Cybersecurity News | Daily Recap [11 May 2026]

AI Threats

• Google said attackers used AI to develop a zero-day exploit for a web admin tool, and it also detected the first AI-generated exploit before it was used in the wild – AI Zero-Day, AI Exploit, AI Zero-Day
• Hackers abused Google ads and Claude.ai chats to distribute Mac malware in a new social-engineering campaign – Mac Malware

Supply Chain & Repository Attacks

• Checkmarx said its Jenkins AST Plugin was compromised in a supply chain attack, prompting renewed focus on application-layer defenses – Jenkins Attack, App Firewalls
• SailPoint disclosed a hack of its GitHub repository, adding to concerns over source-code exposure and developer-platform security – GitHub Hack

Enterprise Breaches & Identity

• Instructure confirmed attackers exploited a Canvas flaw to deface portals, showing how exposed application bugs can quickly turn into visible brand damage – Canvas Flaw
• Changing passwords alone does not end an Active Directory breach, because attackers may retain persistence through tokens, sessions, or hidden footholds – AD Breach

Malware & Covert C2

• TrickMo, an Android banking trojan, has adopted the TON blockchain for covert command-and-control communications to evade detection – TrickMo

Phishing & Crime

• A years-long phishing campaign hit more than 500 organizations, underscoring the scale and persistence of credential theft operations – Phishing Campaign
• The resurrected Crimenetwork marketplace was taken down and its administrator arrested, disrupting a major cybercrime hub – Crimenetwork Down

Leadership & Awareness

• Security leaders argued that prevention alone is not enough against modern attacks, while another piece highlighted the lack of a dedicated cybersecurity leader in many small businesses – Modern Attacks, SMB Leader

Cybersecurity News | Daily Recap – hendryadrian.com