May, 2026
May 29, 2026 – General
Cheap AI has changed the economics of hacking Full Text
Abstract
COMMENTARY: There’s a war of attrition happening across corporate networks right now, and defenders are losing it the same way armies lose wars of attrition: by spending more per engagement than their opponents. The cost of mounting a cyberattack has plummeted, and most security budgets are not attuned to that reality.SC Media
May 27, 2026 – Policy and Law
ROMANIAN HACKER GETS NEARLY 5 YEARS IN US PRISON OVER NETWORK INTRUSION Full Text
Abstract
Romanian hacker Catalin Dragomir (45) will spend 4 years and 8 months in a US prison after admitting he sold access to an Oregon state network.Security Affairs
May 22, 2026 – General
Microsoft says it’s making AI ‘safe for work’ in your browser Full Text
Abstract
Microsoft is testing the addition of agentic AI to its corporate browser, Edge for Business. A new version, currently available in a limited preview, will help perform routine tasks more efficiently, according to Microsoft’s partner product manager for Edge, Lindsay Kubasik.CSO
May 20, 2026 – Policy and Law
Two U.S. Executives Plead Guilty in India-Based Tech-Support Fraud Schemes Full Text
Abstract
Two former executives of a U.S.-based call routing and analytics company have pleaded guilty to federal charges for knowingly enabling India-based call centers to defraud thousands of American victims through elaborate tech-support scam operations spanning nearly six years.Cyber Security News
May 19, 2026 – Insider Threat
America’s top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) left open a GitHub repository named “Private-CISA” containing plain-text passwords, private keys, tokens, and secrets – with obvious file names like “external-secret-repo-creds.yaml” and “AWS-Workspace-Firefox-Passwords.csv” – for six months.The Register
May 16, 2026 – Cryptocurrency
More than $10 million stolen from crypto platform THORChain Full Text
Abstract
Cryptocurrency platform THORChain said more than $10 million was stolen during a security incident on Friday morning.The Record
May 12, 2026 – Breach
Instructure reaches ‘agreement’ with ShinyHunters to stop data leak Full Text
Abstract
Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an "agreement" with the ShinyHunters extortion group to prevent the data stolen in a recent breach from being leaked online.Bleeping Computer
May 9, 2026 – Phishing
Fake OpenAI repository on Hugging Face pushes infostealer malware Full Text
Abstract
A malicious Hugging Face repository that reached the platform’s trending list impersonated OpenAI’s “Privacy Filter” project to deliver information-stealing malware to Windows users.CSO
May 7, 2026 – Vulnerabilities
Palo Alto warns of critical software bug used in firewall attacks Full Text
Abstract
Hackers are exploiting a new vulnerability in software from Palo Alto Networks, the company said in an advisory on Wednesday.CSO