Daily Security Feed - 2026-05-21

Security Feed Digest (2026-05-21)

Hacker News: Best

• An OpenAI model has disproved a central conjecture in discrete geometry — Wed, 20 May 2026 19:05:30 +0000
• Apparently Google hates us now — Wed, 20 May 2026 16:27:25 +0000
• Tennessee man jailed 37 days for Trump meme wins settlement after lawsuit — Wed, 20 May 2026 14:30:47 +0000
• GitHub confirms breach of 3,800 repos via malicious VSCode extension — Wed, 20 May 2026 13:43:37 +0000
• Goodbye Visa and Mastercard: 130M Europeans switching to sovereign payment — Wed, 20 May 2026 13:02:30 +0000
• Meta blocks human rights accounts from reaching audiences in Saudi Arabia, UAE — Wed, 20 May 2026 12:43:41 +0000
• Map of Metal — Wed, 20 May 2026 10:47:20 +0000
• Qwen3.7-Max: The Agent Frontier — Wed, 20 May 2026 10:35:02 +0000
• Incident Report: May 19, 2026 – GCP Account Suspension — Wed, 20 May 2026 08:37:55 +0000
• Everything in C is undefined behavior — Wed, 20 May 2026 06:07:22 +0000
• FiveThirtyEight articles on the Internet Archive — Wed, 20 May 2026 01:34:19 +0000
• Incident Report: Railway Blocked by Google Cloud [resolved] — Wed, 20 May 2026 00:23:54 +0000
• GitHub is investigating unauthorized access to their internal repositories — Wed, 20 May 2026 00:01:18 +0000
• Remove-AI-Watermarks – CLI and library for removing AI watermarks from images — Tue, 19 May 2026 22:30:31 +0000
• Disney erased FiveThirtyEight — Tue, 19 May 2026 18:56:25 +0000
• Gemini CLI will stop working from June 18, 2026 — Tue, 19 May 2026 18:03:10 +0000
• Show HN: Forge – Guardrails take an 8B model from 53% to 99% on agentic tasks — Tue, 19 May 2026 12:23:07 +0000

BleepingComputer

• Ukraine identifies infostealer operator tied to 28,000 stolen accounts — Wed, 20 May 2026 17:36:24 -0400
• Hackers bypass SonicWall VPN MFA due to incomplete patching — Wed, 20 May 2026 17:19:17 -0400
• Grafana breach caused by missed token rotation after TanStack attack — Wed, 20 May 2026 11:46:37 -0400
• Identity Alone Isn’t Enough: Why Device Security Has to Share the Load — Wed, 20 May 2026 10:02:12 -0400
• Drupal critical update to fix bug with high exploitation risk — Wed, 20 May 2026 08:52:29 -0400
• Exploit released for new PinTheft Arch Linux root escalation flaw — Wed, 20 May 2026 06:52:31 -0400
• GitHub confirms breach of 3,800 repos via malicious VSCode extension — Wed, 20 May 2026 04:14:08 -0400
• Microsoft shares mitigation for YellowKey Windows zero-day — Wed, 20 May 2026 03:31:15 -0400
• GitHub investigates internal repositories breach claimed by TeamPCP — Wed, 20 May 2026 01:08:42 -0400

Darkreading

• Cyber Pros Can’t Decide If AI Is a Good or a Bad Thing — Wed, 20 May 2026 20:52:25 GMT
• GitHub Confirms Breach, 4K Internal Repos Stolen — Wed, 20 May 2026 20:51:32 GMT
• Fake Android Apps Commit Carrier Billing Fraud for Premium Svcs. — Wed, 20 May 2026 20:35:35 GMT
• Processes and Culture Top Reasons Behind Data Breaches — Wed, 20 May 2026 17:42:30 GMT
• Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control — Wed, 20 May 2026 16:12:08 GMT
• Infosecurity Europe — 2026-06-02T13:30:00.000Z
• Interpol’s ‘Operation Ramz’ Pioneers Cross-Region Collabs in Middle East — Wed, 20 May 2026 07:00:00 GMT
• What It’ll Take to Make AI BOMs Usable in a Modern Security Program — Wed, 20 May 2026 03:44:40 GMT
• What Will Make AI BOMs Real? — Tue, 19 May 2026 22:17:55 GMT

The Hacker News

• Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development — Wed, 20 May 2026 22:36:54 +0530
• Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks — Wed, 20 May 2026 20:06:44 +0530
• Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API — Wed, 20 May 2026 18:21:43 +0530
• Agent AI is Coming. Are You Ready? — Wed, 20 May 2026 17:28:00 +0530
• GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos — Wed, 20 May 2026 17:08:43 +0530
• Typosquatting Is No Longer a User Problem. It’s a Supply Chain Problem — Wed, 20 May 2026 16:00:00 +0530
• Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit — Wed, 20 May 2026 13:58:26 +0530
• Grafana GitHub Breach Exposes Source Code via TanStack npm Attack — Wed, 20 May 2026 10:42:06 +0530

데일리시큐 - 최근인기기사

• 클라우드플레어 “미토스 프리뷰, 취약점 조합 능력 진전…오탐·안전장치 한계도 확인” — 2026-05-20 10:23:05
• 문자재판매사 전송자격인증 본격 시행…시큐리온, 악성 URL·앱 탐지 지원 — 2026-05-20 13:13:37
• 디스코드, 음성·영상 통화에 종단간 암호화 기본 적용 — 2026-05-20 13:32:49
• 코드서명 신뢰 체계 노린 폭스 템페스트…랜섬웨어 유포 방식 더 교묘해졌다 — 2026-05-20 16:46:49
• 엑스게이트, 2026 파트너스데이 성료…AI 기반 네트워크 보안 전략 공개 — 2026-05-20 10:28:12
• 그룹아이비(Group-IB), 가트너 ‘사이버 침해사고 상시 대응 서비스’ 대표 벤더 선정…인터폴 공조 성과도 주목 — 2026-05-20 10:51:44
• 금융보안원, 일본 금융청·금융ISAC·앤트로픽과 AI 보안 협력 논의 — 2026-05-20 10:32:55
• 개인정보위, 요양병원 개인정보 관리 실태 점검 착수 — 2026-05-20 12:09:36
• 미국 사이버안보 기관 CISA, 깃허브에 비밀번호·AWS 토큰 6개월 노출 — 2026-05-20 17:30:20
• 파수 AI, N2SF 등급 분류 대응 ‘FDR’ 업데이트 출시 — 2026-05-20 10:05:12

보안뉴스 > SECURITY

• AI안전연구소, CBRN 포함 AI모델 42종 평가… “美·英과 함께 CBRN 평가국 손꼽혀” — Wed, 20 May 2026 16:50:00 +0900
• 美 CISA 협력업체 직원, 정부 핵심 클라우드 키 깃허브에 공개 노출 — Wed, 20 May 2026 15:51:00 +0900
• “해커도 AI 에이전트 쓴다” CISO가 말하는 2026 산업별 보안 진단 — Wed, 20 May 2026 15:48:00 +0900
• 인스피언, 공공·금융 폐쇄망 AI 보안 시장 공략 본격화 — Wed, 20 May 2026 15:38:00 +0900
• 구글, 사이버 보안 AI 경쟁 참전… 보안 특화 AI 에이전트 ‘코드멘더’ 접근 확대 — Wed, 20 May 2026 14:24:00 +0900
• “국내 기업 84.6% AI 활용하지만, 전사 확산은 24.8% 불과해” — Wed, 20 May 2026 14:10:00 +0900
• 스틸리언, AI 기반 취약점 분석 솔루션 ‘에일리언레이’ 출시 — Wed, 20 May 2026 13:41:00 +0900
• [미토스 충격] 클라우드플레어, “미토스, 취약점 발굴 넘어 공격 코드 자동 생성” — Wed, 20 May 2026 13:00:00 +0900
• [2026 SASE 솔루션 리포트] “본사 네트워크 시대는 끝났다” SASE로 여는 기업 네트워크 보안 — Wed, 20 May 2026 11:52:00 +0900
• 금융보안원, 일본에서 AI 보안 글로벌 협력 강화 행보 — Wed, 20 May 2026 11:29:00 +0900