Microsoft Disrupts Major Malware-Signing Service; Critical Cisco Flaw and Defender Bugs Under Active Exploitation

CISA Opens KEV Catalog to Public Submissions to Speed Up Threat Response

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has launched a new public-facing submission process for its Known Exploited Vulnerabilities (KEV) catalog. Announced on May 21, 2026, the initiative allows security researchers, vendors, and the...

Warning: Microsoft Defender Flaws Actively Exploited to Gain SYSTEM Privileges

Microsoft has confirmed that two vulnerabilities in its Microsoft Defender antivirus solution, CVE-2026-41091 and CVE-2026-45498, are being actively exploited in the wild. The more severe flaw, CVE-2026-41091, is a local privilege escalation (LPE) vulnerabilit...

CISA Adds Seven New Vulnerabilities to 'Must-Patch' KEV Catalog

On May 20, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This action, under Binding Operational Directive (BOD) 22-01, mandates that Federal Civilian...

Supply Chain in Crisis: Exploits Now Arrive Before Companies Know They're Vulnerable

A May 2026 report from Black Kite warns of a deepening supply chain security crisis, characterized by 'Velocity Without Visibility.' With over 48,000 CVEs published in 2025, the speed of exploitation has now surpassed the speed of discovery for many organizati...

CrowdStrike: North Korea Stole Billions in Crypto, Financial Sector Attacks Up 43%

CrowdStrike's 2026 Financial Services Threat Landscape Report, released May 20, 2026, details a massive escalation in cyberattacks against the financial sector, driven by North Korean state actors and organized eCrime groups. DPRK-nexus adversaries, such as PR...

Email Under Siege: AI, QR Codes, and Phishing-as-a-Service Fuel Surge in Attacks

Update:New reports indicate a significant escalation in AI-powered phishing, leveraging Generative AI to craft flawless, highly personalized spear-phishing emails. A critical development is the emergence of 'device code phishing,' used by groups like TA4903, which ef...

Cisco Scrambles to Patch Critical 10.0 CVSS Zero-Day in SD-WAN Under Active Attack

Update:New analysis from Rapid7 details the authentication bypass mechanism, involving a crafted handshake sequence that tricks the controller into incorrect authentication. Cisco Talos has officially attributed the active exploitation to UAT-8616, confirming their p...

Anthropic to Brief Global Financial Watchdog on 'Mythos' AI's Ability to Find Novel Cyber Flaws

Update:The Trump administration is set to sign an Executive Order on AI Cybersecurity, establishing a program for voluntary government testing of advanced 'frontier' AI models. This initiative aims to proactively identify vulnerabilities in U.S. critical infrastructu...

State-Sponsored Ransomware Blurs Lines, Increasingly Deployed as Proxy Weapon Against Critical Infrastructure

Update:A new report from May 21, 2026, broadens the understanding of state-sponsored ransomware, identifying Russia, China, and North Korea alongside Iran as key actors. These nations are increasingly leveraging ransomware not only for disruption and plausible deniab...

Microsoft Takedown: 'Fox Tempest' Malware-Signing-as-a-Service Disrupted

Update:New information reveals the Fox Tempest MSaaS takedown was a joint effort by Microsoft, the FBI, and Europol. The service, signspace.cloud, was found to have facilitated attacks by additional ransomware groups, specifically Qilin and Akira, alongside Rhysida....