Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-18 08:00 PDT
- Grafana says stolen GitHub token let hackers steal codebase
BleepingComputer • 2026-05-18 06:46 • www.bleepingcomputer.com
Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. […]
https://www.bleepingcomputer.com/news/security/grafana-says-stolen-github-token-let-hackers-steal-codebase/ - How to Reduce Phishing Exposure Before It Turns into Business Disruption
The Hacker News • 2026-05-18 06:00 • thehackernews.com
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks that leave teams unsure what was exposed, who else was targeted, and how far the risk has spread.
Early phishing detection closes that gap. It helps teams move from uncertainty to evidence faster,
https://thehackernews.com/2026/05/how-to-reduce-phishing-exposure-before.html - IT threat evolution in Q1 2026. Mobile statistics
Securelist • 2026-05-18 05:00 • securelist.com
This report contains mobile threat statistics for Q1 2026, along with noteworthy discoveries and quarterly trends: new versions of SparkCat and Triada.
https://securelist.com/malware-report-q1-2026-mobile-statistics/119819/ - IT threat evolution in Q1 2026. Non-mobile statistics
Securelist • 2026-05-18 05:00 • securelist.com
The report presents key trends and statistics on malware that targeted personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during Q1 2026.
https://securelist.com/malware-report-q1-2026-pc-iot-statistics/119828/ - Developer Workstations Are Now Part of the Software Supply Chain
The Hacker News • 2026-05-18 04:23 • thehackernews.com
Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer environments and CI/CD pipelines, including API keys, cloud credentials, SSH keys, and tokens. This is
https://thehackernews.com/2026/05/developer-workstations-are-now-part-of.html - Microsoft testing adjustable taskbar, Start menu in Windows 11
BleepingComputer • 2026-05-18 04:14 • www.bleepingcomputer.com
Microsoft has finally brought back the resizable taskbar and Start menu to Windows 11 in the latest preview version rolling out to Insiders in the Experimental channel. […]
https://www.bleepingcomputer.com/news/microsoft/windows-11-finally-gets-a-resizable-taskbar-and-start-menu/ - Zero-Day Exploit Against Windows BitLocker
Schneier on Security • 2026-05-18 04:08 • www.schneier.comIt’s nasty, but it requires physical access to the computer:
The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, w…
https://www.schneier.com/blog/archives/2026/05/zero-day-exploit-against-windows-bitlocker.html - Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
The Hacker News • 2026-05-18 03:54 • thehackernews.com
Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.
Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.
“External control of a file name
https://thehackernews.com/2026/05/ivanti-fortinet-sap-vmware-n8n-patch.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
