Posts 2026 05 19 Daily Hunt Feed - 2026-05-19
Post
Cancel

Daily Hunt Feed - 2026-05-19

Fullstackreverser May 19 2026-05-19T10:30:10+09:00
4 min

Threat Hunt Feed (2026-05-19)

Hacker News: Best

Krebs on Security

BleepingComputer

  • INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers — Mon, 18 May 2026 18:15:30 -0400
    • Matched TTPs: IP Addresses (T1590.005), Malware (T1588.001), Hardware (T1592.001), Domains (T1584.001), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), At (T1053.002)
  • SHub macOS infostealer variant spoofs Apple security updates — Mon, 18 May 2026 17:42:20 -0400
    • Matched TTPs: Keychain (T1555.001), Malware (T1588.001), Hardware (T1592.001), Browser Extensions (T1176.001), Password Managers (T1555.005), Code Signing (T1553.002), AppleScript (T1059.002), Domains (T1584.001), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001)
  • 5 Steps to Managing Shadow AI Tools Without Slowing Down Employees — Mon, 18 May 2026 14:45:35 -0400
    • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Browser Extensions (T1176.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
  • Leaked Shai-Hulud malware fuels new npm infostealer campaign — Mon, 18 May 2026 13:28:02 -0400
    • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Botnet (T1584.005), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
  • Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026 — Mon, 18 May 2026 01:33:20 -0400
    • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), At (T1053.002)

Darkreading

  • ‘Claw Chain’ Vulnerabilities Threaten OpenClaw Deployments — Mon, 18 May 2026 21:24:59 GMT
    • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
  • Shai-Hulud Worm Clones Spread After Code Release — Mon, 18 May 2026 19:53:05 GMT
    • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Botnet (T1584.005), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
  • The Boring Stuff Is Dangerous Now — Mon, 18 May 2026 13:00:00 GMT
    • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), At (T1053.002)
  • Boulevard of Broken Dreams: 2 Decades of Cyber Fails — Mon, 18 May 2026 12:00:00 GMT
    • Matched TTPs: Artificial Intelligence (T1588.007), DNS (T1071.004), Malware (T1588.001), Hardware (T1592.001), Databases (T1213.006), Vulnerabilities (T1588.006), Botnet (T1584.005), Domains (T1584.001), Cloud Services (T1021.007), Web Services (T1584.006), Tool (T1588.002), Phishing (T1566), Firmware (T1592.003), Software (T1592.002), Credentials (T1589.001), Impersonation (T1656), At (T1053.002)

The Hacker News

  • ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More — Mon, 18 May 2026 19:20:17 +0530
    • Matched TTPs: Artificial Intelligence (T1588.007), Rootkit (T1014), DNS (T1071.004), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), SSH (T1021.004), DLL (T1574.001), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), At (T1053.002)
  • How to Reduce Phishing Exposure Before It Turns into Business Disruption — Mon, 18 May 2026 18:30:00 +0530
    • Matched TTPs: Rootkit (T1014), DNS (T1071.004), Malware (T1588.001), Vulnerabilities (T1588.006), Domains (T1584.001), Server (T1584.004), Phishing (T1566), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
  • Developer Workstations Are Now Part of the Software Supply Chain — Mon, 18 May 2026 16:53:41 +0530
    • Matched TTPs: Artificial Intelligence (T1588.007), Rootkit (T1014), DNS (T1071.004), Vulnerabilities (T1588.006), SSH (T1021.004), Cloud Accounts (T1078.004), Server (T1584.004), Code Repositories (T1213.003), Shell History (T1552.003), Cloud Services (T1021.007), Tool (T1588.002), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
  • Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws — Mon, 18 May 2026 16:24:05 +0530
    • Matched TTPs: Rootkit (T1014), DNS (T1071.004), Vulnerabilities (T1588.006), Server (T1584.004), Web Services (T1584.006), Software (T1592.002), Social Media (T1593.001), At (T1053.002)
  • Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware — Mon, 18 May 2026 14:27:26 +0530
    • Matched TTPs: Scheduled Task (T1053.005), Rootkit (T1014), DNS (T1071.004), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Botnet (T1584.005), Domains (T1584.001), Server (T1584.004), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
  • Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations — Mon, 18 May 2026 12:16:37 +0530
    • Matched TTPs: Rootkit (T1014), DNS (T1071.004), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Lua (T1059.011), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002), Compression (T1027.015)
security, hunt
threat-hunting ttp mitre-attack
This post is licensed under CC BY 4.0 by the author.
Contents

Daily Security Feed - 2026-05-19

Daily Security Feed - 2026-05-20

Comments powered by Disqus.