Summary
During the week of May 18–25, 2026, there were 18 advisories and 23 incidents impacting over 2 million individuals. Healthcare is the hardest-hit industry and the Matferline breach (703,000 student records) is the largest incident. Key threats are actively exploited vulnerabilities in NGINX, Drupal, Microsoft Defender, and ASUS routers, alongs supply chain attacks on Laravel-Lang and NPM packages, and ransomware incidents affecting schools, hospitality, and financial firms.
Take Action:
Patch Chrome/Chromium browsers immediately (two critical flaws plus others affecting Edge, Opera, Brave, Vivaldi) and audit any builds using @antv, echarts-for-react, or Laravel-Lang Composer packages from May 19–22, 2026 onward, since these supply-chain compromises may have already stolen CI/CD credentials. Also prioritize patching NGINX, Drupal, and Trend Micro Apex One — all actively exploited and commonly found in public-facing platform stacks.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)