May 2026

Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence

Uncategorized /

Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence 2026-05-15 at 19:01 By Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence. The vulnerabilities, collectively dubbed Claw Chain by Cyera, can permit an attacker to establish a foothold, expose […]

Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence Read More »

Bill Ackman’s Pershing Square discloses Microsoft stake, touts ‘deeply embedded’ software

Uncategorized /

Bill Ackman’s Pershing Square discloses Microsoft stake, touts ‘deeply embedded’ software 2026-05-15 at 18:31 By Thomas Barrabi Ackman, 60, wrote in a lengthy X post that Microsoft operates “two of the most valuable franchises in enterprise technology” in the form of its 365 productivity apps, which include Word and Excel, and its Azure cloud-computing business.

Bill Ackman’s Pershing Square discloses Microsoft stake, touts ‘deeply embedded’ software Read More »

In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws

Artificial Intelligence, Government, In Other News, Malware & Threats /

In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws 2026-05-15 at 18:30 By SecurityWeek News Other noteworthy stories that might have slipped under the radar: Nvidia cloud gaming data breach, Android 17 security upgrades, FBI warning after ShinyHunters hacks Canvas. The post In Other News: Big Tech

In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws Read More »

GCC Cyber 2026: How Digital Banking Expansion Is Creating a New Attack Surface Attackers Are Already Exploiting

attack surface management, cyber news, cybersecurity, GCC /

GCC Cyber 2026: How Digital Banking Expansion Is Creating a New Attack Surface Attackers Are Already Exploiting 2026-05-15 at 17:46 By Ashish Khaitan The Gulf Cooperation Council (GCC) region has spent the last several years building one of the world’s most ambitious digital economies. Across Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, and the UAE, governments

GCC Cyber 2026: How Digital Banking Expansion Is Creating a New Attack Surface Attackers Are Already Exploiting Read More »

Google lets Workspace admins apply one policy across all SAML apps

Google, Google Workspace, News, SSO, update /

Google lets Workspace admins apply one policy across all SAML apps 2026-05-15 at 16:07 By Sinisa Markovic Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third-party or internal applications that use the Security Assertion Markup Language (SAML) protocol to enable single sign-on

Google lets Workspace admins apply one policy across all SAML apps Read More »

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)

0-day, APT, Cisco, Don't miss, Hot stuff, News, Rapid7, SD-WAN /

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) 2026-05-15 at 16:07 By Zeljka Zorz Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cyber threat actor”. About CVE-2026-20182 CVE-2026-20182 – affecting both Cisco Catalyst SD-WAN Controller (the “brain” of the Cisco

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) Read More »

Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild

email security, Exchange, exploited, Microsoft Exchange, Vulnerabilities, Zero-Day /

Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild 2026-05-15 at 15:32 By Eduard Kovacs Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions. The post Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt

Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild Read More »

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface

Uncategorized /

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface 2026-05-15 at 15:32 By In Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust, we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration.

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface Read More »

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

Uncategorized /

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates 2026-05-15 at 15:32 By OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates Read More »

Everybody on Wall Street is ridiculing Ryan Cohen’s $56B eBay bid — but I’m not so sure

Uncategorized /

Everybody on Wall Street is ridiculing Ryan Cohen’s $56B eBay bid — but I’m not so sure 2026-05-15 at 14:32 By Charles Gasparino GameStop is a lousy business, which CEO Cohen readily admits, but somehow he has made it work. This article is an excerpt from Latest Technology News | New York Post View Original

Everybody on Wall Street is ridiculing Ryan Cohen’s $56B eBay bid — but I’m not so sure Read More »

Akamai to acquire LayerX for $205 million

Akamai, Industry news, LayerX /

Akamai to acquire LayerX for $205 million 2026-05-15 at 14:32 By Industry News Akamai has entered into a definitive agreement to acquire LayerX, a provider of browser-based AI usage control and secure enterprise browser (SEB) technology. LayerX’s solutions will extend Akamai’s protection into the browser, where the majority of enterprise tasks now occur and where

Akamai to acquire LayerX for $205 million Read More »

Thieves unlock stolen iPhones using cheap tools sold on Telegram

apple, cybercrime, Infoblox, iPhone, News, social engineering, Telegram /

Thieves unlock stolen iPhones using cheap tools sold on Telegram 2026-05-15 at 14:32 By Sinisa Markovic Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishing infrastructure used to monetize stolen iPhones. Activation Lock can remotely disable a stolen iPhone and prevent normal resale, with

Thieves unlock stolen iPhones using cheap tools sold on Telegram Read More »

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)

Don't miss, Hot stuff, Microsoft, Microsoft Exchange, News, vulnerability /

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) 2026-05-15 at 14:32 By Zeljka Zorz A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still in the works. In the meantime, Microsoft provided temporary mitigations. About CVE-2026-42897 CVE-2026-42897 affects on-premises versions of

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) Read More »

Rocky Linux launches opt-in security repository for urgent fixes

cybersecurity, Linux, News, operating system /

Rocky Linux launches opt-in security repository for urgent fixes 2026-05-15 at 14:32 By Sinisa Markovic Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code exists and upstream patches are unavailable. “The repository is disabled by default. That’s intentional. The

Rocky Linux launches opt-in security repository for urgent fixes Read More »

American Lending Center Data Breach Affects 123,000 Individuals

ALC, American Lending Center, data breach, Data Breaches, Ransomware /

American Lending Center Data Breach Affects 123,000 Individuals 2026-05-15 at 14:32 By Eduard Kovacs The non-bank lender discovered a ransomware attack nearly one year ago, but only recently completed its investigation. The post American Lending Center Data Breach Affects 123,000 Individuals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

American Lending Center Data Breach Affects 123,000 Individuals Read More »

OpenAI Hit by TanStack Supply Chain Attack

AI, Artificial Intelligence, certificates, OpenAI, supply chain attack, Supply Chain Security, TanStack /

OpenAI Hit by TanStack Supply Chain Attack 2026-05-15 at 14:32 By Ionut Arghire Two employee devices were compromised in the attack, and credential material was stolen from OpenAI code repositories. The post OpenAI Hit by TanStack Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

OpenAI Hit by TanStack Supply Chain Attack Read More »

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code

Malware, Malware & Threats, Shai-Hulud, source code, Supply Chain Security, TeamPCP, worm /

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code 2026-05-15 at 14:32 By Ionut Arghire The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards. The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code Read More »

Scroll to Top