A devastating zero-day vulnerability in Palo Alto Networks firewalls is under active exploitation by suspected state-sponsored hackers, allowing unauthenticated attackers to seize complete control of enterprise security infrastructure. The flaw, tracked as CVE-2026-0300 with a critical CVSS score of 9.3,…
Zombie linkages are keeping expired domains trusted for years
Domains expire, get transferred, and return to the market every day. The systems connected to those domains can continue trusting the original owner long after control has changed. Researchers at USC and the University of Twente examined this problem in…
Popular node-ipc npm Library Hit by Supply Chain Attack, Impacting 822K Weekly Downloads
A widely used npm package with more than 822,000 weekly downloads has once again become the center of a serious supply chain attack, raising fresh concerns across the JavaScript ecosystem. Security researchers at Socket have uncovered multiple malicious versions of…
The AI oversight paradox: Is the investment worth the cost of watching it?
Unlike in 2025, when AI adoption and testing drove business strategies, organizations in 2026 want proven ROI before committing budgets, according to a report by Globalization Partners. How global executives characterize their organization’s approach to AI adoption (Source: Globalization Partners)…
ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, May 15th, 2026…
Cisco Catalyst SD-WAN Controller 0-Day Actively Exploited to Gain Admin Access
A maximum-severity zero-day vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited in the wild, allowing unauthenticated remote attackers to fully bypass authentication and seize administrative control of enterprise network infrastructure. Tracked as CVE-2026-20182 with a CVSS score of…
OpenAI Confirms Security Breach Via TanStack npm Supply Chain Attack
Two employee devices at OpenAI were compromised in a sweeping software supply chain attack targeting TanStack npm, but the AI company confirmed no user data, production systems, or intellectual property were affected. On May 11, 2026 UTC, threat actors launched…
New infosec products of the week: May 15, 2026
Here’s a look at the most interesting products from the past week Alation, Apricorn, Versa Networks, and TrustCloud. The questionnaire-based TPRM model is broken, and TrustCloud has a fix TrustCloud announced a new version of TrustLens, its third party risk…
How a Google API Key Became an $8,000 AI Bill, Meta Scam Ads Lawsuit, and 73-Second Cyber Attacks
Google Cloud customers are reporting shocking surprise bills after compromised or misused API keys were allegedly used to access expensive Gemini AI services. In one case, Rod Dinan says his monthly Google Cloud costs jumped from under $50 to nearly…
Nobody believes the ‘criminals and scumbags’ who hacked Canvas really deleted stolen student data
Other than Instructure execs – maybe? This article has been indexed from www.theregister.com – Articles Read the original article: Nobody believes the ‘criminals and scumbags’ who hacked Canvas really deleted stolen student data
IT Security News Hourly Summary 2026-05-15 00h : 5 posts
5 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-05-14 21:32 : Chinese APT Hackers Exploit Microsoft Exchange to Breach Energy Sector Network 21:32 : Sandworm Hackers Pivot From Compromised IT Systems Toward Critical…
IT Security News Daily Summary 2026-05-14
174 posts were published in the last hour 21:32 : Chinese APT Hackers Exploit Microsoft Exchange to Breach Energy Sector Network 21:32 : Sandworm Hackers Pivot From Compromised IT Systems Toward Critical OT Assets 21:32 : Innovator Spotlight: Radware 21:32…
Chinese APT Hackers Exploit Microsoft Exchange to Breach Energy Sector Network
A Chinese state-linked hacking group known as FamousSparrow has quietly infiltrated an Azerbaijani oil and gas company, exploiting an unpatched Microsoft Exchange server to plant multiple backdoors inside the network. The attack ran from late December 2025 through late February…
Sandworm Hackers Pivot From Compromised IT Systems Toward Critical OT Assets
A Russian state-sponsored hacking group known as Sandworm has been caught making a calculated pivot from compromised IT networks into operational technology systems that control physical infrastructure. The campaign is alarming because it does not rely on cutting-edge exploits. Instead,…
Innovator Spotlight: Radware
Radware’s Quiet Revolution In AI-Powered Defense If you have been around this industry long enough, Radware probably lives in a nostalgic corner of your brain. Load balancing. Application delivery controllers…. The post Innovator Spotlight: Radware appeared first on Cyber Defense…
Innovator Spotlight: Klever Compliance
Klever Compliance: Killing Sacred Cows, Taming Data Hoarders, And Making GRC Actually Work If you have been in this industry longer than five minutes, you have probably seen this movie… The post Innovator Spotlight: Klever Compliance appeared first on Cyber…
Regional routing for AWS access portals: Implementing custom vanity domains for IAM Identity Center
AWS IAM Identity Center provides a web-based access portal that gives your workforce a single place to view their AWS accounts and applications. With the recent launch of IAM Identity Center multi-Region replication, customers can replicate their IAM Identity Center…
The “Zombie API” Attack: Why Your Old Integrations Are Your Biggest Security Risk
Three years ago, your team built a payment integration. It worked fine. Then you moved to a better solution, shipped the new version, and everyone got busy with the next thing. Nobody filed a formal ticket to shut the old…
U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Catalyst SD-WAN, tracked as CVE-2026-20182 (CVSS score of…
Critical Canon MailSuite Vulnerability Enables Remote Code Execution Attacks
Enterprise email infrastructure remains one of the most critical and vulnerable targets for cybercriminals. A highly severe security flaw has just been discovered in Canon’s GUARDIANWALL MailSuite, exposing corporate networks to devastating Remote Code Execution (RCE) attacks. Threat actors can…
Hackers Compromise 170 npm Packages to Steal GitHub, npm, AWS, and Kubernetes Secrets
A sprawling supply chain attack has put software developers worldwide on high alert after hackers compromised more than 170 npm packages and two PyPI packages in a coordinated credential theft campaign. The infected packages are collectively downloaded over 200 million…
Anthropic’s Mythos AI Reportedly Found macOS Vulnerabilities that Could Bypass Apple Security
Security researchers at Calif, a Palo Alto-based cybersecurity firm, have used techniques derived from an early version of Anthropic’s secretive Mythos AI model to uncover two previously undocumented vulnerabilities in Apple’s macOS. The bugs were chained together into a privilege…
node-ipc npm Package with 822K Weekly Downloads Compromised in Supply Chain Attack
A widely used JavaScript inter-process communication library has been weaponized again. Socket and Stepsecurity have confirmed that three newly published versions of node-ipc, a package with over 822,000 weekly downloads, contain obfuscated stealer and backdoor payloads, marking the second major…
New Malware Framework Enables Screen Control, Browser Artifact Access, and UAC Bypass
A newly uncovered malware framework is raising serious alarms across the cybersecurity community. Researchers have identified a previously unknown implant called TencShell, a sophisticated tool capable of giving attackers full remote control over a compromised system. The discovery highlights how…