Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-11 17:00 PDT
- GM agrees to $12.75M California settlement over sale of drivers’ data
BleepingComputer • 2026-05-11 15:40 • www.bleepingcomputer.com
California Attorney General Rob Bonta announced a proposed $12.75 million settlement agreement with General Motors (GM) over allegations that the company violated the California Consumer Privacy Act (CCPA). […]
https://www.bleepingcomputer.com/news/legal/gm-agrees-to-1275m-california-settlement-over-sale-of-drivers-data/ - Welcoming the Bangladesh Government to Have I Been Pwned
Troy Hunt • 2026-05-11 15:27 • www.troyhunt.comToday, we welcome the 43rd government onboarded to Have I Been Pwned's free gov service, Bangladesh. The BGD e-GOV CIRT department now has full access to query all their government domains via API, and monitor them against future breaches.
Bangladesh joins a growing list of national governments using
https://www.troyhunt.com/welcoming-the-bangladesh-government-to-have-i-been-pwned/
- Apple Patches Everything, (Mon, May 11th)
SANS ISC Diary (full) • 2026-05-11 15:19 • isc.sans.eduApple today released its typical feature update across it's operating systems (iOS, iPadOS, macOS, tvOS, watchOS, vision OS). With this update, Apple patched 84 different vulnerabilities. Updates are available for the “26” series of operating systems, as well as for the previous “18” version of iOS/iPadOS, and two versions back for macOS (version 14 and 15).
- Official CheckMarx Jenkins package compromised with infostealer
BleepingComputer • 2026-05-11 15:03 • www.bleepingcomputer.com
Checkmarx warned over the weekend that a rogue version of its Jenkins Application Security Testing (AST) plugin had been published on the Jenkins Marketplace. […]
https://www.bleepingcomputer.com/news/security/official-checkmarx-jenkins-package-compromised-with-infostealer/ - New GhostLock tool abuses Windows API to block file access
BleepingComputer • 2026-05-11 15:02 • www.bleepingcomputer.com
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares. […]
https://www.bleepingcomputer.com/news/security/new-ghostlock-tool-abuses-windows-api-to-block-file-access/ - TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack
The Hacker News • 2026-05-11 11:30 • thehackernews.com
Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace.
“If you are using Checkmarx Jenkins AST plugin, you need to ensure that you are using the version 2.0.13-829.vc72453fa_1c16 that was published on December 17, 2025 or previously,” the cybersecurity company said in a statement over the weekend.
As of writing, Checkmarx has released
https://thehackernews.com/2026/05/teampcp-compromises-checkmarx-jenkins.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
