DJBSEC's CyberNews 2026-05-13

Created in May 13, 2026

2026   ·   Daily News   ·   News

Today’s daily news covers the following categories: Data Breach Privacy Vulnerability Malware Policy & Legislation Threat Intelligence Authentication Nation-State/APT

Foxconn Confirms Cyberattack Following Data Theft Claims

Data Breach
Foxconn has confirmed a cyberattack after the Nitrogen ransomware group claimed it stole sensitive data related to Apple and NVIDIA. The attackers allegedly gained access to internal systems and exfiltrated corporate information before making public extortion claims. Foxconn is investigating the scope of the breach and assessing potential impact on partners and customers. Incidents involving major manufacturers raise concerns about supply chain exposure across the technology sector. The attack highlights how ransomware groups continue targeting globally connected enterprises for maximum leverage.
Read More

Hackers Accessed BWH Hotels Reservation Systems for Months

Data Breach
BWH Hotels disclosed that attackers maintained access to its reservation systems for several months before detection. During that time, threat actors may have accessed customer information and booking-related data. Long-term unauthorized access increases the likelihood of extensive data exposure and operational risk. The company is working with investigators and security teams to determine the full scope of the incident. The breach highlights the importance of continuous monitoring and rapid detection capabilities in hospitality environments.
Read More

UK Water Supplier Fined $13 Million Over Customer Data Exposure

Privacy
UK regulators have fined a water supplier approximately $13 million after the exposure of data belonging to 664,000 customers. Authorities determined that inadequate security controls contributed to the incident and failed to protect sensitive information. The penalty reflects increasing regulatory pressure on organizations handling critical infrastructure and customer data. Regulators emphasized that companies must implement stronger protections and accountability measures. The case demonstrates how privacy failures can result in significant financial and reputational damage.
Read More

Multiple Fortinet Enterprise Product Vulnerabilities Disclosed

Vulnerability
Researchers have identified multiple vulnerabilities affecting Fortinet enterprise products, potentially exposing organizations to remote attacks and unauthorized access. The flaws impact systems commonly used for network security and infrastructure management. Successful exploitation could allow attackers to bypass defenses or compromise sensitive environments. Fortinet has released patches and urged customers to update immediately. Security teams are advised to review configurations and monitor for signs of exploitation.
Read More

Sophos Warns of Expanding Supply Chain Attack Activity

Malware
Sophos has released new research detailing the growing threat posed by software supply chain attacks. Attackers are increasingly compromising trusted tools, packages, and development environments to distribute malware at scale. These attacks are particularly dangerous because malicious code can spread through legitimate software updates. Researchers warn that organizations relying heavily on open-source ecosystems face elevated risk. Companies are being urged to strengthen dependency management and software verification processes.
Read More

Ivanti Patches Multiple Security Vulnerabilities

Vulnerability
Ivanti has released patches for multiple vulnerabilities affecting its enterprise products. Some of the flaws could allow remote code execution or unauthorized access if exploited successfully. Given Ivanti’s role in remote access and endpoint management environments, attackers frequently target these systems. Organizations are being urged to prioritize patching due to the likelihood of active exploitation attempts. Security teams should also review logs and monitor for suspicious activity following updates.
Read More

RubyGems Suspends New Signups After Security Incident

Policy & Legislation
RubyGems temporarily suspended new account registrations following a security incident affecting the platform. Administrators took the precautionary step to prevent further abuse while investigating suspicious activity. Package repositories remain high-value targets because they can be leveraged in supply chain attacks. The incident highlights ongoing risks facing open-source ecosystems and developer infrastructure. Security experts recommend stronger authentication and monitoring controls across software registries.
Read More

Threat Actors Abuse Vercel AI Tools in Attacks

Threat Intelligence
Threat actors are leveraging Vercel’s AI-related tooling to support malicious activity and phishing operations. By abusing trusted development and hosting infrastructure, attackers can blend malicious content with legitimate services. Researchers say these tactics make detection more difficult and improve attack credibility. The trend reflects broader abuse of cloud and AI platforms across cybercrime operations. Organizations should monitor trusted platforms for suspicious behavior and unauthorized use.
Read More

Hackers Hijack Microsoft Teams Accounts

Authentication
Attackers are hijacking Microsoft Teams accounts through phishing, token theft, and session hijacking techniques. Once inside an organization’s collaboration environment, attackers can impersonate employees and spread additional attacks internally. Trusted communication platforms like Teams are increasingly being used for lateral movement and social engineering. Researchers warn that stolen session tokens can bypass traditional MFA protections. Organizations should implement phishing-resistant authentication and monitor collaboration platforms closely.
Read More

North Korean Hackers Weaponize Git Hooks

Nation-State/APT
North Korean threat actors are weaponizing Git hooks to compromise developer environments and execute malicious code automatically. By abusing built-in Git functionality, attackers can establish persistence and infect systems during routine development activity. The tactic is especially dangerous because it targets trusted workflows inside software engineering environments. Researchers believe the campaign is tied to broader supply chain and espionage operations. Organizations should audit repositories carefully and restrict untrusted scripts within development pipelines.
Read More

Claude Chrome Extension Vulnerability Exposes Users

Vulnerability
A vulnerability affecting the Claude Chrome extension could expose users to unauthorized access or sensitive data leakage. Researchers found that attackers may be able to exploit weaknesses in extension permissions and browser interactions. Browser extensions remain attractive targets because they often have broad access to user sessions and data. The issue highlights the growing security risks surrounding AI-powered browser tools. Users are advised to update extensions promptly and limit unnecessary permissions.
Read More

Mini Shai-Hulud Worm Targets Enterprise Environments

Malware
Researchers have identified a new worm known as Mini Shai-Hulud that is capable of spreading rapidly across enterprise environments. The malware uses self-propagation techniques to move laterally and compromise connected systems. Once inside a network, it can deploy additional payloads and establish persistence. The worm’s behavior raises concerns about rapid operational disruption in large organizations. Security teams are being urged to strengthen segmentation and monitor for unusual internal traffic patterns.
Read More

OpenAI Releases Daybreak Security Fixes

Vulnerability
OpenAI has released fixes for vulnerabilities affecting its Daybreak platform and related services. The flaws could potentially expose sensitive data or allow unauthorized interactions with AI systems. As AI platforms become more deeply integrated into enterprise workflows, securing them is becoming increasingly critical. Researchers warn that attackers are actively probing AI ecosystems for weaknesses. Organizations using AI services are encouraged to apply updates and review security configurations.
Read More

BitUnlocker Downgrade Attack Targets Windows 11

Vulnerability
Researchers have demonstrated a downgrade attack called BitUnlocker that targets Windows 11 systems. The technique can weaken encryption protections and potentially expose protected data. Downgrade attacks are especially dangerous because they exploit trust in older, less secure components. Security experts warn that such techniques may be used to bypass modern protections. Organizations should ensure systems are fully updated and review device security configurations.
Read More

TanStack NPM Packages Compromised in Supply Chain Attack

Malware
Several TanStack NPM packages were reportedly compromised as part of a software supply chain attack. Attackers inserted malicious code into trusted packages used by developers across multiple projects. Once installed, the compromised packages could execute unauthorized actions or steal sensitive data. The incident demonstrates the ongoing risks associated with open-source dependency ecosystems. Developers are advised to verify package integrity and audit dependencies for suspicious changes.
Read More



Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • DJBSEC's CyberNews 2026-06-01
  • DJBSEC's CyberNews 2026-05-29
  • DJBSEC's CyberNews 2026-05-28
  • DJBSEC's CyberNews 2026-05-27
  • DJBSEC's CyberNews 2026-05-26