Key TakeawaysCritical flaws patched: Security updates address vulnerabilities allowing remote code execution on unpatched Fortinet systems.Systems at risk: The vulnerabilities impact specific versions of FortiAuthenticator…

Key TakeawaysRansom paid: Instructure compensated the ShinyHunters cybercriminal group following the Canvas data theft.Data compromised: Hackers claimed to steal records from 9,000 customers, threatening a…

Key TakeawaysWidespread breaches: Over 70% of surveyed organizations experienced at least one identity-related breach in the past 12 months.Ransomware pipeline: Over two-thirds of ransomware victims…

Key TakeawaysE-comm infrastructure compromised: Skoda Auto confirmed a cybersecurity incident affecting its online retail platform.Customer data exfiltration: Threat actors possibly obtained names, addresses, and cryptographically…

Key TakeawaysAttack volumes decrease: The share of organizations affected by ransomware decreased globally in 2025.Evasion tactics escalate: Attackers increasingly deploy EDR killers and BYOVD techniques…

Key TakeawaysCritical cPanel vulnerability: CVE-2026-41940 maintains a 9.8 CVSS score and facilitates complete administrative privilege escalation.Global attack infrastructure: Threat intelligence analysis documented over 2,000 attacking…

Key TakeawaysRogue plugin: A malicious version of the Checkmarx Jenkins AST plugin was published on the Jenkins Marketplace.TeamPCP claims responsibility: The threat group utilized credentials…

Key TakeawaysZero-day discovery: GTIG identified a criminal actor utilizing an AI-developed zero-day exploit for the first time.Exploitation event prevented: Proactive counter-discovery disrupted a planned mass…

Key TakeawaysMalvertising campaign: Attackers abuse Google Ads and legitimate Claude.ai shared chats to push macOS malware.Terminal commands weaponized: Fake installation guides trick users into executing…

Key TakeawaysRansomware incident: Italian jewelry manufacturer Unoaerre confirmed it suffered a confirmed cyberattack on May 10, 2026.Operations temporarily halted: Management evacuated the manufacturing plant and…

Frank Koelmel – Bitdefender Bitdefender appoints Frank Koelmel as Chief Revenue Officer for its Business Solutions Group, adding leadership to drive global growth and go-to-market…

From ransomware operators landing in U.S. prisons to a DNSSEC failure briefly knocking millions of German websites offline, this week’s cyber landscape reflects attacks that…

Key TakeawaysDatabase deletion incident: Following employment termination, two brothers unlawfully deleted approximately 96 federal government databases.Federal jury conviction: Sohaib Akhter found guilty of computer fraud…

Key TakeawaysCloud credential theft: SentinelLABS identified PCPJack, a framework that worms across cloud infrastructure and removes TeamPCP artifacts.No cryptominers deployed: The toolset targets Docker, Kubernetes,…

Key TakeawaysThreat actor claims: The RansomHouse hacking group claimed responsibility for the cyberattack targeting the Trellix cybersecurity firm.Incident status confirmed: Trellix confirmed unauthorized access to…

Key TakeawaysCompromised user data: HIBP said the breach impacted 447,600 Woflow accounts, exposing email addresses, names, phone numbers, and physical addresses.Extortion group claims: The ShinyHunters…

Key TakeawaysSignal disruption: A rogue General Alarm caused a 48-minute operational halt to three high-speed trains due to cloned radio signals.TETRA vulnerability exploited: A 23-year-old…

Key TakeawaysVoIP provider abuse: Six of the ten largest scam campaigns relied on VoIP infrastructure due to the ease of API-driven provisioning.Extended number lifespan: The…

Key TakeawaysMalicious NuGet packages: Five compromised packages impersonating Chinese .NET libraries under the publisher account bmrxntfj.Extensive data theft: The .NET Reactor-protected infostealer targets browsers, cryptocurrency…

Key TakeawaysActive exploitation: The CopyFail bug is actively exploited and has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog.Broad impact: The vulnerability affects Linux…