A fast, reusable HTML report for lightweight Radar projects: entity distribution, article velocity, and source mix, alongside a clean reading list.
Some sources or steps reported errors. The report still renders with partial data.
Entity Distribution
Top entities by frequency
Article Timeline
Daily volume inferred from article dates
Source Distribution
Share of articles by source
Data Freshness
Collection lag distribution
Entity Extraction Rate
Percentage with matched entities
Source Health
Article count by source (sorted)
Incident Category Breakdown
Keyword-based classifier over title + summary
| Category | Articles |
|---|---|
| OTHER | 44 |
| VULNERABILITY | 34 |
| MALWARE | 9 |
| RANSOMWARE | 6 |
| REGULATORY | 3 |
| PHISHING | 2 |
| BREACH | 2 |
Entity Co-occurrence Network
Entities that appear together in the same article
Reading List
Click through to the original source
KongTuke hackers now use Microsoft Teams for corporate breaches
Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. [...]
Foxconn Attack Highlights Manufacturing's Cyber Crisis
A Nitrogen ransomware attack on Foxconn's North American facilities is one of 600 hits on manufacturers this year, as gangs increasingly target the sector for its low tolerance for downtime.
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure. The vulnerabili...
How AI Hallucinations Are Creating Real Security Risks
AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks certainty, it doesn’t...
How Dangerous Is Anthropic’s Mythos AI?
Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not release it to the general public....
Kimsuky targets organizations with PebbleDash-based tools
Kaspersky researchers analyze a range of new PebbleDash-based tools used in recent Kimsuky campaigns and reveal their connection to the AppleSeed malware cluster.
Dell confirms its SupportAssist software causes Windows BSOD crashes
Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots affecting Dell devices since Friday. [...]
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Tr...
Most Organizations Now Use AI Agents for Sensitive Security Tasks
Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure
New Fragnesia Linux flaw lets attackers gain root privileges
Linux distros are rolling out patches for a new high-severity kernel privilege escalation vulnerability (known as Fragnasia and tracked as CVE-2026-46300) that allows attackers to run malicious code as root. [...]
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the...
Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th)
Besides serving as a place where Microsoft Outlook places suspected spam, the Outlook Junk folder has one additional function that can be quite helpful when it comes to identifying malicious messages. Any e-mail placed i...
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, discovered by depthfirst...
Clio’s $500M milestone arrives just as Anthropic ups the ante
Legal tech startups, including Clio, which just hit $500 million in ARR, are seeing massive customer adoption.
West Pharmaceutical says hackers stole data, encrypted systems
West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. [...]
Iranian hackers targeted major South Korean electronics maker
The Iran-linked hacking group MuddyWater (a.k.a. Seedworm, Static Kitten) launched a broad cyber-espionage campaign targeting at least nine high-profile organizations across multiple sectors and countries. [...]
Trump administration defends right to ban content moderation experts from US
The Trump administration is fighting for the right to keep some social media moderation advocates out of the US. On Wednesday, US District Court Judge James Boasberg heard arguments in a lawsuit between the nonprofit Coa...
Checkbox Assessments Aren't Fit to Measure to Risk
Security governance needs to be more than an annual compliance exercise. New companies are emerging to address risk-management gaps in current audit tools.
Attackers Weaponize RubyGems for Data Dead Drops
Threat actors are publishing RubyGems packages that include scrapers targeting public-facing UK government servers, but with no clear objective.
Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak
An OPSEC failure provides a window into what helped the ransomware group rise: a generous affiliate model, opportunistic TTPs, and an effective organizational structure.
AMD’s best CPU tech for gamers is coming to workstations too
For the first time, AMD is including its 3D V-Cache tech in its commercial workstation processors with a refreshed line of Ryzen PRO 9000 series chips. Up until now, AMD's 3D V-Cache chips have mainly been geared toward ...
New critical Exim mailer flaw allows remote code execution
A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacker to execute arbitrary code. [...]
Musk’s xAI is running nearly 50 gas turbines unchecked at its Mississippi data center
Gas turbines at xAI's Colossus 2 data center have drawn a lawsuit over the company's use of "mobile" gas turbines as power plants.
Informa TechTarget's flagship cybersecurity media brand launches a special content series to mark two decades as a trusted source for cybersecurity professionals.
This is what some of the world’s largest banks of malware look like stacked as hard drives
What would some of the world's largest repositories of malware look like if they were stacked as hard drives, one on top of the other?
Windows BitLocker zero-day gives access to protected drives, PoC released
A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a privilege-escalation flaw. ...
Anthropic courts a new kind of customer: small business owners
For founders and investors, Anthropic's new offering signals that the AI platform wars are expanding downmarket and that the next major battleground for user acquisition isn't the Fortune 500; it's the 36 million small b...
Webinar tomorrow: Why security alone won't stop modern attacks
Tomorrow's webinar examines why prevention alone is no longer enough against modern cyberattacks. The session explores how organizations combine security, backups, and recovery planning to improve cyber resilience after ...
Microsoft fixes BitLocker recovery issue only for Windows 11 users
Microsoft has addressed a known issue causing some Windows 11 systems to boot into BitLocker recovery after installing the April 2026 Windows security updates. [...]
A ransomware group has claimed responsibility for hacking the electronics manufacturing giant Foxconn and is attempting to extort the company.
Canvas Owner Reaches Agreement With Cybercriminals After Ransomware Attack
Instructure says it reached an agreement with ShinyHunters over the Canvas breach data
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of ...
LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly
In the latest evolution of automated cyberattacks, two threat campaigns heavily leveraged AI agents to support attacks against entities in Mexico and Brazil.
China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm
The cyberthreat group targets an Azerbaijani oil and gas firm with repeated attacks, as the China-linked actors extend targeting beyond hospitality, telecom, and government sectors.
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its ta...
Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
Foxconn, the world's largest electronics manufacturer, says some of its North American factories are now working to resume normal operations after a cyberattack. [...]
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
Attackers can compromise systems in minutes while patching and response still take hours or days. Picus Security breaks down why autonomous validation is becoming critical for modern defense strategies. [...]
Ransomware: Over Half of CISOs Would Consider Paying Ransom to Hackers
Survey of cybersecurity leaders suggests that majority would strongly consider paying cybercriminals, if that’s what it took to help restore encrypted systems
Adaption aims big with AutoScientist, an AI tool that helps models train themselves
Adaption's new AutoScientist tool is designed to let models adapt to specific capabilities quickly through an automated approach to conventional fine-tuning.
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register for the Strategic Briefing Here. Most se...
Most Remediation Programs Never Confirm the Fix Actually Worked
Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean time to exploit at an estimated negative...
OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities
The UK’s AI Security Institute evaluated GPT-5.5’s ability to find security vulnerabilities, and found that it is comparable to Claude Mythos. Note that the OpenAI model is generally available. Here is the Institute’s ev...
Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks
The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chains
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 flaws, 30 are rated Criti...
UK Cybersecurity Market Expands to £14.7bn with Strong Growth in AI Security Firms
UK cybersecurity sector reaches £14.7bn in revenue, driven by rapid growth in AI security firms, increased investment and rising employment across the industry
Microsoft Fixes 17 Critical Flaws in May Patch Tuesday
Microsoft has patched 120 vulnerabilities in this month’s security update round
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that use the registry as a data exfiltration channel rather than for m...
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, available as part of Advanced Protection Mode...
[GUEST DIARY] Tearing apart website fraud to see how it works., (Wed, May 13th)
&#;x26;#;x5b;This is a Guest Diary by Joshua Nikolson, an ISC Intern and part of the SANS.edu Bachelor&#;x26;#;39;s degree in Applied Cybersecurity (BACS) program.]
SN 1078: DigiCert does it right - Hugging Face Under Fire
DigiCert's latest security mishap triggered not just a scramble behind the scenes, but a cascading crisis that briefly wiped trust from millions of Windows systems. Find out how a single support slip, followed by Microso...
US govt seeks Instructure testimony on massive Canvas cyberattack
The U.S. House Committee on Homeland Security is calling on Instructure executives to testify about two cyberattacks by the ShinyHunters extortion group that targeted the company's Canvas platform, allowing threat actors...
US govt seeks Instructure testimony on massive Canvas cyberattack
The U.S. House Committee on Homeland Security is calling on Instructure executives to testify about two cyberattacks by the ShinyHunters extortion group that targeted the company's Canvas platform, allowing threat actors...
Patch Tuesday, May 2026 Edition
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on...
Patch Tuesday, May 2026 Edition
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on...
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
It's the first time in two years with no zero-days. But with 137 flaws to patch, including nine critical ones, admins still have plenty of work to do.
UK fines water supplier $1.3M for exposing data of 664k customers
The Information Commissioner's Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the personal data of 663,887 customers and ...
UK fines water supplier $1.3M for exposing data of 664k customers
The Information Commissioner's Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the personal data of 663,887 customers and ...
Signal adds security warnings for social engineering, phishing attacks
Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud. [...]
Signal adds security warnings for social engineering, phishing attacks
Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud. [...]
Microsoft releases Windows 10 KB5087544 extended security update
Microsoft has released the Windows 10 KB5087544 extended security update to fix the May 2026 Patch Tuesday vulnerabilities and resolve an issue with the new Remote Desktop warnings. [...]
Microsoft releases Windows 10 KB5087544 extended security update
Microsoft has released the Windows 10 KB5087544 extended security update to fix the May 2026 Patch Tuesday vulnerabilities and resolve an issue with the new Remote Desktop warnings. [...]
Kevin Hartz’s A* just closed its third fund with $450M
The firm takes a generalist approach, backing companies across categories such as AI applications, fintech, healthcare, and security. The average check size for this fund will be between $3 million and $5 million, with t...
Microsoft May 2026 Patch Tuesday, (Tue, May 12th)
Today&#;x26;#;39;s Microsoft patch Tuesday fixes 137 different vulnerabilities. In addition, the update addresses 137 Chromium-related issues affecting Microsoft Edge.
Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code. [...]
Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code. [...]
Windows 11 KB5089549 & KB5087420 cumulative updates released
Microsoft has released Windows 11 KB5089549 and KB5087420 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]
Windows 11 KB5089549 & KB5087420 cumulative updates released
Microsoft has released Windows 11 KB5089549 and KB5087420 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]
Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed this month. [...]
Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed this month. [...]
Sam Altman says Elon Musk’s mind games were damaging OpenAI
OpenAI CEO Sam Altman says Elon Musk did "huge damage" to the culture of the AI startup. During testimony as part of Musk's lawsuit against OpenAI, Altman said Musk required OpenAI president Greg Brockman and former chie...
Škoda warns of customer data breach after online shop hack
Škoda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers. [...]
Škoda warns of customer data breach after online shop hack
Škoda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers. [...]
Android 17 to expand banking scam call and privacy protections
Android 17, expected to roll out next month, will introduce several security and privacy features focused on device theft, threat detection, and banking scam calls. [...]
Google launches new Android security feature to help uncover spyware attacks
Intrusion Logging is a new part of Android’s Advanced Protection Mode, which aims to help protect human rights activists, journalists, and dissidents from government spyware attack and law enforcement forensic devices.
Google launches new Android security feature to help uncover spyware attacks
Intrusion Logging is a new part of Android’s Advanced Protection Mode, which aims to help protect human rights activists, journalists, and dissidents from government spyware attack and law enforcement forensic devices.
The AI legal services industry is heating up — Anthropic is getting in on the action
Anthropic's new tools are designed to help law firms automate specific clerical functions — things like document search and review, case law resources, deposition prep, document drafting, and other related areas.
The AI legal services industry is heating up — Anthropic is getting in on the action
Anthropic's new tools are designed to help law firms automate specific clerical functions — things like document search and review, case law resources, deposition prep, document drafting, and other related areas.
Android 17 to expand banking scam call and privacy protections
Android 17, expected to roll out next month, will introduce several security and privacy features focused on device theft, threat detection, and banking scam calls. [...]
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) de...
US bank discloses security lapse after sharing customer data with AI app
Community Bank, which operates in Pennsylvania, Ohio, and West Virginia, disclosed a cybersecurity incident that exposed customers’ names, dates of birth, and Social Security numbers.
US bank discloses security lapse after sharing customer data with AI app
Community Bank, which operates in Pennsylvania, Ohio, and West Virginia, disclosed a cybersecurity incident that exposed customers’ names, dates of birth, and Social Security numbers.
Parents say ChatGPT got their son killed with bad advice on party drugs
The family of a 19-year-old college student is suing OpenAI over claims that his conversations with ChatGPT led to an accidental overdose. In the lawsuit filed on Tuesday, Sam Nelson's parents allege ChatGPT "encouraged"...
Exaforce raises $125M Series B to build AI for catching and stopping cyberattacks as they happen
As bad actors weaponize AI to exploit software vulnerabilities at unprecedented speed, companies are increasingly recognizing the need to bolster their cybersecurity defenses. The round valued the three-year-old startup ...
Exaforce raises $125M Series B to build AI for catching and stopping cyberattacks as they happen
As bad actors weaponize AI to exploit software vulnerabilities at unprecedented speed, companies are increasingly recognizing the need to bolster their cybersecurity defenses. The round valued the three-year-old startup ...
Waymo issues recall to deal with a flooding problem
Waymo has issued a software recall that makes its robotaxis more cautious around flooded areas. A "final remedy" is in the works.
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious att...
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and Febr...
Attackers Combine ClickFix With PySoxy Proxying to Maintain Persistence
Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ReliaQuest researchers
Attackers Combine ClickFix With PySoxy Proxying to Maintain Persistence
Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ReliaQuest researchers
Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help
Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn't always alert volume; it's the blind spots. The most dangerous alerts are the ones no one is inves...
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
TeamPCP, the threat actor behind the recentsupply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Min...
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. [...]
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. [...]
Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain
Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem.
This is the worst Linux vulnerability in years. TL;DR copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 2026 with a working PoC. It abuses the kern...
SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in the Commerce Cloud enterprise-grade e-commerce platform and the S/4HANA ERP suite. [....
SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in the Commerce Cloud enterprise-grade e-commerce platform and the S/4HANA ERP suite. [....
Why Agentic AI Is Security's Next Blind Spot
Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful involvement from the security team. The...
Malicious Hugging Face Repository Typosquats OpenAI
HiddenLayer reveals infostealer malware in a Hugging Face repository
Malicious Hugging Face Repository Typosquats OpenAI
HiddenLayer reveals infostealer malware in a Hugging Face repository