Daily Hunt Feed - 2026-05-13

Threat Hunt Feed (2026-05-13)

Hacker News: Best

• Show HN: Needle: We Distilled Gemini Tool Calling into a 26M Model — Tue, 12 May 2026 18:03:11 +0000
  • Matched TTPs: JavaScript (T1059.007), Hardware (T1592.001), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), Python (T1059.006), At (T1053.002)
• Learning Software Architecture — Tue, 12 May 2026 09:30:21 +0000
  • Matched TTPs: Software (T1592.002), At (T1053.002)
• I let AI build a tool to help me figure out what was waking me up at night — Mon, 11 May 2026 21:04:10 +0000
  • Matched TTPs: Hardware (T1592.001), SSH (T1021.004), Server (T1584.004), Tool (T1588.002), Software (T1592.002), At (T1053.002)
• If AI writes your code, why use Python? — Mon, 11 May 2026 20:45:55 +0000
  • Matched TTPs: Serverless (T1584.007), Artificial Intelligence (T1588.007), JavaScript (T1059.007), Tool (T1588.002), Software (T1592.002), Python (T1059.006), At (T1053.002)
• Google says criminal hackers used AI to find a major software flaw — Mon, 11 May 2026 13:20:14 +0000
  • Matched TTPs: Software (T1592.002)

Krebs on Security

• Patch Tuesday, May 2026 Edition — Tue, 12 May 2026 21:46:45 +0000
  • Matched TTPs: Artificial Intelligence (T1588.007), DNS (T1071.004), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Software (T1592.002), Credentials (T1589.001), At (T1053.002)

BleepingComputer

• Signal adds security warnings for social engineering, phishing attacks — Tue, 12 May 2026 15:40:31 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Python (T1059.006), At (T1053.002)
• Microsoft releases Windows 10 KB5087544 extended security update — Tue, 12 May 2026 14:58:34 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Python (T1059.006), At (T1053.002)
• Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator — Tue, 12 May 2026 14:23:09 -0400
  • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Python (T1059.006), At (T1053.002)
• Windows 11 KB5089549 & KB5087420 cumulative updates released — Tue, 12 May 2026 14:09:12 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Python (T1059.006), At (T1053.002)
• Shai Hulud attack ships signed malicious TanStack, Mistral npm packages — Tue, 12 May 2026 07:29:36 -0400
  • Matched TTPs: DNS (T1071.004), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), SSH (T1021.004), Proxy (T1090), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), Python (T1059.006), At (T1053.002)
• SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA — Tue, 12 May 2026 07:04:55 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), Python (T1059.006), At (T1053.002)

The Hacker News

• RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded — Tue, 12 May 2026 20:17:00 +0530
  • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages — Tue, 12 May 2026 17:16:00 +0530
  • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), At (T1053.002)
• OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation — Tue, 12 May 2026 12:25:00 +0530
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)