IT Security News Daily Summary 2026-05-18

149 posts were published in the last hour

• 21:4 : Securing Everything: Mapping the Right Identity and Access Protocol (OIDC, OAuth2, and SAML) to the Right Identity
• 21:4 : CISA Admin Leaked AWS GovCloud Keys on Github
• 20:32 : TeamPCP Supply Chain Campaign: Activity Through 2026-05-17, (Mon, May 18th)
• 20:32 : CVE-2026-42945: Mitigating a Critical Heap Buffer Overflow Vulnerability in NGINX
• 20:32 : 10 Top OSINT Tools Every Investigator Should Know in 2026
• 20:32 : Vulnerability Summary for the Week of May 11, 2026
• 20:2 : OpenClaw Vulnerabilities Could Enable Full AI Agent Takeover
• 19:32 : NYC Health + Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people
• 19:32 : Grafana confirms GitHub token breach cybercrime group claims the attack
• 18:3 : New Reaper Malware Uses Fake Microsoft Domain to Steal macOS Passwords
• 18:2 : Banned Nvidia AI Chips Keep Reaching China Despite US Crackdown
• 18:2 : Apple’s Siri Revamp May Add Auto-Deleting Chats
• 18:2 : Device Code Phishing Targets Microsoft 365 Users
• 18:2 : Hackers Actively Exploiting Critical NGINX RCE Vulnerability in the Wild
• 18:2 : AI is drowning software maintainers in junk security reports
• 18:2 : INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
• 17:32 : The 6 Best Enterprise Password Managers You’ll Actually Trust in 2026
• 17:32 : Secure, Fast, Reliable: The Best Cloud Storage Providers for Businesses in 2026
• 17:32 : How to better protect your growing business in an AI-powered world
• 17:32 : Game over for 74 suspected scammers after Dutch cops plastered their faces on billboards
• 17:2 : Bridging Gaps in SOC Maturity Using Detection Engineering and Automation
• 17:2 : NYC Health and Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people
• 16:32 : Agentic Governance: Why It Matters Now
• 16:32 : Critical n8n Vulnerabilities Expose Automation Nodes to Full RCE
• 16:31 : Linux kernel flaw opens root-only files to unprivileged users
• 16:5 : IT Security News Hourly Summary 2026-05-18 18h : 7 posts
• 16:2 : What If Your Digital Footprint Could Shrink?
• 15:33 : Trojanized DAEMON Tools Used to Deploy Persistent Backdoor Malware
• 15:32 : 4 Key Areas in 2026 for Organisation Safety Against Advanced AI Threats
• 15:32 : Delivery-Label Scam: How Amazon & Flipkart Boxes Can Steal Your Data
• 15:32 : Canadian Privacy Regulators Say OpenAI Violated Federal and Provincial Privacy Laws
• 15:32 : ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
• 15:32 : Grafana Labs says hacker gained access to codebase through leaked token
• 15:2 : 10 Tips for Phrasing Employee Feedback in Reviews
• 14:32 : ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed
• 14:32 : Cyber attackers bypass traditional defences as ‘user-driven’ attacks surge, Bridewell warns
• 14:32 : TanStack weighs invitation-only pull requests after supply chain attack
• 14:32 : Cyber Briefing: 2026.05.16
• 14:3 : Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign
• 14:3 : SOC vs. MDR: What CISOs need to consider
• 14:3 : Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom
• 14:3 : Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
• 14:2 : How to Reduce Phishing Exposure Before It Turns into Business Disruption
• 14:2 : Interpol Launches Sweeping Cybercrime Crackdown in MENA Region
• 13:32 : Hacktivists, Ransomware, and a 124% Surge Across DACH
• 13:32 : Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq
• 13:32 : NGINX Rift attackers waste no time targeting exposed servers
• 13:32 : The Infosecurity Europe Cyber Startup Competition: Meet the Finalists
• 13:5 : IT Security News Hourly Summary 2026-05-18 15h : 16 posts
• 13:4 : Why Credential and Session Exposure Monitoring Should Be a Baseline Security Practice
• 13:4 : Continuous Detection, Continuous Response: Mate Security Redefines the Modern SOC
• 13:4 : Gamaredon Deploys GammaDrop, GammaLoad in Phishing Campaigns
• 13:4 : Dify: When Your AI Platform Becomes the Attack Surface
• 13:3 : Millions Impacted Across Several US Healthcare Data Breaches
• 13:3 : SmartBear expands ReadyAPI with AI-powered API testing capabilities
• 13:3 : Windows 11 Update Failure Error 0x800f0922
• 13:3 : Massive student data breach at universities
• 13:3 : AI Agents for Web Testing & Security Validation
• 13:3 : INTERPOL Operation Ramz: 201 arrested in MENA cybercrime
• 13:3 : Philippine Gov’t IOs Receive Cybersecurity Training
• 12:32 : One in 33 Employees Is Driving Nearly a Fifth of All Workplace AI Activity and Most Companies Are Only Just Waking Up to It
• 12:32 : Poland directs officials to ditch Signal in favor of ‘secure’ state-developed alternative
• 12:32 : ‘Claw Chain’ OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery
• 12:32 : NCSC Releases Agentic AI Security Guidance
• 12:31 : Pwn2Own Berlin 2026: 47 zero-days, $1.3M rewards
• 12:3 : Gremlin Stealer Hides Payloads in .NET Resources to Evade Detection
• 12:3 : IT threat evolution in Q1 2026. Non-mobile statistics
• 12:3 : IT threat evolution in Q1 2026. Mobile statistics
• 12:3 : Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
• 12:2 : Developer Workstations Are Now Part of the Software Supply Chain
• 12:2 : Paper Werewolf APT Spreads EchoGather RAT
• 12:2 : Microsoft Edge fixes plaintext password storage
• 12:2 : Grafana Labs GitHub breach – code downloaded
• 12:2 : Linus Torvalds: AI Bug Reports Overwhelm Linux Security List
• 12:2 : How a government contest launched a revolution in AI-based bug hunting
• 11:32 : The Gentlemen Ransomware Gang Hit by Internal Breach, Operations Exposed
• 11:32 : Critical NGINX Vulnerability Lets Hackers Launch Remote Code Execution Attacks
• 11:32 : Zero-Day Exploit Against Windows BitLocker
• 11:32 : Four Malicious npm Packages Steal SSH Keys, Cloud Credentials, and Crypto Wallets
• 11:32 : Linus Torvalds Says AI Bug Reports Have Made Linux Security Mailing List Unmanageable
• 11:32 : 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand
• 11:3 : Paper Werewolf APT Spreads EchoGather RAT via Fake Adobe Installer
• 11:2 : Microsoft is changing Edge’s plaintext password behavior
• 11:2 : F-35 software delays leave UK buying time with US glide bombs
• 11:2 : Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE
• 10:36 : NCSC Publishes Guidance on Securing Agentic AI Use
• 10:5 : IT Security News Hourly Summary 2026-05-18 12h : 10 posts
• 10:3 : An ICE Firearms Trainer Was Involved in At Least 4 Deadly Shootings
• 10:2 : Mozilla warns UK: Breaking VPNs will not magically fix Britain’s age-check mess
• 10:2 : First Shai-Hulud Worm Clones Emerge
• 10:2 : Security Researchers Find 47 Zero-Days at Pwn2Own Berlin
• 9:33 : Microsoft Acknowledges Windows 11 Update Failure Linked to Error 0x800f0922
• 9:33 : Hackers Abuse Cloudflare Storage to Exfiltrate Network Files
• 9:33 : Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix
• 9:32 : Microsoft discloses Exchange zero-day with no patch yet available
• 9:32 : OpenAI rotates certificates after TanStack supply chain attack hits employee devices
• 9:32 : Attackers accessed, downloaded code from Grafana Labs’ GitHub
• 9:3 : Critical Marimo RCE Flaw Could Let Attackers Execute Malicious Code Remotely
• 9:3 : Hackers Hide PureLogs Infostealer in PawsRunner Loader
• 9:3 : An AI-generated phishing attack on myself: How Cybercriminals Use ChatGPT and Similar Tools
• 9:3 : 1 Million WordPress Sites Affected by Avada Builder File Read and SQL Injection Flaws
• 9:3 : CISA Warns of Microsoft Exchange Server Vulnerability Exploited in Attacks
• 9:3 : Grafana Confirms Breach After Hackers Claim They Stole Data
• 9:3 : 201 arrested in INTERPOL disruption of phishing and fraud networks
• 9:2 : MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
• 9:2 : Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
• 9:2 : Bank of England, FCA and Treasury Raise Alarm Over Frontier AI
• 8:32 : OpenAI Considers Legal Action As Apple Relationship Sours
• 8:32 : OtterCookie Malware Steals Dev Secrets, SSH Keys, Cloud Credentials, and Tokens
• 8:32 : n8n Security Flaws Could Let Attackers Achieve Remote Code Execution
• 8:2 : EVs Dominate China Vehicle Sales Amid Oil Price Shock
• 8:2 : Fast16 Malware Sabotages Nuclear Test Simulations by Altering Data
• 7:33 : AI Companies’ London Office Space Jumps Tenfold
• 7:33 : Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945
• 7:33 : New Windows ‘MiniPlasma’ Zero-Day Let Attackers Gain SYSTEM Access – PoC Released
• 7:32 : Microsoft Confirms Windows 11 Update Fails With Error 0x800f0922
• 7:32 : A week in security (May 11 – May 17)
• 7:32 : Exploitation of Critical NGINX Vulnerability Begins
• 7:32 : Grafan GitHub extortion, Microsoft rejects Azure report, Funnel Builder flaw
• 7:5 : IT Security News Hourly Summary 2026-05-18 09h : 5 posts
• 7:2 : HMRC Strikes £175m, 10-Year AI Deal With UK’s Quantexa
• 7:2 : Critical FunnelKit Vulnerability Puts 40,000+ WooCommerce Sites at Risk
• 7:2 : 1 Million WordPress Websites Exposed by Avada Builder Security Vulnerabilities
• 7:2 : Linux Torvalds Warns AI Bug Report Spam Is Disrupting Linux Security Discussions
• 6:32 : The AI backdoor your security stack is not built to see
• 6:3 : Crafted JPEGs Could Trigger PHP Memory Bugs for Exploitation
• 6:2 : AI reveals the invisible magnetic chaos wasting energy inside electric motors
• 6:2 : Grafana Labs admits all its codebase are belong to someone who popped its GitHub account
• 6:2 : Lyrie: Open-source autonomous pentesting agent
• 5:32 : Malicious npm Packages Steal SSH Keys, Cloud Credentials, and Crypto Wallets
• 5:32 : Researchers Build First Public Apple M5 macOS Kernel Exploit with Mythos Preview
• 5:32 : Grafana Labs Confirms Security Incident Involving GitHub Codebase Access
• 5:32 : AI shrinks vulnerability exploitation window to hours
• 5:2 : Claude Code Vulnerability Allows Attackers to Run Commands Through Crafted Deeplinks
• 5:2 : Product showcase: McAfee + ChatGPT integration turns doubt into a scam check
• 4:32 : Claude Code RCE Flaw Lets Attackers Execute Commands via Malicious Deeplinks
• 4:32 : Fast16 Malware Manipulated Nuclear Weapons Simulation Data to Sabotage Test Results
• 4:32 : Critical WordPress Plugin Vulnerability Exposes Websites to Authentication Bypass Attacks
• 4:32 : Hackers Earn $1.3 Million at Pwn2Own Berlin 2026
• 4:32 : When ransomware hits, confidence doesn’t restore endpoints
• 4:5 : IT Security News Hourly Summary 2026-05-18 06h : 1 posts
• 4:2 : Election Commission Says ECINET Withstood Over 68 Lakh Cyberattack Attempts During Poll Counting
• 2:2 : AI is distorting the Holocaust (Lock and Code S07E10)
• 0:2 : Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’
• 22:32 : Closing the Gap: The Regulatory and Structural Maturation of Digital Assets
• 22:32 : Debian 13.5 point release lands with security fixes, bug patches
• 22:5 : IT Security News Hourly Summary 2026-05-18 00h : 2 posts
• 21:58 : IT Security News Weekly Summary 20
• 21:55 : IT Security News Daily Summary 2026-05-17