Massive Canvas Breach, 'Mini Shai-Hulud' Supply Chain Worm, and Microsoft's Largest Patch Tuesday of the Year

American Lending Center Discloses 2025 Ransomware Attack, Notifying 123,000 Individuals of Data Breach

The American Lending Center (ALC) is notifying over 123,000 individuals that their sensitive personal information, including Social Security numbers and financial data, was compromised during a ransomware attack that occurred in July 2025. The significant delay in notification—with the breach review concluding in April 2026—has prompted investigations by multiple class-action law firms into the company's data security practices and response.

financial servicesSSNPIIclass actionbreach notification +1 more

5 min read

American Lending Center Breach Exposes 123K SSNs from 2025 Ransomware Attack

Foxconn Hit by Nitrogen Ransomware; Gang Claims Theft of Apple, Intel Data

Foxconn Confirms Ransomware Attack by Nitrogen Gang on North American Factories

Global electronics manufacturer Foxconn has confirmed a ransomware attack that disrupted operations at its North American factories. The Nitrogen ransomware gang, believed to be an offshoot of the Conti group, has claimed responsibility. The attackers allege they stole 8 terabytes of data, including sensitive project files related to Foxconn's high-profile clients like Apple, Intel, and Google, and have posted samples on their dark web leak site.

manufacturingsupply chainintellectual propertydark webdata leak +1 more

5 min read

Foxconn Hit by Nitrogen Ransomware; Gang Claims Theft of Apple, Intel Data

Microsoft's May Patch Tuesday: 137 Flaws Fixed, Including Critical Netlogon RCE

Microsoft Patches 137 Vulnerabilities in May 2026 Update, Breaking 22-Month Zero-Day Streak

Microsoft's May 2026 Patch Tuesday is one of the largest of the year, addressing 137 vulnerabilities. In a notable break from a 22-month trend, no actively exploited zero-day vulnerabilities were fixed. The update includes patches for 30 critical flaws, most notably a 9.8 CVSS RCE in the Windows Netlogon service (CVE-2026-41089) and another 9.8 CVSS RCE in the Windows DNS Client (CVE-2026-41096), both of which require immediate attention.

Patch TuesdayWindows UpdateNetlogonDNSRCE +2 more

Microsoft's May Patch Tuesday: 137 Flaws Fixed, Including Critical Netlogon RCE

CISA and G7 Partners Release New Guidance for AI SBOMs

INFORMATIONAL

CISA and G7 Issue Joint Guidance for AI Software Bill of Materials to Boost Transparency

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and its G7 partners have published new joint guidance on the minimum elements for a Software Bill of Materials for Artificial Intelligence (AI SBOM). The guidance aims to increase transparency and security in the AI supply chain by providing a framework for documenting the components, models, and data used to build AI systems. While not mandatory, it is expected to become a standard for procurement and risk management.

AIArtificial IntelligenceSBOMsupply chain securityCISA +2 more

CISA and G7 Partners Release New Guidance for AI SBOMs

Industrial Sector Most Targeted by Ransomware, NCC Group Report Warns

NCC Group Report: Industrial Sector Hit by Over 2,000 Ransomware Attacks in One Year

A new report from NCC Group highlights the severe and escalating cyber risk facing the Operational Technology (OT) sector. The analysis, covering March 2025 to March 2026, found that the industrial sector was the most frequent target of ransomware, suffering 2,073 documented attacks. The report warns that the convergence of IT and OT systems is creating new avenues for attack that could lead to severe real-world consequences, including production halts and threats to public safety.

OT SecurityICS SecurityIT-OT convergencecritical infrastructuremanufacturing +1 more

Industrial Sector Most Targeted by Ransomware, NCC Group Report Warns

OpenAI Launches 'Daybreak' to Automate Vulnerability Hunting with AI

INFORMATIONAL

OpenAI Unveils 'Daybreak' Initiative to Compete with Anthropic in AI-Powered Cyber Defense

OpenAI has launched 'Daybreak,' a new cybersecurity initiative that uses its advanced AI models, including the new GPT-5.5-Cyber, to help organizations automatically find, validate, and remediate software vulnerabilities. Announced on May 12, 2026, the platform is a direct response to Anthropic's 'Project Glasswing,' marking a new front in the competition to apply frontier AI to solve complex cybersecurity challenges.

AIArtificial Intelligencevulnerability managementautomationAppSec +1 more

OpenAI Launches 'Daybreak' to Automate Vulnerability Hunting with AI

Frame Security Launches with $50M to Combat AI-Powered Phishing and Deepfakes

INFORMATIONAL

Frame Security Debuts with $50M in Funding to Fight AI-Driven Social Engineering

A new cybersecurity startup, Frame Security, has launched with $50 million in funding to tackle the growing threat of AI-powered social engineering. Founded by veterans of Wiz and Israel's Unit 8200, Frame is building a 'human risk security' platform. It uses AI to generate hyper-realistic attack simulations and provide continuous, personalized security training to employees, aiming to fortify the human layer against threats like deepfakes and advanced phishing.

startupventure capitalsecurity awarenesshuman firewallsocial engineering +2 more

Frame Security Launches with $50M to Combat AI-Powered Phishing and Deepfakes

Siemens Patches Critical Flaws in SIMATIC S7 PLCs, RUGGEDCOM Devices

Siemens ICS Patch Tuesday: 18 Advisories Address Critical Vulnerabilities in Industrial Systems

As part of the May 2026 Patch Tuesday cycle, Siemens has released 18 security advisories for its industrial products, addressing numerous critical and high-severity vulnerabilities. The patches cover widely used devices, including SIMATIC S7 PLCs and RUGGEDCOM networking equipment. Several flaws, such as critical Cross-Site Scripting (XSS) bugs in S7 web servers (CVE-2026-25786, CVE-2026-25787), could lead to remote code execution or device takeover, posing a significant risk to OT environments.

ICSOTPLCSCADAvulnerability +2 more

WebdriverIO Flaw (CVSS 9.8) Allows CI/CD Takeover via Malicious Git Branches

Critical Command Injection Vulnerability Discovered in WebdriverIO Framework

A critical command injection vulnerability, CVE-2026-25244, with a CVSS score of 9.8, has been found in the popular WebdriverIO open-source testing framework. The flaw exists in the '@wdio/browserstack-service' package and can be triggered by a specially crafted git branch name. Successful exploitation could allow an attacker to execute arbitrary commands, leading to a complete takeover of developer machines or CI/CD build servers.

WebdriverIOcommand injectionCI/CD securityDevSecOpssupply chain attack +2 more

WebdriverIO Flaw (CVSS 9.8) Allows CI/CD Takeover via Malicious Git Branches

Updated Articles (2)

UK Water Company Fined £1M After Cl0p Lurked on Network for 20 Months Undetected

South Staffordshire Water Fined Nearly £1 Million by ICO for Failures Leading to Cl0p Ransomware Breach

Update:

New analysis of the Cl0p ransomware breach at South Staffordshire Water includes additional MITRE ATT&CK techniques. Beyond initial spearphishing, the attackers likely used persistence mechanisms like Registry Run Keys or Scheduled Tasks, harvested credentials via LSASS Memory, and employed lateral tool transfer for movement. The final stages involved exfiltration over alternative protocols and data encryption for impact, providing a more comprehensive technical overview of the attack chain.

May 11, 2026

Updated: May 13, 2026

Data BreachICOFineCl0pRansomware +4 more

UK Water Company Fined £1M After Cl0p Lurked on Network for 20 Months Undetected

ShinyHunters Claims Massive Canvas Breach, Disrupting 275 Million Users at 9,000 Institutions