Top Stories by Impact

🔐 CISA Alerts Critical

ZKTeco CCTV Cameras

19 May 2026 · 12:00 UTC

View CSAF Summary Successful exploitation of this vulnerability could result in information disclosure, including capture of camera account credentials. The following versions of Z…

Read full article →
🔐 CISA Alerts Critical

Kieback & Peter DDC Building Controllers

19 May 2026 · 12:00 UTC

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to take control of the victim's browser. The following versions of Kieback & Peter DDC Build…

Read full article →
🏢 Rapid7 Blog Critical

Operationalizing CTEM Faster: Build Surface Command Dashboards in Minutes

Yesterday · 12:15 UTC

Modern attack surfaces don’t sit still.Cloud expansion, SaaS sprawl, identity complexity, and shadow IT are continuously reshaping organizational risk. For security leaders, visibi…

Read full article →
🔐 The Hacker News Critical

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Today · 10:55 UTC

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091,…

Read full article →
🔐 CISA Alerts Critical

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

Yesterday · 12:00 UTC

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2008-4250 Microsoft Windows Buffer Over…

Read full article →
🔐 Krebs on Security Critical

CISA Admin Leaked AWS GovCloud Keys on Github

18 May 2026 · 20:48 UTC

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly…

Read full article →
🔐 BleepingComputer Critical

Microsoft warns of new Defender zero-days exploited in attacks

Today · 07:49 UTC

On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]

Read full article →
🏢 Rapid7 Blog Critical

Rapid7’s 2026 Global Cybersecurity Summit: Key Takeaways for Security Leaders

19 May 2026 · 15:22 UTC

Security teams are working in an environment where speed, scale, and complexity are all increasing at the same time. Across the Rapid7 2026 Global Cybersecurity Summit, the focus w…

Read full article →
🔐

Cybersecurity

CISA Alerts

1

ZKTeco CCTV Cameras

Critical

19 May 2026 · 12:00 UTC

View CSAF Summary Successful exploitation of this vulnerability could result in information disclosure, including capture of camera account credentials. The following versions of ZKTeco CCTV Cameras are affected: SSC335-…

Read full article →
2

Kieback & Peter DDC Building Controllers

Critical

19 May 2026 · 12:00 UTC

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to take control of the victim's browser. The following versions of Kieback & Peter DDC Building Controllers are affected: DDC4002 DD…

Read full article →
3

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

Critical

Yesterday · 12:00 UTC

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability CVE-2009-1537 Microso…

Read full article →

The Hacker News

1

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Critical

Today · 10:55 UTC

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system.…

Read full article →
2

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

High

Today · 07:35 UTC

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privi…

Read full article →
3

When Identity is the Attack Path

High

Today · 10:30 UTC

Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything…

Read full article →

Krebs on Security

1

CISA Admin Leaked AWS GovCloud Keys on Github

Critical

18 May 2026 · 20:48 UTC

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a…

Read full article →

BleepingComputer

1

Microsoft warns of new Defender zero-days exploited in attacks

Critical

Today · 07:49 UTC

On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]

Read full article →
2

GitHub links repo breach to TanStack npm supply-chain attack

High

Today · 06:54 UTC

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack. [...]

Read full article →
3

Flipper One project needs community help to build open Linux platform

Today · 11:00 UTC

Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. [...]

Read full article →

Infosecurity Magazine

1

Grafana Labs Says Code Breach Stemmed from TanStack Attack

Critical

Today · 08:00 UTC

Grafana Labs has confirmed a recent data breach was caused by the TanStack supply chain attack

Read full article →
2

Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users

High

Yesterday · 15:30 UTC

Premium Deception campaign uses 250 Android apps to silently sign victims up to paid services

Read full article →
3

Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes

Today · 12:00 UTC

Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally

Read full article →

Schneier on Security

1

Zero-Day Exploit Against Windows BitLocker

High

18 May 2026 · 11:08 UTC

It’s nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11…

Read full article →
2

On AI Security

Medium

Yesterday · 14:21 UTC

Good report: Executive Summary: Let’s say you wanted to make sure that your AI is secure. Can you just maximize the security and privacy benchmark and call it a day? Nope, because benchmarks don’t actually work for measu…

Read full article →
3

Laurie Anderson Is Quoting Me

19 May 2026 · 11:00 UTC

Not by name, but Laurie Anderson quotes me in one of the tracks of her new album: My favorite quote is from a cryptologist who said “If you think technology will solve your problems, you don’t understand technology and y…

Read full article →

Cloudflare Blog

1

Project Glasswing: what Mythos showed us

High

18 May 2026

Cloudflare shares findings from testing Mythos and other security-focused LLMs against live code across critical infrastructure, including model strengths, weaknesses, and what is needed before this work can scale.

Read full article →

CyberScoop

1

The readiness paradox: Why a false sense of cyber confidence is becoming a liability

Medium

Today · 10:00 UTC

As AI expands the attack surface and alert fatigue grows, cyber exposure management offers a clearer path to understanding where risk truly concentrates and how to reduce it before a crisis hits. The post The readiness p…

Read full article →
2

GitHub says internal repositories were impacted in poisoned VS Code extension attack

Yesterday · 14:48 UTC

GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the growing risks facing softwar…

Read full article →
3

Meet Rampart and Clarity, Microsoft’s new red team combo AI agents

Yesterday · 20:25 UTC

Microsoft’s AI red team lead talked to CyberScoop about the goals behind open sourcing a pair of security tools meant for developers and incident responders. The post Meet Rampart and Clarity, Microsoft’s new red team co…

Read full article →

Ars Technica

1

Trump admin didn't want Ebola-exposed Americans, sent them to Berlin, Prague

Medium

Yesterday · 21:58 UTC

Officials denied refusing entry, but dodged questions on why Americans didn't return.

Read full article →
2

Famously secret about its finances, SpaceX opens its books for the first time

Yesterday · 23:02 UTC

"We believe we have identified the largest TAM in human history."

Read full article →
3

NASA's Psyche spacecraft returns unfamiliar views of a familiar world

Yesterday · 21:26 UTC

"As a bonus, it captured Mars images from a rare perspective."

Read full article →

Cybercrime Magazine

1

VIDEO: 2026 CISO Report On How MSSPs Are Filling The CISO Gap For Underserved SMBs

Yesterday · 13:46 UTC

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 20, 2026 –Watch the YouTube video Cybersecurity Ventures estimates that there are around 35,000 chief information security offic…

Read full article →
2

Young Girls Are The Future Of Cybersecurity

19 May 2026 · 12:39 UTC

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 19, 2026 –Watch the YouTube video Betta Lyon Delsordo told Cybercrime Magazine that her journey into ethical hacking began at 13…

Read full article →
3

World Premiere Of “Midnight In The War Room” Documentary At Black Hat Vegas

18 May 2026 · 12:39 UTC

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 18, 2026 –Watch the trailer Black Hat, the cybersecurity industry’s most established and in-depth security event series, and Sem…

Read full article →

SANS Internet Storm Center

1

ISC Stormcast For Thursday, May 21st, 2026 https://isc.sans.edu/podcastdetail/9940, (Thu, May 21st)

Today · 02:00 UTC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read full article →
2

ISC Stormcast For Wednesday, May 20th, 2026 https://isc.sans.edu/podcastdetail/9938, (Wed, May 20th)

Yesterday · 02:00 UTC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read full article →
3

ISC Stormcast For Tuesday, May 19th, 2026 https://isc.sans.edu/podcastdetail/9936, (Tue, May 19th)

19 May 2026 · 02:00 UTC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read full article →
🤖

AI & Technology

VentureBeat AI

1

Google just redesigned the search box for the first time in 25 years — here’s why it matters more than you think.

High

19 May 2026 · 17:45 UTC

For a quarter century, the Google search box has been one of the most recognizable interfaces in computing: a thin white rectangle, a blinking cursor, a few typed words, and a list of blue links. On Tuesday, Google will…

Read full article →

AI News

1

Enterprise AI roadblocks and roadmaps, security and physical AI: Day two at TechEx

High

19 May 2026 · 19:18 UTC

Day two of TechEx North America has been more of a deeper, critical examination of AI in the enterprise, but with a optimistic bent. The AI and Big Data programme opened with reference to what was termed the “AI graveyar…

Read full article →
2

Nvidia’s Vera chip is the US$200 billion bet Jensen Huang doesn’t want you to overlook

Medium

Today · 08:00 UTC

The Nvidia Vera chip is rarely the headline when earnings beat estimates, but it should be. When Nvidia reported Q1 revenue of US$81.62 billion on Wednesday, beating analyst estimates of US$78.86 billion, and guided Q2 a…

Read full article →
3

Alibaba is designing AI chips around agents, and that changes what the race is actually about

Yesterday · 10:00 UTC

Alibaba has unveiled a new AI processor built specifically for AI agents, pairing the chip announcement with a multi-year silicon roadmap and a new large language model, signalling that the company is building an integra…

Read full article →

Wired AI

1

SpaceX Is Spending $2.8 Billion to Buy Gas Turbines for Its AI Data Centers

Yesterday · 23:30 UTC

The investment comes as Elon Musk’s AI unit faces complaints about the carbon-emitting units and looks to become a big player in cloud computing.

Read full article →
2

I Gave My OpenClaw Agent a Physical Body

Yesterday · 18:00 UTC

The coding skills of AI models are about to make it much easier to build and deploy robots.

Read full article →
3

SpaceX Listed Grok’s ‘Spicy’ Mode as a Risk in Its IPO Filing

Today · 00:43 UTC

The rocket company has set aside more than $500 million for potential litigation losses, in part to account for complaints alleging that Grok created sexualized images.

Read full article →

TechCrunch AI

1

Jensen Huang says he’s found a ‘brand new’ $200B market for Nvidia

Today · 00:28 UTC

The next big thing for Nvidia will be CPUs for AI agents, $200 billion worth, CEO Jensen Huang predicts.

Read full article →
2

Anthropic says it’s about to have its first profitable quarter

Today · 00:21 UTC

Anthropic has told its investors that it will more than double revenue to around $10.9 billion in its second quarter.

Read full article →
3

Clouted wants to take the guesswork out of making short videos go viral

Yesterday · 22:30 UTC

The video clipping startup raised a $7 million seed round led by Slow Ventures.

Read full article →

The Guardian Technology

1

ChatGPT and other AI bots made huge errors before Scottish election, study finds

Yesterday · 14:56 UTC

Exclusive: Electoral Commission calls for new controls as Demos finds tools made up fake scandals, invented candidates or gave wrong dateUK politics live – latest updatesThe Electoral Commission has called for new legal…

Read full article →
2

Nvidia’s revenue blows past Wall Street expectations as AI boom accelerates

Yesterday · 22:45 UTC

Many analysts view company’s financial performance as a broader referendum on AI buildoutNvidia continued its years-long streak of beating Wall Street’s expectations for growth on Wednesday, reassuring most investors tha…

Read full article →
3

Google DeepMind in talks with UK unions amid staff concern over US and Israel’s AI use

Yesterday · 14:41 UTC

Exclusive: Google DeepMind agrees to Acas talks after workers sign petitions about governments’ use of AI for defence and intelligenceGoogle DeepMind has agreed to enter formal talks with UK tech workers that could lead…

Read full article →

MIT Technology Review AI

1

Roundtables: Inside the Musk v. Altman Trial

19 May 2026 · 20:15 UTC

Listen to the session or watch below Elon Musk lost his suit against OpenAI, in which he alleged CEO Sam Altman and President Greg Brockman had deceived him over the company’s non-profit status. Watch as AI reporter and…

Read full article →
2

Here’s why Elon Musk lost his suit against OpenAI

19 May 2026 · 00:53 UTC

On Monday, the jury in Musk v. Altman dealt Elon Musk a major blow—reaching a unanimous advisory verdict that he had sued OpenAI too late and, as a result, his claims are barred by the applicable statutes of limitations.…

Read full article →
3

What to expect from Google this week

18 May 2026 · 17:35 UTC

This story originally appeared in The Algorithm, our weekly newsletter on AI. To get stories like this in your inbox first, sign up here. When Google opens its doors tomorrow for its annual developer conference, I/O, it…

Read full article →

The Verge

1

NYC Mayor Zohran Mamdani is launching a Twitch series

Today · 12:22 UTC

New York City Mayor Zohran Mamdani is launching a streaming series on Twitch, in which he'll respond to questions the public have submitted via the chat, Polygon reports. The series is aptly titled "Talk with the People,…

Read full article →
2

Meta lays off thousands of employees to offset AI investments

Today · 09:20 UTC

Meta has reportedly notified thousands of employees that they've been laid off as the company attempts to compensate for its hefty AI investments. In an email from Meta management shared by Business Insider, impacted sta…

Read full article →
3

‘Fuck you, Bambu’: How one private message could change the face of 3D printing

Today · 10:00 UTC

Bambu Lab makes the best, most accessible 3D printers yet, but that reputation is suddenly under siege. It all started when Paweł Jarczak received a private message from the company on Reddit asking him to delete his cod…

Read full article →

Import AI

1

Import AI 457: AI stuxnet; cursed Muon optimizer; and positive alignment

18 May 2026 · 13:31 UTC

Welcome to Import AI, a newsletter about AI research.

Read full article →

ITNews Australia

1

Fears of unfettered hacking spurred by Anthropic's Mythos AI model likely 'overstated'

Yesterday · 20:28 UTC

Analysis: Practitioners see measured risk.

Read full article →
2

Singtel open to selling "meaningful minority stake" in Optus

Today · 04:00 UTC

Tries to attract a "like-minded long-term partner".

Read full article →
3

NT government to spend $5m on payroll automation

Yesterday · 20:20 UTC

Covering its HR core and "complementary solutions".

Read full article →

Ars Technica AI

1

Buckle up: Google is set to remake search with agentic AI in 2026

Yesterday · 17:31 UTC

Google's AI search evolution is accelerating at I/O 2026.

Read full article →
2

The Internet can't stop watching Figure AI's humanoid robots handling packages

Yesterday · 11:00 UTC

Figure AI's 24/7 livestream showcases human soft spot for humanoid robots.

Read full article →
3

Two AI-based science assistants succeed with drug-retargeting tasks

19 May 2026 · 18:55 UTC

Both tools generate hypotheses; one goes on to analyze some of the data.

Read full article →

Google DeepMind

1

Fast-tracking genetic leads to reverse cellular aging

18 May 2026 · 18:21 UTC

Biologists use Co-Scientist to find novel factors that successfully rejuvenate human cells.

Read full article →

NVIDIA AI Blog

1

NVIDIA and Google Cloud Empower the Next Wave of AI Builders

19 May 2026 · 20:30 UTC

At this year’s Google I/O conference, NVIDIA and Google Cloud are accelerating the work of more than 100,000 developers in the companies’ joint developer community, which provides curated learning paths, hands-on labs an…

Read full article →
2

NVIDIA CEO Jensen Huang at Dell Technologies World: ‘Demand Is Going Parabolic, Utterly Parabolic’

18 May 2026 · 22:28 UTC

Agentic AI inference at one-tenth the cost per token with NVIDIA Vera Rubin NVL72. Agent sandboxes run 50% faster on NVIDIA Vera than traditional CPUs — while enterprise data queries are up to 3x faster with the Vera CPU…

Read full article →
3

Vera Arrives: NVIDIA’s First CPU Built for Agents Lands at Top AI Labs

18 May 2026 · 21:48 UTC

The first NVIDIA Vera CPUs arrived at three of the world's leading AI labs on Friday — Anthropic in San Francisco, OpenAI in Mission Bay, SpaceXAI in Palo Alto — followed by a delivery to Oracle Cloud Infrastructure in S…

Read full article →

ABC Technology (AU)

1

Hanson proposes tax break for drilling alongside new gas royalty

Today · 08:41 UTC

The One Nation leader wants a flat royalty on the production of new gas projects.

Read full article →
2

Elon Musk could become world's first trillionaire as SpaceX files for largest IPO ever

Today · 07:28 UTC

Elon Musk's sprawling space exploration company, which also owns Starlink and xAI, was valued at $US1.25 trillion ($1.75 trillion) earlier this year, meaning Musk could become the world's first trillionaire if the offeri…

Read full article →
3

Public transport to remain free in Tasmania for an additional year

Today · 06:03 UTC

The Tasmanian government has committed $24 million in the state budget towards keeping buses and ferries free for one more year.

Read full article →
🏢

Vendor Security

Rapid7 Blog

1

Operationalizing CTEM Faster: Build Surface Command Dashboards in Minutes

Critical

Yesterday · 12:15 UTC

Modern attack surfaces don’t sit still.Cloud expansion, SaaS sprawl, identity complexity, and shadow IT are continuously reshaping organizational risk. For security leaders, visibility isn’t the challenge anymore, but ac…

Read full article →
2

Rapid7’s 2026 Global Cybersecurity Summit: Key Takeaways for Security Leaders

Critical

19 May 2026 · 15:22 UTC

Security teams are working in an environment where speed, scale, and complexity are all increasing at the same time. Across the Rapid7 2026 Global Cybersecurity Summit, the focus was not just on how the threat landscape…

Read full article →

Palo Alto Unit 42

1

The npm Threat Landscape: Attack Surface and Mitigations (Updated May 20)

Critical

Yesterday · 19:30 UTC

Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more. The post The npm Threat Landscape: Attack Surface and Mitigations (Updated May 20)…

Read full article →
2

Tracking TamperedChef Clusters via Certificate and Code Reuse

Yesterday · 10:00 UTC

Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets. The post Tracking TamperedChef Clusters via Certificate and Code Reuse appear…

Read full article →

StepSecurity

1

5 Supply Chain Attacks in 48 Hours: Why Securing One Layer Is Not Enough

Critical

Today · 07:23 UTC

A poisoned VS Code extension breached GitHub. A trojanized PyPI package hit Microsoft. Compromised GitHub Actions and a self-spreading npm worm targeted thousands more. In just 48 hours, attackers hit every layer of the…

Read full article →
2

Dev Machine Guard Now Supports Linux

Yesterday · 17:02 UTC

Dev Machine Guard now supports Linux, giving security teams full visibility into Linux, macOS, and Windows developer machines. Detect AI coding agents, IDE extensions, MCP servers, npm and system packages, and compromise…

Read full article →
3

Nx Console VS Code Extension Compromised

Yesterday · 17:40 UTC

Nx Console VS Code Extension Compromised

Read full article →

Microsoft Threat Intel

1

Exposing Fox Tempest: A malware-signing service operation

Critical

19 May 2026 · 15:07 UTC

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to more effectively distribute malicious code…

Read full article →

Kaspersky Securelist

1

How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)

Critical

Yesterday · 09:02 UTC

We explain how a flaw in ExifTool allows attackers to compromise macOS systems via a malicious image (CVE-2026-3102).

Read full article →
2

IT threat evolution in Q1 2026. Non-mobile statistics

Medium

18 May 2026 · 12:00 UTC

The report presents key trends and statistics on malware that targeted personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during Q1 2026.

Read full article →
3

IT threat evolution in Q1 2026. Mobile statistics

18 May 2026 · 12:00 UTC

This report contains mobile threat statistics for Q1 2026, along with noteworthy discoveries and quarterly trends: new versions of SparkCat and Triada.

Read full article →

Check Point Research

1

18th May – Threat Intelligence Report

High

18 May 2026 · 14:58 UTC

For the latest discoveries in cyber research for the week of 18th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Vodafone, a major international telecom, has sustained a source code leak…

Read full article →

Microsoft Security

1

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

High

Yesterday · 17:48 UTC

Compromised @antv npm packages deploy the Mini Shai-Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and targets credentials across GitHub, AWS, Kuber…

Read full article →
2

Securing the gaming culture of cultures

Yesterday · 16:00 UTC

Read about the unique challenges and rewards of securing gaming platforms and how to better protect gaming communities. The post Securing the gaming culture of cultures appeared first on Microsoft Security Blog.

Read full article →
3

Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow

Yesterday · 15:00 UTC

The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing your email, retriev…

Read full article →

Cisco Talos

1

TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities

High

19 May 2026 · 15:39 UTC

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adobe Photoshop, OpenVPN, and Gen Digital's Norton VPN.The vulnerabilities mentioned in this blog…

Read full article →
2

From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat

19 May 2026 · 10:00 UTC

Cisco Talos has uncovered a BadIIS variant — identifiable by its embedded "demo.pdb" strings — that functions as commodity malware, likely sold or shared among multiple Chinese-speaking cyber crime groups operating under…

Read full article →

AWS Security

1

CIRT insights: How to help prevent unauthorized account removals from AWS Organizations

Medium

19 May 2026 · 21:34 UTC

The AWS Customer Incident Response Team works with customers to help them recover from active security incidents. As part of this work, the team often uncovers new or trending tactics used by various threat actors that t…

Read full article →
2

Why Policy in Amazon Bedrock AgentCore chose Cedar for securing agentic workflows

Yesterday · 20:56 UTC

Agents have agency: they adapt and find multiple ways to solve problems. This autonomy creates a fundamental security challenge: the large language model (LLM) at the heart of the agent is non-deterministic, and its deci…

Read full article →
3

AWS Security Hub Extended: Why enterprise security products should sell themselves

Yesterday · 17:32 UTC

Our largest security services customers started the same way every customer does – with a click. They enabled Amazon GuardDuty, Amazon Inspector, AWS WAF, and AWS Security Hub, experienced the benefits in real time, and…

Read full article →

OpenAI News

1

An OpenAI model has disproved a central conjecture in discrete geometry

Yesterday · 00:00 UTC

An OpenAI model solved the 80-year-old unit distance problem, disproving a major conjecture in discrete geometry and marking a milestone in AI-driven mathematics.

Read full article →
2

How Ramp engineers accelerate code review with Codex

Yesterday · 00:00 UTC

How Ramp engineers use Codex with GPT-5.5 to review code and ship improvements, allowing them to get substantive feedback in minutes instead of hours.

Read full article →
3

The next phase of OpenAI’s Education for Countries

Yesterday · 00:00 UTC

OpenAI advances Education for Countries, expanding AI adoption in schools with new partnerships, teacher training, and tools to improve global learning outcomes.

Read full article →

CrowdStrike Blog

1

How to Protect Identities and Sessions from Infostealers

Yesterday · 05:00 UTC

Read full article →

GitHub Security Blog

1

Investigating unauthorized access to GitHub-owned repositories

Yesterday · 21:07 UTC

If any impact is discovered, customers will be notified via established incident response and notification channels. The post Investigating unauthorized access to GitHub-owned repositories appeared first on The GitHub Bl…

Read full article →