Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers - including Apple, Google, Microsoft, Mozilla and Oracle - fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases. READ MORE...
Foxconn, the world's largest electronics manufacturer, says some of its North American factories are now working to resume normal operations after a cyberattack. The electronics giant has over 900,000 employees across over 240 campuses in 24 countries and reported revenues of over $260 billion in 2025. The company is ranked 28th in Fortune Global 500 and manufactures a wide range of electronic products for major tech companies worldwide, including Apple, Nvidia, Intel, and Google. READ MORE...
Hackers stole the personal information of 716,000 individuals during a January 2026 intrusion at telehealth platform OpenLoop Health. The incident was initially disclosed to the relevant authorities in March, but the number of impacted individuals was added to the US Department of Health and Human Services' breach portal only this week. According to notification letters OpenLoop Health filed with the Attorney General's Offices in California and Texas. READ MORE...
Threat actors in Latin America have begun to use AI agents to facilitate their entire attack chains, from assisting with initial access to generating penetration tools on the fly - and organizations need to prepare accordingly. Trend Micro's TrendAI Research team yesterday published research concerning two threat actors in the region using AI agents - and specifically vibe-coded hacking, or "vibe-hacking" - to compromise government organizations and other entities. READ MORE...
Only Siemens, Schneider Electric, CISA, and CERT@VDE have published new ICS security advisories for the May 2026 Patch Tuesday. Siemens has published 18 new security advisories, and several of them describe critical vulnerabilities. Schneider Electric has published four new advisories. CISA has published advisories for several ABB product vulnerabilities over the past two weeks. Germany's CERT@VDE published a new advisory to describe a medium-severity DoS flaw in Codesys Modbus. READ MORE...
Intel and AMD have released over two dozen advisories on May 2026 Patch Tuesday, addressing 70 vulnerabilities across their product portfolios. Intel published 13 advisories describing 24 security defects, including one critical and eight high-severity flaws. The critical bug, tracked as CVE-2026-20794 (CVSS score of 9.3), is described as a buffer overflow issue in the Data Center Graphics Driver for VMware ESXi software. READ MORE...
A US commercial bank just tattled on itself to the Securities and Exchange Commission (SEC) for plugging a bunch of customer data into an unauthorized AI application. Community Bank, which operates in southwestern Pennsylvania, Ohio, and West Virginia, filed an 8-K with the regulator on Monday, saying it launched an investigation into the internal cockup, which remains ongoing. It felt compelled to submit the filing "due to the volume and sensitive nature of the non-public information." READ MORE...
In the US, fired and laid-off workers often have their digital credentials deactivated before they learn about the loss of their jobs, indeed, the inability to log in to a corporate system may be the first an employee knows of the situation. Although not a generous or humane approach to staff reduction, it does follow from the simple fact that a fired employee with access to company systems is a security risk. READ MORE...