CISA Contractor Leaked AWS GovCloud Credentials & Internal Data
A CISA contractor operating a public GitHub repository named "Private-CISA" exposed highly privileged AWS GovCloud…
Supply Chain Attack Floods npm & PyPI with Malicious Packages
Hundreds of malicious package versions were uploaded across both the npm and PyPI ecosystems in…
Microsoft Exchange Server Zero-Day Exploited In-The-Wild
Microsoft Exchange Server [CVE-2026-42897] Zero-Day Exploited In-The-Wild On May 14, 2026, Microsoft publicly disclosed CVE-2026-42897,…
Microsoft Windows Zero-Days ‘YellowKey’ & ‘GreenPlasma’ Exploited
Two new zero-day exploits, 'YellowKey' and 'GreenPlasma,' affecting Microsoft Windows, were publicly disclosed on May…
Nitrogen Ransomware Hits West Pharma, Foxconn Supply Chains
West Pharmaceutical Services confirmed a ransomware attack on May 4, 2026, leading to significant disruption…
Linux Zero-Day Exploit: 732-Byte Attack Grants Root Access
A critical Linux kernel zero-day exploit, disclosed on May 13, 2026, allows attackers to gain…
ShinyHunters Breaches Canvas LMS, Impacts 275 Million Users
A breach of Instructure's Canvas Learning Management System (LMS) by the ShinyHunters cybercrime group exposed…
Ivanti EPMM Zero-Day Exploited in Targeted Attacks, Patches
On May 8, 2026, Ivanti released security updates for its Endpoint Manager Mobile (EPMM) product…
ShinyHunters Breach Canvas LMS, Impacts 275 Million Users
ShinyHunters claims to have exfiltrated data from Instructure's Canvas Learning Management System (LMS), impacting an…
Google Detects First AI-Generated Zero-Day Exploit
Google's Threat Intelligence Group (GTIG) reported on May 11, 2026, that a prominent cybercrime group…