Daily Hunt Feed - 2026-05-15

Threat Hunt Feed (2026-05-15)

Hacker News: Best

• Tell HN: Dont use Claude Design, lost access to my projects after unsubscribing — Wed, 13 May 2026 21:40:18 +0000
  • Matched TTPs: Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), Python (T1059.006), At (T1053.002)
• The Emacsification of Software — Wed, 13 May 2026 07:06:14 +0000
  • Matched TTPs: Software (T1592.002), At (T1053.002)

BleepingComputer

• Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 — Thu, 14 May 2026 14:53:50 -0400
  • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), At (T1053.002)
• 18-year-old NGINX vulnerability allows DoS, potential RCE — Thu, 14 May 2026 11:43:41 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), DNS (T1071.004), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Proxy (T1090), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), At (T1053.002)
• Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight — Thu, 14 May 2026 11:21:32 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Email Account (T1087.003), Tool (T1588.002), Phishing (T1566), Multi-Factor Authentication (T1556.006), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
• Dell confirms its SupportAssist software causes Windows BSOD crashes — Thu, 14 May 2026 06:03:39 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), At (T1053.002)

Darkreading

• Taiwan Incident Highlights Cybersecurity Gaps in Rail Systems — Fri, 15 May 2026 01:00:00 GMT
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Software (T1592.002), Python (T1059.006), At (T1053.002)
• ‘FrostyNeighbor’ APT Carefully Targets Govt Orgs in Poland, Ukraine — Thu, 14 May 2026 16:59:25 GMT
  • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Malicious Link (T1204.001), At (T1053.002)

The Hacker News

• Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike — Thu, 14 May 2026 19:30:37 +0530
  • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation — Thu, 14 May 2026 14:55:50 +0530
  • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), Server (T1584.004), Downgrade Attack (T1562.010), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE — Thu, 14 May 2026 11:30:09 +0530
  • Matched TTPs: Adversary-in-the-Middle (T1557), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)