Summary
Between May 11–18, 2026, there were 18 vulnerability advisories and 16 cybersecurity incidents affecting roughly 839,000 individuals. Ransomware/malware driving most breaches and the OpenLoop Health breach (716,000 individuals) is the largest breach. Major issues include actively exploited zero-days (Cisco SD-WAN, Microsoft Exchange OWA) and critical patches from Adobe, Apple, Microsoft, SAP, and Fortinet.
Take Action:
If you installed any @tanstack/* packages on May 11, 2026, disable the dead-man's switch first (systemctl --user stop gh-token-monitor.service on Linux or unload the com.user.gh-token-monitor.plist LaunchAgent on macOS) and remove persistence hooks from .claude/ and .vscode/ directories before rotating any credentials. Revoking tokens first will trigger destruction of your home directory. Only after persistence is disabled should you rotate all secrets (GitHub, AWS, npm, SSH, Vault), block *.getsession.org at DNS, and pin GitHub Actions OIDC publishers to specific branches.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)