Daily Security Feed - 2026-05-14

Security Feed Digest (2026-05-14)

Hacker News: Best

• Kickstarter is forced to ban adult content by payment processors — Wed, 13 May 2026 15:26:27 +0000
• Open Source Resistance: keep OSS alive on company time — Wed, 13 May 2026 15:13:37 +0000
• Setting up a free *.city.state.us locality domain (2025) — Wed, 13 May 2026 14:45:18 +0000
• Leaving GitHub for Forgejo — Wed, 13 May 2026 12:54:00 +0000
• I moved my digital stack to Europe — Wed, 13 May 2026 11:42:20 +0000
• Deterministic Fully-Static Whole-Binary Translation Without Heuristics — Wed, 13 May 2026 04:25:03 +0000
• Starship V3 — Wed, 13 May 2026 01:29:31 +0000
• Tell NYT, Atlantic, USA Today to keep Wayback Machine — Tue, 12 May 2026 23:11:40 +0000
• Twin brothers wipe 96 government databases minutes after being fired — Tue, 12 May 2026 22:28:07 +0000
• Restore full BambuNetwork support for Bambu Lab printers — Tue, 12 May 2026 21:55:21 +0000
• Scrcpy v4.0 — Tue, 12 May 2026 20:50:02 +0000
• How to make your text look futuristic (2016) — Tue, 12 May 2026 20:16:26 +0000
• CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq — Tue, 12 May 2026 18:12:28 +0000
• Quack: The DuckDB Client-Server Protocol — Tue, 12 May 2026 17:54:12 +0000
• Reimagining the mouse pointer for the AI era — Tue, 12 May 2026 17:40:13 +0000
• Canada’s Bill C-22 Is a Repackaged Version of Last Year’s Surveillance Nightmare — Tue, 12 May 2026 17:35:58 +0000
• Amazon employees are “tokenmaxxing” due to pressure to use AI tools — Tue, 12 May 2026 16:29:21 +0000
• Instructure pays ransom to Canvas hackers — Tue, 12 May 2026 02:56:31 +0000

BleepingComputer

• West Pharmaceutical says hackers stole data, encrypted systems — Wed, 13 May 2026 18:23:31 -0400
• Iranian hackers targeted major South Korean electronics maker — Wed, 13 May 2026 17:59:33 -0400
• New critical Exim mailer flaw allows remote code execution — Wed, 13 May 2026 16:23:50 -0400
• Windows BitLocker zero-day gives access to protected drives, PoC released — Wed, 13 May 2026 12:37:49 -0400
• Webinar tomorrow: Why security alone won’t stop modern attacks — Wed, 13 May 2026 11:45:56 -0400
• Microsoft fixes BitLocker recovery issue only for Windows 11 users — Wed, 13 May 2026 11:42:46 -0400
• Microsoft fixes Windows Autopatch bug installing restricted drivers — Wed, 13 May 2026 10:36:09 -0400
• Foxconn confirms cyberattack claimed by Nitrogen ransomware gang — Wed, 13 May 2026 08:49:54 -0400
• 73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation — Wed, 13 May 2026 08:30:38 -0400
• Microsoft says some users can’t install Office on Windows 365 devices — Wed, 13 May 2026 07:53:54 -0400

Darkreading

• Checkbox Assessments Aren’t Fit to Measure to Risk — Wed, 13 May 2026 21:17:07 GMT
• Attackers Weaponize RubyGems for Data Dead Drops — Wed, 13 May 2026 21:09:20 GMT
• Tables Turn on ‘The Gentlemen’ RaaS Gang With Data Leak — Wed, 13 May 2026 20:47:46 GMT
• Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape — Wed, 13 May 2026 18:52:50 GMT
• China’s ‘FamousSparrow’ APT Nests in South Caucasus Energy Firm — Wed, 13 May 2026 13:00:00 GMT
• LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly — Wed, 13 May 2026 13:00:00 GMT
• It’s Patch Tuesday for Microsoft & Not a Zero-Day In Sight — Tue, 12 May 2026 21:03:04 GMT

The Hacker News

• Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday — Wed, 13 May 2026 19:16:02 +0530
• Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation — Wed, 13 May 2026 18:30:00 +0530
• [Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud — Wed, 13 May 2026 17:22:43 +0530
• Most Remediation Programs Never Confirm the Fix Actually Worked — Wed, 13 May 2026 17:00:00 +0530
• Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws — Wed, 13 May 2026 16:06:10 +0530
• GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data — Wed, 13 May 2026 13:38:54 +0530
• Android Adds Intrusion Logging for Sophisticated Spyware Forensics — Wed, 13 May 2026 12:25:42 +0530

데일리시큐 - 최근인기기사

• “북한 해커, 이제 사람과 공급망까지 노린다”…가상자산 공격 ‘오프라인 침투’ 단계로 진화 — 2026-05-13 11:31:10
• 폰투온(Pwn2Own) 뒤흔든 제로데이 폭증…윤인수 교수 “AI가 해킹 판 바꾸고 있다” — 2026-05-13 17:38:57
• 개인정보 보호체계, 사후 처벌에서 예방 중심으로 전환…중대·반복 위반 시 매출액 최대 10% 과징금 — 2026-05-13 12:22:37
• 아우토크립트, IBK-KOSDAQ 붐업데이 참가…피지컬 AI 보안 신사업 전략 공개 — 2026-05-13 10:05:55
• 과기정통부, AI·XR 서비스 개발자 경진대회 개최…총상금 7,800만 원 지원 — 2026-05-13 12:32:25
• 엔키화이트햇, 과기부 ‘2026 AI 보안 유망기업’ 사업화 과제 선정 — 2026-05-13 09:52:54
• 폰투온 베를린 2026 앞두고 쏟아진 마이크로소프트·어도비 5월 보안 패치 — 2026-05-13 14:01:47
• [보안칼럼] 국민 스마트폰 보안, 이제 단말 보호까지 고민해야 할 때 — 2026-05-13 13:27:06
• EU CRA 시행 앞두고 SBOM 기반 공급망 보안 대응 본격화 — 2026-05-13 10:16:01
• [CISO 조찬세미나] 금융보안원 김현민 팀장 “디지털자산 해킹, 기술보다 신뢰를 파고든다” — 2026-05-13 16:10:15

보안뉴스 > SECURITY

• [만화로 보는 피싱] #3. “해킹 피해 점검하게 앱 설치 좀”… 그게 해킹이다 — Thu, 14 May 2026 07:37:00 +0900
• [배종찬의 보안 빅데이터] 영화 ‘아이 로봇’에서 드러난 피지컬AI의 위협 — Wed, 13 May 2026 17:34:00 +0900
• AI로 만든 해킹 도구의 습격… ‘Mr_Rot13’, 정부·군사 기밀 4.37GB 빼돌려 — Wed, 13 May 2026 17:32:00 +0900
• AI 에이전트가 공격자 분석해 차단… 그룹아이비, 통합 지능형 보안 엔진 프레빈 AI 출시 — Wed, 13 May 2026 14:51:00 +0900
• [양자와 보안] 이와이엘, 양자내성암호 암호 보드 개발… 암복호화 속도 높였다 — Wed, 13 May 2026 14:19:00 +0900
• [인사] 과학기술정보통신부 — Wed, 13 May 2026 13:28:00 +0900
• 아카마이 “AI 확산 속 API 위협 급증… 사고당 손실 100만달러 돌파” — Wed, 13 May 2026 13:09:00 +0900
• [2026 비식별화 솔루션 리포트] 지우는 데이터에서 활용하는 데이터로… 안전한 AI 거버넌스 이끈다 — Wed, 13 May 2026 11:53:00 +0900
• 가비아 하이웍스, ‘그룹웨어 프리미엄’ 출시… “AI 문서 생성·공동편집·저장 한 흐름” — Wed, 13 May 2026 10:58:00 +0900
• 포티넷-엔비디아, 기업용 AI 보안 솔루션 ‘포티AI게이트’ 고도화 — Wed, 13 May 2026 10:38:00 +0900

Security Feed Digest (2026-05-14)

Hacker News: Best

• AI is making me dumb — Thu, 14 May 2026 18:19:28 +0000
• New Nginx Exploit — Thu, 14 May 2026 17:17:48 +0000
• Removing the modem and GPS from my 2024 RAV4 hybrid — Thu, 14 May 2026 17:08:00 +0000
• RTX 5090 and M4 MacBook Air: Can It Game? — Thu, 14 May 2026 15:47:31 +0000
• A message from President Kornbluth about funding and the talent pipeline — Thu, 14 May 2026 14:51:14 +0000
• Bitcoin trader recovers wallet with help of Claude — Thu, 14 May 2026 14:49:48 +0000
• USDA Projects Smallest US Wheat Harvest Since 1972 Due to Plains Drought — Thu, 14 May 2026 13:17:57 +0000
• Rewrite Bun in Rust has been merged — Thu, 14 May 2026 08:15:31 +0000
• Claude for Small Business — Thu, 14 May 2026 03:59:35 +0000
• A Claude Code and Codex Skill for Deliberate Skill Development — Thu, 14 May 2026 03:13:31 +0000
• Microsoft BitLocker – YellowKey zero-day exploit — Thu, 14 May 2026 02:45:08 +0000
• Cisco workforce reductions — Thu, 14 May 2026 01:38:05 +0000
• Scorched Earth 2000 – Web — Thu, 14 May 2026 00:41:29 +0000
• Tell HN: Dont use Claude Design, lost access to my projects after unsubscribing — Wed, 13 May 2026 21:40:18 +0000
• Princeton mandates proctoring for in-person exams, upending 133 year precedent — Wed, 13 May 2026 20:12:16 +0000
• “Not Medically Necessary”: Helping America’s Health Insurers Deny Coverage — Wed, 13 May 2026 19:01:54 +0000
• MacBook Neo Deep Dive: Benchmarks, Wafer Economics, and the 8GB Gamble — Wed, 13 May 2026 18:30:51 +0000
• The US is winning the AI race where it matters most: commercialization — Wed, 13 May 2026 13:53:53 +0000
• Dutch suicide prevention website shares data with tech companies without consent — Wed, 13 May 2026 12:57:42 +0000
• SecurityBaseline.eu — Wed, 13 May 2026 07:11:17 +0000
• The Emacsification of Software — Wed, 13 May 2026 07:06:14 +0000
• Kraftwerk’s radical 1976 track — Tue, 12 May 2026 23:13:01 +0000

BleepingComputer

• TeamPCP hackers advertise Mistral AI code repos for sale — Thu, 14 May 2026 18:50:36 -0400
• Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin — Thu, 14 May 2026 17:07:17 -0400
• Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks — Thu, 14 May 2026 16:09:56 -0400
• OpenAI confirms security breach in TanStack supply chain attack — Thu, 14 May 2026 15:07:24 -0400
• Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 — Thu, 14 May 2026 14:53:50 -0400
• 18-year-old NGINX vulnerability allows DoS, potential RCE — Thu, 14 May 2026 11:43:41 -0400
• Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight — Thu, 14 May 2026 11:21:32 -0400
• KongTuke hackers now use Microsoft Teams for corporate breaches — Thu, 14 May 2026 08:12:40 -0400
• Dell confirms its SupportAssist software causes Windows BSOD crashes — Thu, 14 May 2026 06:03:39 -0400
• US charges suspected Dream Market admin arrested in Germany — Thu, 14 May 2026 04:55:46 -0400
• New Fragnesia Linux flaw lets attackers gain root privileges — Thu, 14 May 2026 03:34:19 -0400

Darkreading

• SecurityScorecard Snags Driftnet to Level Up Threat Intelligence — Thu, 14 May 2026 20:57:27 GMT
• Maximum Severity Cisco SD-WAN Bug Exploited in the Wild — Thu, 14 May 2026 20:25:31 GMT
• ‘FrostyNeighbor’ APT Carefully Targets Govt Orgs in Poland, Ukraine — Thu, 14 May 2026 16:59:25 GMT
• AI Drives Cybersecurity Investments, Widening ‘Valley of Death’ — Thu, 14 May 2026 13:00:00 GMT
• Foxconn Attack Highlights Manufacturing’s Cyber Crisis — Thu, 14 May 2026 12:00:00 GMT
• Checkbox Assessments Aren’t Fit to Measure Risk — Wed, 13 May 2026 21:17:07 GMT

The Hacker News

• Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access — Thu, 14 May 2026 23:15:20 +0530
• Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets — Thu, 14 May 2026 22:52:43 +0530
• ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories — Thu, 14 May 2026 21:37:46 +0530
• Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike — Thu, 14 May 2026 19:30:37 +0530
• PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure — Thu, 14 May 2026 17:10:14 +0530
• How AI Hallucinations Are Creating Real Security Risks — Thu, 14 May 2026 17:00:00 +0530
• Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation — Thu, 14 May 2026 14:55:50 +0530
• New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption — Thu, 14 May 2026 12:36:15 +0530
• 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE — Thu, 14 May 2026 11:30:09 +0530

데일리시큐 - 최근인기기사

• 노출된 API 키가 제미나이 비용 폭탄으로…구글 클라우드 과금 피해 확산 — 2026-05-14 12:27:28
• “킴수키, AI 활용해 악성코드 개발 정황 포착“…한국 군·정부·방산 집중 공격 — 2026-05-14 09:26:34
• 마이크로소프트, 1분기 이메일 피싱 83억 건 탐지…링크 기반 공격이 전체 78% — 2026-05-14 09:38:43
• SKT·인크루트 개인정보 유출 후속점검 완료…개인정보위, 하반기 시정명령 점검 결과 공개 — 2026-05-14 11:42:43
• 개인정보위, 개인정보 유출한 보람상조 7개사 제재…과징금·과태료 5억5천만 원 부과 — 2026-05-14 11:32:30
• “중소·중견기업 침해 대응 평균 106일”…랜섬웨어·정보유출 피해 집중, 제조업 피해 비중 47.4% — 2026-05-14 09:03:28
• 샤이훌루드, 정상 패키지처럼 위장해 개발자 공격…npm·파이파이 공급망 공격 확산 — 2026-05-14 16:33:08
• 금융보안원, 금융권 AI 안전성·신뢰성 강화 세미나 개최 — 2026-05-14 08:49:57
• 사이냅소프트, AI 에이전트 위한 문서 데이터 정제 기술 세미나 개최 — 2026-05-14 14:17:08
• 락게이트코어, 로컬 LLM 기반 AI 보안점검 플랫폼 ‘모무스 AI’ 출시 — 2026-05-14 14:15:11

보안뉴스 > SECURITY

• 강병탁 AI스페라 대표, “AI 시대 보안은 ‘운영’… 에이전트 CTEM 출격” — Thu, 14 May 2026 18:15:00 +0900
• 이번엔 마이크로소프트… 새 AI 보안 시스템 MDASH, 취약점 탐지 성적 미토스 넘어 — Thu, 14 May 2026 18:05:00 +0900
• AI 에이전트 시대의 보안… 팔로알토, 아이덴티티 보안 플랫폼 ‘이디라’(Idira) 출시 — Thu, 14 May 2026 15:37:00 +0900
• SK쉴더스 “중소기업 해킹 인지까지 106.1일… 야간 틈탄 랜섬웨어 기승” — Thu, 14 May 2026 14:53:00 +0900
• “태권도 단증도 스마트폰에 쏙”… 국기원에 ‘옴니원 디지털 ID’ 공급 — Thu, 14 May 2026 14:29:00 +0900
• SKT, 해킹 후 CPO 관리·감독 강화… 사고 기업들 이행 결과 발표 — Thu, 14 May 2026 14:28:00 +0900
• 한국재난안전산업협회, 기술발표회 통해 AI·데이터 기반 재난안전 기술 협력 본격화 — Thu, 14 May 2026 14:22:00 +0900
• 한국특허정보원, 제10대 강병삼 신임 원장 취임 — Thu, 14 May 2026 14:10:00 +0900
• 포티넷, 무선 AP 및 네트워크 운영체제 등 핵심 제품군 5종 ‘보안 패치’ 배포 — Thu, 14 May 2026 14:06:00 +0900
• 개인정보 관리 소홀 보람상조, 5억4250만원 과징금 맞아 — Thu, 14 May 2026 14:01:00 +0900