Latest news as of 5/20/2026, 3:27:08 AM
Dark Reading
A brief overview of the forces at play that will get more organizations on board with creating and consuming AI bill of materials (BOMs).
Bleeping Computer
A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers. [...]
Dark Reading
Verizon's "2026 Data Breach Investigations Report" ("DBIR") finds that exploits are now involved in 31% of initial access for breaches, while patching lags too far behind the bad guys.
The Register
'Thousands' of US victims, including 12+ machines owned and operated by Redmond
Bleeping Computer
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs and other cybercriminals. [...]
Dark Reading
YellowKey, GreenPlasma, and MiniPlasma add to the growing list of vulnerabilities a security researcher disclosed over the past six weeks.
Bleeping Computer
Discord announced that all voice and video calls through the communication platform are now protected by default with end-to-end encryption (E2EE). [...]
Dark Reading
The agency's GitHub repository, publicly available since November 2025, was ironically named "Private-CISA."
Bleeping Computer
The FBI says Americans have lost over $388 million last year to scams using cryptocurrency kiosks, also known as crypto ATMs or Bitcoin ATMs. [...]
Bleeping Computer
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. [...]