IT Security News Daily Summary 2026-05-21

169 posts were published in the last hour

• 21:32 : Decentralized Threat: Stealthy P2P Cryptominer Targeting Ollama Endpoints
• 21:32 : U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog
• 21:2 : Indian Student Data Weaponized for Phishing, Social Engineering, and Financial Fraud
• 21:2 : Fake Invitation Phishing Campaign Targets U.S. Organizations With Credential Theft
• 21:2 : TamperedChef Malware Uses Signed Productivity Apps to Deliver Stealers and RATs
• 21:2 : Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware
• 20:34 : Threat hunters find Google API keys still usable 23 minutes after deletion
• 20:2 : Law enforcement shuts down VPN service used by two dozen ransomware gangs
• 20:2 : AWS KY3P report now available for third-party supplier due diligence
• 19:32 : Is Temu Safe? What to Know Before Shopping
• 19:31 : HackerOne takes an axe to its bug bounty rewards
• 19:5 : IT Security News Hourly Summary 2026-05-21 21h : 2 posts
• 18:32 : Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown
• 18:32 : Global law enforcement operation takes First VPN offline
• 18:2 : The art of being ungovernable
• 18:2 : Mini Shai-Hulud Compromises @antv npm Packages to Steal CI/CD Credentials
• 18:2 : Authorities Have Taken Down “First VPN” Used in Ransomware Attacks
• 18:2 : Critical Chrome Vulnerabilities Enable Remote Code Execution Attacks – Patch Now!
• 18:2 : Microsoft Defender vulnerabilities are being exploited in the wild
• 17:32 : Evaluating SOC Effectiveness Using Detection Coverage and Response Metrics
• 17:3 : Wordfence Intelligence Weekly WordPress Vulnerability Report (May 11, 2026 to May 17, 2026)
• 17:3 : 6 Best Vulnerability Management Software & Systems for 2026
• 17:3 : 7 Best Attack Surface Management Software in 2026
• 17:2 : ABB B&R PCs
• 17:2 : ABB B&R Automation Runtime
• 17:2 : ABB B&R Automation Studio
• 17:2 : Hitachi Energy GMS600
• 17:2 : ABB Terra AC Wallbox
• 17:2 : What’s new in Microsoft Security: May 2026
• 16:32 : Deleted Google API Keys Remain Active up to 23 Minutes, Study Finds
• 16:32 : How to Detect Spam Content in Documents Using C#
• 16:32 : macOS Kernel Memory Corruption Exploit
• 16:32 : Microsoft open-sources tools for designing and testing AI agents
• 16:32 : Automating identity lifecycle and security with AWS Directory Service APIs
• 16:5 : IT Security News Hourly Summary 2026-05-21 18h : 9 posts
• 16:3 : The npm Threat Landscape: Attack Surface and Mitigations (Updated May 21)
• 16:3 : 2026 Verizon DBIR: The New Era of Cyber Threats
• 16:2 : Grafana Labs links GitHub environment breach to TanStack npm supply chain attack
• 16:2 : CISA asks cybersecurity community to alert it to vulnerability exploitation
• 15:32 : Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix
• 15:32 : Virus, Malware, or Spyware? Here’s What They Really Mean
• 15:32 : Poland Water Plant Hacks Expose Growing Cyber Threat to U.S. Infrastructure
• 15:32 : Ransomware Attack Disrupts Grading Platform Used by LBUSD Cal State and LBCC
• 15:32 : Cybercriminal VPN Dismantled in Europol Crackdown
• 15:2 : How to build a business impact analysis checklist
• 15:2 : Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
• 15:2 : GitHub Breach Traced to Malicious ‘Nx Console’ VS Code Extension
• 14:32 : CISA Enhances Known Exploited Vulnerabilities Catalog to Include New Nomination Form
• 14:32 : Your API Authentication Isn’t Broken; It’s Quietly Failing in These 6 Ways
• 14:32 : AI, Cybersecurity Education, and the Defense of America’s Digital Border
• 14:32 : Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload
• 14:32 : Authorities dismantle First VPN, used by ransomware actors
• 14:32 : Cyber Briefing: 2026.05.21
• 14:3 : Selective HTTP Proxying in Linux, (Thu, May 21st)
• 14:2 : Protect GenAI Chatbots with Check Point WAF
• 14:2 : P2PInfect Botnet Compromises Kubernetes Clusters Through Exposed Redis Instances
• 14:2 : Flipper Unveils New Flipper One Modular Linux Cyberdeck
• 14:2 : GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
• 13:32 : Secure Identity at the Edge: Akamai Partners with Auth0
• 13:32 : ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
• 13:5 : IT Security News Hourly Summary 2026-05-21 15h : 5 posts
• 13:2 : Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator
• 13:2 : Three-Quarters of Firms Knowingly Ship Vulnerable Code
• 12:32 : Apache OFBiz RCE Flaw Abuses Password-Change Restrictions for Authentication Bypass
• 12:32 : Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach
• 12:31 : Cisco Patches Critical Vulnerability in Secure Workload
• 12:3 : Android Malware Spotted Subscribing Victims to Paid Services Without Consent
• 12:3 : Scammers are abusing an internal Microsoft account to send spam links
• 12:2 : Proton Launches Credential Tokens to Tackle AI Agent Security Gap
• 12:2 : GitHub Internal Repositories Breached Via Weaponized VS Code Extension
• 12:2 : Ocean Emerges From Stealth With $28M for Agentic Email Security Platform
• 12:2 : Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
• 12:2 : Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes
• 11:33 : Discord Enables End-to-End Encryption by Default Across Voice and Video Features
• 11:33 : Microsoft Defender Zero-Day Vulnerabilities Actively Exploited in the Wild
• 11:33 : Industry Reacts to Verizon DBIR 2026 as Vulnerability Exploitation Takes Top Spot
• 11:33 : TikTok, YouTube, and Roblox face scrutiny, but age gates won’t fix child safety
• 11:33 : Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw
• 11:33 : Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention
• 11:33 : Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
• 11:2 : Google Chrome Security Flaws Could Let Attackers Execute Code Remotely
• 11:2 : Socket Raises $60 Million at $1 Billion Valuation
• 11:2 : Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
• 11:2 : When Identity is the Attack Path
• 10:32 : Microsoft’s Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks
• 10:32 : Fake Microsoft Teams Downloads Spread ValleyRAT Malware
• 10:32 : Researchers left AI agents alone in a virtual town and watched it all unravel
• 10:32 : Catch spyware in the act with Windows Webcam Monitoring
• 10:32 : Microsoft storms RAMPART, adds Clarity to agentic AI safety
• 10:5 : IT Security News Hourly Summary 2026-05-21 12h : 13 posts
• 10:3 : Ofcom Says YouTube, TikTok Dragging Feet On Child Protections
• 10:3 : TamperedChef Malware Hides in Signed Apps to Drop Stealers and RATs
• 10:2 : Critical Drupal Core Security Vulnerability Exposes Websites to Cyberattack
• 10:2 : Critical Cisco Secure Workload Vulnerability Enables Unauthorized API Access
• 10:2 : BadIIS Malware Turns Hijacks IIS Servers and Redirect Users to Illicit Sites
• 10:2 : New Microsoft Defender 0‑Days Actively Exploited in the Wild
• 10:2 : Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys
• 10:2 : Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
• 10:2 : Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
• 9:32 : Anthropic Set For First Profitable Quarter
• 9:32 : Fake Invitation Phishing Campaign Steals Credentials From U.S. Organizations
• 9:32 : Critical Vulnerability in Cisco Secure Workload Threatens Enterprise API Security
• 9:32 : New NGINX 0-Day RCE “nginx-poolslip” Threatens Millions of Servers
• 9:3 : One Man, One AI, One Fake Persona: Inside the 5-Year Influence and Fraud ‘Patriot Bait’ Campaign
• 9:3 : OpenAI Reportedly Plans Imminent IPO Filing
• 9:2 : A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
• 9:2 : 1-15 May 2026 Cyber Attacks Timeline
• 9:2 : WantToCry Ransomware Abuses SMB Services to Remotely Encrypt Files
• 9:2 : New NGINX 0-Day RCE “nginx-poolslip” Affects Millions of NGINX Servers
• 9:2 : Grafana Labs Says Code Breach Stemmed from TanStack Attack
• 8:33 : Meta Tells Staff It May Not Conduct Further Layoffs This Year
• 8:32 : Indian Student Data Weaponized in Phishing and Financial Fraud Campaigns
• 8:32 : Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility
• 8:32 : Tenable Hexa AI automates remediation across attack surfaces
• 8:32 : ASAPP expands adversarial testing for enterprise AI systems
• 8:32 : Virtru centers file collaboration around data-level protection
• 8:32 : 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
• 8:4 : Anthropic Paying SpaceX $1.25bn A Month For Compute
• 8:4 : Critical Drupal Vulnerability Could Leave Sites Open to Cyberattack
• 8:4 : Forward launches Predict to test network changes before deployment
• 8:4 : Riverbed introduces new Aternity tools for autonomous IT operations
• 7:35 : Samsung Reaches Last-Minute Deal To Avert Strike
• 7:35 : Nine-Year-Old Kernel Flaw Puts Linux SSH Private Keys at Risk
• 7:35 : Mini Shai-Hulud Hits @antv npm Packages, Targets CI/CD Secrets
• 7:34 : Discord adds end-to-end encryption to voice and video calls by default
• 7:34 : Verizon DBIR 2026: What the experts are saying
• 7:34 : Terra adds continuous network exploitation validation to its platform
• 7:34 : CTERA brings AI insights and automation for unstructured data
• 7:34 : GitHub VS Code extension breach, Shai-Hulud npm package compromise, Huawei/Luxembourg telecom link
• 7:5 : IT Security News Hourly Summary 2026-05-21 09h : 8 posts
• 7:4 : Police Arrest Dozens In Cyber-Fraud Crackdown
• 7:4 : P2PInfect Botnet Targets Kubernetes via Exposed Redis
• 7:4 : Dragonica Lunaris – 126,293 breached accounts
• 7:4 : Two U.S. Executives Plead Guilty in India-Based Tech-Support Fraud Schemes
• 7:4 : Zombie user account let hackers control the city’s water
• 6:32 : Webworm: New burrowing techniques
• 6:32 : The EU Is Going Through a Trump-Fueled Breakup With Big Tech
• 6:32 : Why AI changed the threat model for travel technology
• 6:2 : PoC Released for PinTheft Linux Flaw Enabling Root Privilege Escalation
• 6:2 : BadIIS Malware Hijacks IIS Servers to Redirect Users to Illicit Sites
• 6:2 : Two U.S. Executives Plead Guilty in India-Based Tech Support Fraud Schemes
• 6:2 : Most dark web activity revolves around a handful of topics
• 5:34 : WantToCry Ransomware Exploits SMB to Encrypt Remote Files
• 5:34 : Windows93 / Myspace93 – 46,105 breached accounts
• 5:34 : AI red teaming agents change how LLMs get tested
• 5:5 : Claude Code Sandbox Flaw May Compromise User Secrets
• 5:5 : New GhostTree Attack Causes EDR Tools to Hang, Leaving Files Unscanned
• 5:4 : Building trust through AI red teaming: Red Hat’s approach to testing model safety
• 5:4 : New GhostTree Attack Causing EDR Products to Hang and Leave Files Unscanned
• 5:4 : Product showcase: Bitdefender Mobile Security for iOS protects privacy where scams begin
• 5:4 : Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
• 5:4 : GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
• 4:34 : Claude Code’s Network Sandbox Vulnerability Exposes User Credentials and Source Code
• 4:34 : Cyber threats push SMBs to spend more on security
• 3:4 : Dark Web Brokers Repackage Old Breaches as Fresh Corporate Data Leaks
• 3:4 : Gremlin Stealer Stores C2 URLs and Exfiltration Paths in Encrypted Resource Sections
• 2:4 : ISC Stormcast For Thursday, May 21st, 2026 https://isc.sans.edu/podcastdetail/9940, (Thu, May 21st)
• 1:32 : ExifTool CVE-2026-3102: RCE via Image Metadata
• 1:32 : Malicious VS Code Extension Breaches GitHub
• 1:32 : AI-Driven DDoS Attacks Surge 738% in Finance
• 1:32 : UK GCA Opens £2.9B Defense Tech Framework to SMEs
• 1:32 : University of Arizona leads cyber operations education
• 23:34 : Third-Party Risk Management Needs to Evolve
• 22:32 : Void Botnet Uses Ethereum Smart Contracts for Seizure-Resistant C2 Infrastructure
• 22:31 : Hackers Use Fake Income Tax Assessment Pages to Infect Windows Systems
• 22:6 : How a Webmail Log File Became a Root-Level Backdoor
• 22:6 : A Bipartisan Amendment Would End Police License Plate Tracking Nationwide
• 22:5 : IT Security News Hourly Summary 2026-05-21 00h : 4 posts
• 21:55 : IT Security News Daily Summary 2026-05-20