Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-14 13:00 PDT
- Suspected Dream Market kingpin arrested after gold bars sent to his home address
Graham Cluley • 2026-05-14 12:46 • www.bitdefender.com
Lesson one for aspiring dark web kingpins: don’t have your laundered gold bars shipped to your home address.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/dream-market-kingpin-arrested-gold-bars - OpenAI confirms security breach in TanStack supply chain attack
BleepingComputer • 2026-05-14 12:07 • www.bleepingcomputer.com
OpenAI says two employees’ devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications as a precaution. […]
https://www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/ - Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
BleepingComputer • 2026-05-14 11:53 • www.bleepingcomputer.com
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. […]
https://www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/ - Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
The Hacker News • 2026-05-14 10:45 • thehackernews.com
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks.
The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0.
“A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly
https://thehackernews.com/2026/05/cisco-catalyst-sd-wan-controller-auth.html - Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
The Hacker News • 2026-05-14 10:22 • thehackernews.com
Cybersecurity researchers are sounding the alarm about what has been described as “malicious activity” in newly published versions of node-ipc.
According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious –node-ipc@9.1.6
node-ipc@9.2.3
node-ipc@12.0.1“Early analysis indicates that node-ipc@9.1.6, node-ipc@9.2.3, and node-ipc@12.0.1
https://thehackernews.com/2026/05/stealer-backdoor-found-in-3-node-ipc.html - ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
The Hacker News • 2026-05-14 09:07 • thehackernews.com
Everything is still on fire.
This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years ago.
The mess keeps getting louder: users get tricked, boxes get popped, tools meant for normal work
https://thehackernews.com/2026/05/threatsday-bulletin-pan-os-rce-mythos.html - Upcoming Speaking Engagements
Schneier on Security • 2026-05-14 09:01 • www.schneier.comThis is a current list of where and when I am scheduled to speak:
- I’m giving a virtual talk on “The Security of Trust in the Age of AI,” hosted by the Financial Women’s Association of New York, at 6:00 PM ET on May 21, 2026.
- I’m speaking at the Potsdam Conference on National Cybersecurity at the Hasso Plattner Institut in Potsdam, Germany. The event runs June 24–25, 2026, and my talk will be the evening of June 24.
- I’m speaking at the https://www.schneier.com/blog/archives/2026/05/upcoming-speaking-engagements-56.html
- 18-year-old NGINX vulnerability allows DoS, potential RCE
BleepingComputer • 2026-05-14 08:43 • www.bleepingcomputer.com
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. […]
https://www.bleepingcomputer.com/news/security/18-year-old-nginx-vulnerability-allows-dos-potential-rce/ - Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
BleepingComputer • 2026-05-14 08:21 • www.bleepingcomputer.com
Cargo theft now starts with phishing emails and stolen credentials, not hijackings, to reroute and steal freight from supply chains. NMFTA outlines how cyber-enabled cargo crime is changing transportation security. […]
https://www.bleepingcomputer.com/news/security/cyber-enabled-cargo-crime-how-cybercrime-tradecraft-is-used-to-steal-freight/ - Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Hacker News • 2026-05-14 07:00 • thehackernews.com
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine.
Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It’s also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC‑0057
https://thehackernews.com/2026/05/ghostwriter-targets-ukrainian.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
