Hourly Summary 2026-05-15 00h : 5 posts
• 21:55 : IT Security News Daily Summary 2026-05-14