Daily Hunt Feed - 2026-05-14

Threat Hunt Feed (2026-05-14)

Hacker News: Best

• Setting up a free *.city.state.us locality domain (2025) — Wed, 13 May 2026 14:45:18 +0000
  • Matched TTPs: IP Addresses (T1590.005), DNS (T1071.004), WHOIS (T1596.002), Domains (T1584.001), Server (T1584.004), Tool (T1588.002), At (T1053.002)
• Twin brothers wipe 96 government databases minutes after being fired — Tue, 12 May 2026 22:28:07 +0000
  • Matched TTPs: Databases (T1213.006), Email Account (T1087.003), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Credentials (T1589.001), Python (T1059.006), Data Destruction (T1485), At (T1053.002)
• CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq — Tue, 12 May 2026 18:12:28 +0000
  • Matched TTPs: Vulnerabilities (T1588.006), At (T1053.002)
• Quack: The DuckDB Client-Server Protocol — Tue, 12 May 2026 17:54:12 +0000
  • Matched TTPs: Databases (T1213.006), Server (T1584.004), Proxy (T1090), Tool (T1588.002), Python (T1059.006), At (T1053.002)

BleepingComputer

• Iranian hackers targeted major South Korean electronics maker — Wed, 13 May 2026 17:59:33 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), DLL (T1574.001), PowerShell (T1059.001), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
• Windows BitLocker zero-day gives access to protected drives, PoC released — Wed, 13 May 2026 12:37:49 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)

The Hacker News

• Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday — Wed, 13 May 2026 19:16:02 +0530
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), DLL (T1574.001), Supply Chain Compromise (T1195), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Most Remediation Programs Never Confirm the Fix Actually Worked — Wed, 13 May 2026 17:00:00 +0530
  • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws — Wed, 13 May 2026 16:06:10 +0530
  • Matched TTPs: Artificial Intelligence (T1588.007), DNS (T1071.004), Malware (T1588.001), Databases (T1213.006), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), Server (T1584.004), Confluence (T1213.001), Tool (T1588.002), Phishing (T1566), Multi-Factor Authentication (T1556.006), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data — Wed, 13 May 2026 13:38:54 +0530
  • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)