Application Security
InfoGuard Labs disclosed seven CVEs in SEPPmail Secure E-Mail Gateway including CVE-2026-2743 (CVSS 10.0 path traversal to full appliance takeover) and CVE-2026-44128 (unauthenticated Perl eval() RCE). Patched in 15.0.2.1, 15.0.3, and 15.0.4.
AI Security
CrowdStrike extended Falcon AIDR to Kubernetes AI workloads with a 180-technique taxonomy and 99% sub-30ms benchmark — making AI runtime security a five-vendor category.
AI Security
XBOW disclosed a CVSS 9.8 unauthenticated RCE in Exim — and used the seven-day window to race its autonomous LLM exploit pipeline against human researchers.
Cyber Attacks
Apache HTTP Server 2.4.66 ships with a double-free in mod_http2 — exploitable on default Debian builds and patched six days later in 2.4.67.
AI Security
OpenAI launched Daybreak on May 11, 2026 — an AI vulnerability discovery platform with three GPT-5.5 models and a 20+ partner roster including Cisco, Cloudflare, CrowdStrike, Palo Alto, Snyk, Tenable, and Rapid7. The AI defender market just formed.
Cyber Attacks
Microsoft confirmed active exploitation of CVE-2026-42897, a high-severity XSS zero-day in on-prem Exchange OWA, with no permanent patch — only EEMS mitigation. The eventual fix for Exchange 2016 and 2019 will only reach Period 2 ESU customers.
AI Security
Microsoft's MDASH AI found 16 of May's Patch Tuesday vulnerabilities, four critical. Palo Alto scanned its codebase with frontier models including Anthropic's Mythos and found 75 flaws across 26 CVEs. AI vulnerability discovery is now operational at vendor scale.
Cyber Attacks
Cisco disclosed a maximum-severity authentication bypass in Catalyst SD-WAN, actively exploited as a zero-day by UAT-8616 — the same actor that has targeted this service since 2023. CISA added it to KEV, and there are no workarounds.
Application Security
An autonomous AI was pointed at the NGINX source code and found a critical RCE that survived 18 years of human review — plus three more CVEs in the same six-hour session. NGINX runs a third of the internet's top sites. The discovery method is the bigger story.
Cyber Attacks
Foxconn confirmed a cyberattack on its North American factories. Nitrogen ransomware claims 8TB and 11M+ files including Apple, NVIDIA, Google, Intel, and Dell project documentation. Mount Pleasant AI server factory was offline for a week.
Application Security
Two page-cache write bugs chained for deterministic Linux root. Public exploit released after embargo break on May 7. AlmaLinux specifics matter; container workloads inherit host kernel exposure.
Application Security
WIRED's Andy Greenberg published an investigation on May 7, 2026 reporting that the Israeli cybersecurity firm RedAccess found roughly 380,000 publicly accessible web assets built with AI "vibe-coding" platforms — Lovable, Base44, Replit, and Netlify — of which around 5,000 exposed sensitive corporate data and another