Episode 55 — 13 May 2026
1. Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Source: Bleeping Computer
Fortinet has released security updates to address two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code on unpatched systems. The first one, tracked as CVE-2026-44277, impacts the company's...
2. SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
Source: Bleeping Computer
SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in Commerce Cloud and S/4HANA. Commerce Cloud is an enterprise-grade e-commerce platform used by online stores owned by large retailers and...
3. New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Source: The Hacker News
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and...
4. Signal adds security warnings for social engineering, phishing attacks
Source: Bleeping Computer
Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud. The purpose is to introduce enough friction that users get the time to evaluate the safety...
5. UK fines water supplier $1.3M for exposing data of 664k customers
Source: Bleeping Computer
The Information Commissioner's Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the personal data of 663,887 customers and employees. The company supplies 330 million liters of...
6. Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Source: The Hacker News
Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for...
7. RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
Source: The Hacker News
RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on RubyGems right now," Maciej Mensfeld, senior...
8. New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Source: The Hacker News
Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking...
