Top Stories by Impact
How Storm-2949 turned a compromised identity into a cloud-wide breach
18 May 2026 · 22:42 UTC
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft without using malware. This incident shows how threat actor…
Read full article →Exposing Fox Tempest: A malware-signing service operation
Yesterday · 15:07 UTC
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to mo…
Read full article →Exposing Fox Tempest: A malware-signing service operation
Yesterday · 15:07 UTC
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to mo…
Read full article →Project Glasswing: what Mythos showed us
18 May 2026
Cloudflare shares findings from testing Mythos and other security-focused LLMs against live code across critical infrastructure, including model strengths, weaknesses, and what is…
Read full article →CIRT insights: How to help prevent unauthorized account removals from AWS Organizations
Yesterday · 21:34 UTC
The AWS Customer Incident Response Team works with customers to help them recover from active security incidents. As part of this work, the team often uncovers new or trending tact…
Read full article →Advancing content provenance for a safer, more transparent AI ecosystem
Yesterday · 10:45 UTC
OpenAI advances AI content provenance with Content Credentials, SynthID, and a verification tool to help people identify and trust AI-generated media.
Read full article →Cybersecurity
Cloudflare Blog
Project Glasswing: what Mythos showed us
High18 May 2026
Cloudflare shares findings from testing Mythos and other security-focused LLMs against live code across critical infrastructure, including model strengths, weaknesses, and what is needed before this work can scale.
Read full article →AI & Technology
Vendor Security
Microsoft Security
How Storm-2949 turned a compromised identity into a cloud-wide breach
Critical18 May 2026 · 22:42 UTC
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft without using malware. This incident shows how threat actors can exploit trusted systems to operate…
Read full article →Exposing Fox Tempest: A malware-signing service operation
CriticalYesterday · 15:07 UTC
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to more effectively distribute malicious code…
Read full article →How to better protect your growing business in an AI-powered world
18 May 2026 · 16:00 UTC
See how built-in security helps keep your growing business running, protect customer trust, and support growth. The post How to better protect your growing business in an AI-powered world appeared first on Microsoft Secu…
Read full article →Microsoft Threat Intel
Exposing Fox Tempest: A malware-signing service operation
CriticalYesterday · 15:07 UTC
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to more effectively distribute malicious code…
Read full article →AWS Security
CIRT insights: How to help prevent unauthorized account removals from AWS Organizations
MediumYesterday · 21:34 UTC
The AWS Customer Incident Response Team works with customers to help them recover from active security incidents. As part of this work, the team often uncovers new or trending tactics used by various threat actors that t…
Read full article →Governing infrastructure as code using pattern-based policy as code
Yesterday · 16:15 UTC
Organizations often struggle to enforce security and compliance requirements consistently across their cloud infrastructure. In one environment, a workload might be deployed in an AWS Region that was never approved for t…
Read full article →OpenAI News
Advancing content provenance for a safer, more transparent AI ecosystem
MediumYesterday · 10:45 UTC
OpenAI advances AI content provenance with Content Credentials, SynthID, and a verification tool to help people identify and trust AI-generated media.
Read full article →Introducing OpenAI for Singapore
Yesterday · 20:30 UTC
OpenAI for Singapore launches a multi-year AI partnership to expand deployment, build local talent, and support businesses and public services with AI.
Read full article →The next phase of OpenAI’s Education for Countries
Today · 00:00 UTC
OpenAI advances Education for Countries, expanding AI adoption in schools with new partnerships, teacher training, and tools to improve global learning outcomes.
Read full article →Palo Alto Unit 42
Tracking TamperedChef Clusters via Certificate and Code Reuse
Today · 10:00 UTC
Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets. The post Tracking TamperedChef Clusters via Certificate and Code Reuse appear…
Read full article →