![Cybersecurity News | Daily Recap [12 May 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [12 May 2026]")
Daily Recap, Major patch and supply-chain updates hit across SAP Commerce Cloud, SAP S/4HANA, and Apple’s macOS/iOS, while cPanel CVE-2026-41940 is actively exploited to drop a Filemanager backdoor. In parallel, the Shai-Hulud worm campaign weaponized signed TanStack, Mistral AI, and Guardrails AI npm packages, and extortion pressure drove an Instructure agreement with ShinyHunters over a 3.65TB Canvas leak.
#SAP #CommerceCloud #S4HANA #Apple #macOS #iOS #cPanel #CVE-2026-41940 #Filemanager #ShaiHulud #TanStack #MistralAI #GuardrailsAI #Instructure #ShinyHunters #Canvas #GhostLock #WestPharmaceuticalServices #FCC #Texas #Netflix #GM
#SAP #CommerceCloud #S4HANA #Apple #macOS #iOS #cPanel #CVE-2026-41940 #Filemanager #ShaiHulud #TanStack #MistralAI #GuardrailsAI #Instructure #ShinyHunters #Canvas #GhostLock #WestPharmaceuticalServices #FCC #Texas #Netflix #GM
Software Patches
- SAP fixed critical flaws in Commerce Cloud and S/4HANA, while Apple patched dozens of vulnerabilities across macOS and iOS – SAP Fixes, Apple Patches
- cPanel CVE-2026-41940 is being actively exploited to install a Filemanager backdoor, highlighting ongoing patch urgency – cPanel Exploit
Supply Chain
- The Shai-Hulud campaign spread through signed malicious TanStack, Mistral AI, and Guardrails AI npm packages, showing how a worm can weaponize trusted software distribution – Shai-Hulud, Mini Shai-Hulud
- Checkmarx faced a supply-chain hit when its official Jenkins AST plugin was compromised with an infostealer, following another TeamPCP compromise weeks after the KICS attack – Checkmarx Plugin, TeamPCP Attack
Ransom & Extortion
- Instructure reportedly struck an agreement with ShinyHunters to stop the leak of 3.65TB of Canvas data as extortion pressure mounted – Instructure Deal, Canvas Leak Deal, Canvas Pressure
- West Pharmaceutical Services was disrupted by a ransomware attack, underscoring continued operational impact from extortion campaigns – West Pharma Attack
Regulation & Privacy
- The FCC softened and delayed its foreign-made router and drone restrictions, pushing security-update limits to 2029 – FCC Ban, FCC Delay
- Texas sued Netflix over alleged data practices that created a consent-free “surveillance machinery,” while GM agreed to a $12.75M California settlement over driver data sales – Texas v. Netflix, GM Settlement
AI & Security Tools
- OpenAI launched Daybreak for AI-powered vulnerability detection and patch validation, as vendors race to automate defensive workflows – OpenAI Daybreak
- Researchers warned that hackers used AI to build the first known zero-day 2FA bypass for mass exploitation, raising the bar for account compromise – AI 2FA Bypass
- Frame Security emerged from stealth with $50M to expand its awareness and training platform amid rising demand for human-layer defenses – Frame Security
Threat Activity
- A new GhostLock tool abuses the Windows API to block file access, signaling more disruptive post-compromise capabilities – GhostLock Tool
- A UK water company reportedly allowed attackers to lurk undetected for nearly two years, according to a regulator finding – UK Water Lurk