Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub
Where it’s been well and truly forked, seemingly without Microsoft’s code locker noticing
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Man jailed for packing printer with something more expensive than toner: Cocaine
Class A drugs loaded instead of A4
Vietnam to develop domestic cloud so it can ditch risky overseas operators for government workloads
Communist government plans personalized ‘data-driven decision-making based on real-time information’ by 2035
Execs admit AI makes them value human workers less
As suits say they're burning cash on brainboxes without seeing results
Doozy of a Patch Tuesday includes 30 critical Microsoft CVEs
The good news: no 0-days. The bad news: busy week ahead for Microsoft admins
US govt seeks Instructure testimony on massive Canvas cyberattack
The U.S. House Committee on Homeland Security is calling on Instructure executives to testify about two cyberattacks by the ShinyHunters extortion group that targeted the company's…
Google users fight for refunds as unauthorized API usage bills soar
'What the hell is going on? It's just draining my money'
Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files
Affected factories back up and running, we're told
Patch Tuesday, May 2026 Edition
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in huma…
Google launches line of Android laptops festooned with Gemini AI
If you're not a fan of having AI baked into your OS, look elsewhere
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
It's the first time in two years with no zero-days. But with 137 flaws to patch, including nine critical ones, admins still have plenty of work to do.
Hollywood A-listers back proposed standard that would pay them when AI uses their likeness or work
RSL Media expands machine-readable licensing rules to cover AI use of identities and creative works
UK fines water supplier $1.3M for exposing data of 664k customers
The Information Commissioner's Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the…
Webinar: Fixing the gaps in network incident response
IT teams often struggle to quickly coordinate responses across disparate systems during network incidents. This upcoming webinar explores how automation and AI-assisted workflows c…
Signal adds security warnings for social engineering, phishing attacks
Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fr…
Microsoft releases Windows 10 KB5087544 extended security update
Microsoft has released the Windows 10 KB5087544 extended security update to fix the May 2026 Patch Tuesday vulnerabilities and resolve an issue with the new Remote Desktop warnings…
Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code. [...]
Windows 11 KB5089549 & KB5087420 cumulative updates released
Microsoft has released Windows 11 KB5089549 and KB5087420 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]
Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed this month. [...]
Microsoft Patches 137 Vulnerabilities
Fresh security updates resolve critical flaws in Azure, Windows, Dynamics 365, and the SSO Plugin for Jira & Confluence. The post Microsoft Patches 137 Vulnerabilities appeared fir…
Exaforce Raises $125 Million for Agentic SOC Platform
Exaforce has raised a total of $200 million and plans on using the latest investment for product development and international expansion. The post Exaforce Raises $125 Million for…
HPE revamps private cloud stack for enterprises rethinking VMware
HPE this week announced updates to its private cloud, storage, and data-protection portfolio aimed at enterprise customers who are reevaluating their VMware strategies and looking …
Škoda warns of customer data breach after online shop hack
Škoda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclos…
US Army goes green-ish, wants soldiers munching on plant proteins
Powders, gels, and fermented nutrients could someday join the battlefield menu
Android 17 to expand banking scam call and privacy protections
Android 17, expected to roll out next month, will introduce several security and privacy features focused on device theft, threat detection, and banking scam calls. [...]
FCC walks back router update ban before it bricks America's network security
Quietly extends waivers to 2029 after realizing it was about to leave millions of devices unpatched
Adobe Patches 52 Vulnerabilities in 10 Products
While none of the flaws have been exploited in the wild, many of them could lead to arbitrary code execution. The post Adobe Patches 52 Vulnerabilities in 10 Products appeared firs…
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an …
Congress investigates Canvas breach as company pays ransom
Instructure CEO Steve Daly's got some explaining to do
PP109: ThreatLocker Enforces Zero Trust With Strict Application Control (Sponsored)
ThreatLocker takes an opinionated approach to Zero Trust. The company, our sponsor for today’s episode, starts with application control. It uses endpoint software that runs on PCs …