![Cybersecurity News | Daily Recap [15 May 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [15 May 2026]")
Daily Recap, Microsoft warned that an Exchange Server zero-day is actively exploited, while Cisco faced an exploited SD-WAN auth-bypass and an 18-year-old NGINX flaw enabling DoS and potential RCE. OpenAI confirmed a TanStack-related supply-chain breach, and Ghostwriter used geofenced PDF phishing with Cobalt Strike against the Ukrainian government.
#ExchangeServer #Microsoft #Cisco #SD-WAN #NGINX #WordPress #BurstStatistics #OpenAI #TanStack #NodeIPC #Ghostwriter #UkrainianGovernment #CobaltStrike #ShaiHulud #TeamPCP #MistralAI #AmericanLendingCenter
#ExchangeServer #Microsoft #Cisco #SD-WAN #NGINX #WordPress #BurstStatistics #OpenAI #TanStack #NodeIPC #Ghostwriter #UkrainianGovernment #CobaltStrike #ShaiHulud #TeamPCP #MistralAI #AmericanLendingCenter
Exploited Vulnerabilities
- Microsoft warned that an Exchange Server zero-day is being actively exploited, while Cisco faced a critical SD-WAN auth-bypass bug and an 18-year-old NGINX flaw capable of DoS and potential RCE – Exchange Zero-Day, Exchange Attacks, Cisco Zero-Day, CISA KEV, Auth Bypass, SD-WAN Exploited, NGINX Flaw
- WordPress sites were hit by active exploitation of an auth-bypass flaw in the Burst Statistics plugin, adding another widely abused web-app weakness to the day’s alerts – Burst Plugin
Supply Chain & Code Theft
- OpenAI confirmed a breach tied to a TanStack supply-chain attack, while TeamPCP escalated pressure by releasing Shai-Hulud worm source code and advertising Mistral AI code repositories for sale – OpenAI Hit, Breach Confirmed, Shai-Hulud Code, Mistral Repos
- A stealer backdoor was found in 3 Node-IPC versions, highlighting continued abuse of developer ecosystems to capture secrets – Node-IPC Backdoor
Threat Actors & Espionage
- Ghostwriter targeted the Ukrainian government with geofenced PDF phishing and Cobalt Strike, showing persistent espionage activity against public-sector targets – Ghostwriter Phishing
- Foxconn confirmed a cyberattack affecting its North American factories, underscoring the operational impact of attacks on manufacturing supply chains – Foxconn Attack
AI & Security Research
- Security leaders at the Pentagon and White House emphasized that advanced AI is reshaping cyber defense priorities, with identity security and vulnerability discovery emerging as top concerns – AI Warfare, Identity Security, Mythos Research, ThreatsDay
- Windows 11 and Microsoft Edge were successfully hacked on day one of Pwn2Own Berlin 2026, reinforcing how quickly high-value targets can fall to chained bugs – Pwn2Own Berlin
Security Industry & Intelligence
- SecurityScorecard acquired Driftnet to expand threat-intelligence capabilities, reflecting ongoing consolidation in the cyber-risk market – Driftnet Deal
- Authorities and researchers also flagged a broader mix of PAN-OS RCE, AI tokenizer attacks, and related threats in the latest roundup – ThreatsDay Bulletin
Data Breaches
- American Lending Center disclosed a data breach affecting 123,000 individuals, adding to the day’s consumer-impacting exposure reports – Data Breach