MUST READ

OpenAI hit by supply chain attack linked to malicious TanStack packages

 | 

Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K

 | 

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day

 | 

Ghostwriter group resumes attacks on Ukrainian Government targets

 | 

Researchers uncover YellowKey and GreenPlasma Windows Zero-Days

 | 

Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall

 | 

U.S. CISA adds a flaw in Cisco Catalyst SD-WAN  to its Known Exploited Vulnerabilities catalog

 | 

Linux Kernel bug Fragnesia allows local root access attacks

 | 

Broadcom releases VMware Fusion security update for root access bug

 | 

NGINX Rift: an 18-year-old flaw in the world's most deployed web server just came to light

 | 

FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign

 | 

Nitrogen Ransomware claims massive data theft from Foxconn

 | 

Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming

 | 

OpenLoop Health confirms January 2026 Data breach affecting 716,000

 | 

Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations

 | 

Instructure settles with hackers following massive student data theft

 | 

Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator

 | 

Hackers accessed BWH Hotels reservation system for months

 | 

The world's most "Dangerous" AI, Anthropic’s Mythos, found only one flaw in curl

 | 

Attackers exploit cPanel CVE-2026-41940 to deploy Filemanager Backdoor

 | 

Mini Shai-Hulud

Pierluigi Paganini May 16, 2026
OpenAI hit by supply chain attack linked to malicious TanStack packages

OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromised two employee devices and exposed credential material stored in internal source code repositories. The incident began after the TeamPCP hacking group abused weaknesses in the package publishing process […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

OpenAI hit by supply chain attack linked to malicious TanStack packages

Hacking / May 16, 2026

Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K

Security / May 15, 2026

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day

Security / May 15, 2026

Ghostwriter group resumes attacks on Ukrainian Government targets

APT / May 15, 2026

Researchers uncover YellowKey and GreenPlasma Windows Zero-Days

Hacking / May 15, 2026