Daily Security Feed - 2026-05-12

Security Feed Digest (2026-05-12)

Hacker News: Best

• Show HN: Needle: We Distilled Gemini Tool Calling into a 26M Model — Tue, 12 May 2026 18:03:11 +0000
• Googlebook — Tue, 12 May 2026 17:37:36 +0000
• The Future of Obsidian Plugins — Tue, 12 May 2026 15:45:54 +0000
• Operation: Epic Furious — Tue, 12 May 2026 15:13:01 +0000
• Why senior developers fail to communicate their expertise — Tue, 12 May 2026 15:08:40 +0000
• Bambu Lab is abusing the open source social contract — Tue, 12 May 2026 14:54:41 +0000
• US inflation jumps to 3.8% as energy costs surge from Iran war — Tue, 12 May 2026 13:51:36 +0000
• Rendering the Sky, Sunsets, and Planets — Tue, 12 May 2026 13:26:46 +0000
• EU to crack down on TikTok, Instagram’s ‘addictive design’ targeting kids — Tue, 12 May 2026 11:00:07 +0000
• Learning Software Architecture — Tue, 12 May 2026 09:30:21 +0000
• Screenshots of Old Desktop OSes — Tue, 12 May 2026 05:11:24 +0000
• They Live (1988) inspired Adblocker — Tue, 12 May 2026 00:37:54 +0000
• Postmortem: TanStack NPM supply-chain compromise — Mon, 11 May 2026 21:08:25 +0000
• I let AI build a tool to help me figure out what was waking me up at night — Mon, 11 May 2026 21:04:10 +0000
• Interaction Models — Mon, 11 May 2026 20:53:37 +0000
• GitLab announces workforce reduction and end of their CREDIT values — Mon, 11 May 2026 20:51:57 +0000
• If AI writes your code, why use Python? — Mon, 11 May 2026 20:45:55 +0000
• UCLA discovers first stroke rehabilitation drug to repair brain damage (2025) — Mon, 11 May 2026 17:53:08 +0000
• Google says criminal hackers used AI to find a major software flaw — Mon, 11 May 2026 13:20:14 +0000

Krebs on Security

• Patch Tuesday, May 2026 Edition — Tue, 12 May 2026 21:46:45 +0000

BleepingComputer

• US govt seeks Instructure testimony on massive Canvas cyberattack — Tue, 12 May 2026 19:09:55 -0400
• UK fines water supplier $1.3M for exposing data of 664k customers — Tue, 12 May 2026 16:17:19 -0400
• Webinar: Fixing the gaps in network incident response — Tue, 12 May 2026 15:46:04 -0400
• Signal adds security warnings for social engineering, phishing attacks — Tue, 12 May 2026 15:40:31 -0400
• Microsoft releases Windows 10 KB5087544 extended security update — Tue, 12 May 2026 14:58:34 -0400
• Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator — Tue, 12 May 2026 14:23:09 -0400
• Windows 11 KB5089549 & KB5087420 cumulative updates released — Tue, 12 May 2026 14:09:12 -0400
• Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days — Tue, 12 May 2026 14:08:06 -0400
• Škoda warns of customer data breach after online shop hack — Tue, 12 May 2026 13:07:01 -0400
• Android 17 to expand banking scam call and privacy protections — Tue, 12 May 2026 13:00:00 -0400
• Shai Hulud attack ships signed malicious TanStack, Mistral npm packages — Tue, 12 May 2026 07:29:36 -0400
• SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA — Tue, 12 May 2026 07:04:55 -0400
• Instructure reaches ‘agreement’ with ShinyHunters to stop data leak — Tue, 12 May 2026 05:23:56 -0400

Darkreading

• It’s Patch Tuesday for Microsoft and Not a Zero-Day In Sight — Tue, 12 May 2026 21:03:04 GMT
• Hugging Face Packages Weaponized With a Single File Tweak — Tue, 12 May 2026 14:00:00 GMT
• 20 Leaders Who Built the CISO Era: 2 Decades of Change — Tue, 12 May 2026 12:00:00 GMT
• Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain — Tue, 12 May 2026 11:07:43 GMT

The Hacker News

• New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution — Tue, 12 May 2026 22:14:00 +0530
• RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded — Tue, 12 May 2026 20:17:00 +0530
• New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots — Tue, 12 May 2026 18:20:00 +0530
• Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help — Tue, 12 May 2026 17:28:00 +0530
• Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages — Tue, 12 May 2026 17:16:00 +0530
• Why Agentic AI Is Security’s Next Blind Spot — Tue, 12 May 2026 16:00:00 +0530
• Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak — Tue, 12 May 2026 13:07:00 +0530
• OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation — Tue, 12 May 2026 12:25:00 +0530
• iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android — Tue, 12 May 2026 10:48:00 +0530

데일리시큐 - 최근인기기사

• [긴급] 체크막스 젠킨스 플러그인 해킹… 공급망 공격 또 터졌다 — 2026-05-12 18:05:40
• 일루미오, 제로 트러스트 창시자와 한국 보안 시장 공략 가속화 — 2026-05-12 15:30:27
• 핀테크산업협회, 국회서 AI·양자 시대 차세대 보안 포럼 개최 — 2026-05-12 17:19:50

보안뉴스 > SECURITY

• 이노티움, ‘AI 문서중앙화’ 반도체 등 다양한 산업 공급 — Tue, 12 May 2026 17:30:00 +0900
• ‘제로트러스트 창시자’ 존 킨더바그 “미토스 공포? ‘격리’가 관건” — Tue, 12 May 2026 16:50:00 +0900
• 개인정보위, 중대 유출 반복되면 과징금 10%… “사전 예방으로 보안 패러다임 전환” — Tue, 12 May 2026 15:00:00 +0900
• [양자와 보안] 공공기관 양자보안 구축 의무화된다… 양자-AI 융합도 지원 — Tue, 12 May 2026 14:51:00 +0900
• [이슈칼럼] 정밀 타격 시대, VIP 경호 패러다임의 전략적 전환 — Tue, 12 May 2026 14:37:00 +0900
• [속담으로 배우는 100가지 보안 습관-12] 돌다리도 두드려 보고 건너라(2)-앱 아무 데서나 설치하면 생기는 일 — Tue, 12 May 2026 13:19:00 +0900
• 금융보안원, 2026년 금융보안자문위원회 전체회의 개최 — Tue, 12 May 2026 11:35:00 +0900
• GM, 고객 몰래 주행 데이터 팔아 치워… 캘리포니아주에 1200만 달러 합의금 지불 — Tue, 12 May 2026 11:13:00 +0900
• 결국… AI 활용한 제로데이 취약점 공격 악성코드 현실화 — Tue, 12 May 2026 11:11:00 +0900
• 한국디지털인증협회, ‘2026 블록체인 AI 해커톤’ 기술 설명회 열기 고조 — Tue, 12 May 2026 10:59:00 +0900