Cyber Security News

Hacking Editorial Brief: May 19, 2026

Active Exploitation and Zero-Day Activity

Microsoft disclosed CVE-2026-42897, an Exchange Server zero-day vulnerability affecting Outlook Web Access that has been actively exploited to execute arbitrary JavaScript in targeted attacks. Separately, Google researchers identified a criminal zero-day exploit targeting a popular open-source web administration tool to bypass two-factor authentication—notably, the exploit appears to have been developed using AI techniques. In the industrial sector, CVE-2026-8153 affects Universal Robots PolyScope 5 systems, presenting a critical risk to industrial robot fleets. Microsoft's May 2026 Patch Tuesday addressed 130 vulnerabilities including 30 critical flaws spanning Windows, Office, SharePoint, and DNS components.

Ransomware and Data Breach Campaigns

Foxconn confirmed a suspected ransomware attack impacting North American facilities, with the threat group 'Nitrogen' claiming exfiltration of over 8 terabytes of data. The education technology platform Canvas/Instructure experienced a significant breach attributed to threat actor ShinyHunters, highlighting growing cyber risk in the higher education sector. In cryptocurrency, Ecoprotocol suffered a $76.7 million hack traced to a private key leak according to analysis from Beosin. Meanwhile, the Islamic Cyber Resistance in Iraq-313 Team claimed responsibility for DDoS attacks causing widespread Spotify service disruptions, and CISA updated its DarkSide ransomware advisory with new indicators of compromise to assist network defenders.

Sources: SecurityWeek · SecurityWeek · Help Net Security · Cybersecurity Dive · Binance · SC Media · The Cyber Express · CISA