Cyber Security News

Hacking Brief: May 15, 2026

North Korean state-linked hackers continue aggressive financial and espionage campaigns, with new reporting confirming $2.02 billion in digital asset theft during 2025—a 51% increase from the previous year. Separately, a DPRK military intelligence-linked group is actively conducting spear phishing operations, impersonating defense officials and police to target security policy figures. The tactics demonstrate North Korea's dual focus on revenue generation through cryptocurrency theft and intelligence collection through social engineering.

Manufacturing giant Foxconn confirmed a breach by the Nitrogen ransomware group affecting its North American facilities, with attackers claiming exfiltration of 8TB of data including sensitive files related to Intel, Apple, and Nvidia projects. The company reports affected plants are gradually returning to normal operations. Meanwhile, Russian-linked threat actors are conducting multiple operations: one group is targeting Signal users with fake security alerts and phishing attacks, while Italian authorities investigate suspected Russian hacker involvement in a maritime security incident involving hidden devices on ferries. Pro-Iran hacktivist group Islamic Cyber Resistance in Iraq – 313 Team claimed responsibility for DDoS attacks against Spotify's infrastructure.

In other security research, Google's Threat Intelligence Group reported discovering and likely thwarting a zero-day vulnerability developed with AI assistance that was being prepared for mass exploitation. At Pwn2Own Berlin 2026, researchers successfully compromised Windows 11 three times and Microsoft Edge, demonstrating current vulnerabilities in widely deployed Microsoft platforms.

Sources: Decode39 · SecurityBrief · UPI · Mezha · Bleeping Computer · CNBC · Silicon Republic · Yahoo