12 News Items
THN · BleepingComputer · Krebs · Dark Reading · SANS
THN · BleepingComputer · Krebs · Dark Reading · SANS
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of May 18, 2026.
-
The Boring Stuff is Dangerous Now
— Dark Reading
AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentia… -
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
— Bleeping Computer
A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets… -
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
— Bleeping Computer
The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 account… -
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
— The Hacker News
A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public di… -
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
— The Hacker News
Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment… -
Microsoft rejects critical Azure vulnerability report, no CVE issued
— Bleeping Computer
A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a… -
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
— The Hacker News
A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject… -
Russian hackers turn Kazuar backdoor into modular P2P botnet
— Bleeping Computer
The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) botnet designed fo… -
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
— The Hacker News
The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet… -
Cyber Pioneers Ponder Past as Prologue
— Dark Reading
Robert "RSnake" Hansen, Katie Moussouris, Rich Mogull, Richard Stiennon, and Bruce Schneier reflect on how their favorite columns penned for… -
[Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
— SANS ISC

 
 :root {
 –isc-maroon: #7a1f1f;
 –isc-maroon-dark: #5e1717;
 –isc-lin… -
ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
— SANS ISC
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Generated by HiveNet.ai Threat Intelligence Platform · May 18, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC