X-twitter Facebook-f Pinterest-p
X-twitter Facebook-f Pinterest-p

Biggest Cyber Attacks, Data Breaches, Ransomware Attacks of May 2026


Date

Victim

Summary

Threat Actor

Business Impact

Source Link

May 1, 2026

Canonical (Ubuntu)

Ubuntu and Canonical services disrupted by DDoS attack claimed by hacktivists

313 Team (Islamic Cyber Resistance in Iraq)

A sustained DDoS attack disrupted Ubuntu and Canonical’s public-facing infrastructure, taking down key web services and security-related resources, which temporarily blocked users from accessing updates, documentation, and developer tools.

Ubuntu Cyber Attack

May 4, 2026

DigiCert

DigiCert revokes certificates after support portal hack

Unknown

DigiCert was hit in a social engineering attack that compromised its internal support portal, allowing attackers to fraudulently obtain code-signing certificates that were later used to sign malware, forcing the company to revoke affected certificates and contain the breach.

Source: Security Week

May 5, 2026

Taiwan High Speed Rail Corporation (THSRC)

Student hacked Taiwan high-speed rail to trigger emergency brakes

Lin (23-year-old university student)

A student breached Taiwan’s rail communication system and triggered false emergency alarms, forcing four high-speed trains to stop for 48 minutes, disrupting operations and exposing critical weaknesses in the railway’s radio security infrastructure.

Source: Bleeping Computer

May 6, 2026

Unnamed organisation

MuddyWater hackers use Chaos ransomware as a decoy in attacks

MuddyWater (Iran-linked APT)

MuddyWater infiltrated an organisation through Microsoft Teams social engineering, stole credentials and sensitive data, established long-term access, and used Chaos ransomware as a distraction to mask its espionage activity, increasing both data exposure and operational disruption risks.

Source: Bleeping Computer

May 6, 2026

DAEMON Tools (Disc Soft Limited)

DAEMON Tools devs confirm breach, release malware-free version

Unknown

DAEMON Tools confirmed that hackers had compromised its software build environment and distributed trojanized installers to thousands of users in over 100 countries, exposing infected systems to information theft, remote backdoor access, and deeper malware deployment through a supply-chain attack.

Source: Bleeping Computer

May 7, 2026

Multiple cloud infrastructure operators and exposed cloud service users

New PCPJack worm steals credentials, cleans TeamPCP infections

PCPJack operators (suspected former TeamPCP affiliate)

The PCPJack worm breached exposed cloud environments, stole sensitive credentials from services like Docker, Kubernetes, Redis, and MongoDB, moved laterally across networks, and established persistent access, increasing the risk of fraud, account takeover, and wider infrastructure compromise.

Source: Bleeping Computer

May 9, 2026

Hugging Face users and AI developers

Fake OpenAI repository on Hugging Face pushes infostealer malware

Unknown

Attackers used a fake OpenAI-themed repository on Hugging Face to distribute infostealer malware that stole browser credentials, crypto wallets, VPN logins, and developer secrets from infected systems, putting AI developers and researchers at risk of account compromise and financial theft.

Source: Bleeping Computer

May 13, 2026

Unnamed major South Korean electronics manufacturer

Iranian hackers targeted major South Korean electronics maker

MuddyWater (Seedworm / Static Kitten)

Iran-linked MuddyWater hackers infiltrated a major South Korean electronics manufacturer for nearly a week, stealing credentials and sensitive corporate data while establishing persistent access through stealthy espionage techniques that raised concerns over intellectual property theft and downstream supply-chain compromise.

Source: Bleeping Computer

May 14, 2026

OpenAI

OpenAI confirms security breach in TanStack supply chain attack

TeamPCP

OpenAI confirmed that a TanStack supply-chain attack compromised two employee devices and exposed limited internal credentials from source code repositories, forcing the company to rotate code-signing certificates and tighten deployment workflows, although no customer data or core systems were impacted.

Source: Bleeping Computer

May 17, 2026

Microsoft 365 users and organisations

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

Tycoon2FA phishing-as-a-service operators

Tycoon2FA operators hijacked Microsoft 365 accounts by abusing legitimate device-code authentication flows and Trustifi tracking links, allowing attackers to gain persistent access to victims’ emails, calendars, and cloud files without directly stealing passwords, which significantly increased the risk of business email compromise, espionage, and data theft across targeted organisations.

Source: Bleeping Computer

May 17, 2026

Grafana Labs customers

Grafana GitHub Token breach led to code injection attempts on customer repositories

Unknown

A compromised Grafana GitHub token was abused to attempt malicious code injections into customer repositories, creating serious supply-chain security risks that could have enabled attackers to distribute backdoored software, steal developer credentials, and compromise downstream enterprise environments.

Grafana GitHub token breach

May 19, 2026

Fox Tempest

Microsoft disrupts Fox Tempest malware signing service

Organisations targeted by Fox Tempest malware operations

Microsoft disrupted the Fox Tempest cybercrime operation that had been providing digitally signed malware to attackers, a tactic that helped malicious software bypass security defenses and enabled wider deployment of ransomware, credential theft, and other advanced cyber attacks against organisations worldwide.

Microsoft disrupted the Fox Tempest cyber crime disrupted by Microsoft

May 20, 2026

GitHub

GitHub confirms TeamPCP hack, says customers unaffected

TeamPCP

GitHub confirmed that TeamPCP hackers breached a limited internal environment connected to the broader TanStack supply-chain campaign, but said customer repositories and production systems remained secure, while the incident still heightened concerns over software supply-chain integrity and developer platform security.

Source: The Record

May 21, 2026

City of Aurora

Aurora lost $1.1M from city bank accounts after employee fell for phone scam, officials say

Unknown scam operators

The City of Aurora lost approximately $1.1 million after an employee was deceived through a phone-based social engineering scam that enabled attackers to gain access to city bank account information and fraudulently transfer public funds.

City of Aurora Cyber Attack

May 22, 2026

ZServers / criminal cyber infrastructure users

Netherlands seizes 800 servers of hosting firm enabling cyber attacks

Multiple cybercriminal groups using the hosting platform

Dutch authorities seized more than 800 servers linked to a bulletproof hosting provider that had allegedly supported ransomware gangs, malware operators, phishing campaigns, and other large-scale cybercriminal operations, disrupting infrastructure used to launch attacks worldwide and cutting off services relied upon by multiple threat actors.

Source: Bleeping Computer

May 23, 2026

Laravel developers and users of compromised lang packages

Laravel lang packages hijacked to deploy credential-stealing malware

Unknown

Attackers hijacked popular Laravel language packages to distribute credential-stealing malware, putting developers and organisations at risk of compromised systems, stolen authentication data, unauthorized cloud access, and broader software supply-chain attacks through infected development environments.

Source: Bleeping Computer

May 25, 2026

GitHub developers and repository users

Megalodon cyber attack on GitHub repositories spread malware to developers

Megalodon

The Megalodon cyber attack compromised GitHub repositories with malware-laced code and fake developer tools, exposing software developers to credential theft, device compromise, and potential downstream supply-chain attacks that could have impacted thousands of users and organisations.

Megalodon cyber attack on GitHub repositories

May 25, 2026

Software developers and organisations using compromised open-source packages

Supply Chain Trapdoor Malware Infects Developers Through Fake Open Source Packages

Unknown

Attackers distributed trapdoor malware through malicious open-source software packages, silently infecting developer environments and enabling credential theft, remote access, and potential supply-chain compromises that could have spread malware into enterprise applications and customer systems.

Source: Cybersecurity News

May 25, 2026

South Africa’s State Information Technology Agency (SITA)

SITA dismisses cyber attack claims after hacktivist group targets government systems

Anonymous Sudan-linked hacktivist group

A hacktivist group claimed responsibility for cyber attacks targeting South African government systems linked to SITA, raising concerns over potential service disruptions and national digital infrastructure security, although officials stated that core government systems remained operational and uncompromised.

Source: news24.com/southafrica

May 25, 2026

Laravel developers and users of compromised lang packages

Laravel lang packages hijacked to deploy credential-stealing malware

Unknown

Attackers hijacked popular Laravel language packages to distribute credential-stealing malware, putting developers and organisations at risk of compromised systems, stolen authentication data, unauthorised cloud access, and broader software supply-chain attacks through infected development environments.

Source: Security Week

May 27, 2026

Internet users and organisations searching for software tools online 

GPU mining malware spreads via SEO poisoning, AI chatbots 

Unknown

Attackers spread GPU mining malware through SEO poisoning campaigns and manipulated AI chatbot search results, tricking users into downloading malicious software that hijacked system resources for cryptocurrency mining and exposed infected devices to further compromise and unauthorized access. 

Source: Bleeping Computer 

May 28, 2026

Android users and mobile banking customers 

BTMOB Android malware service generates custom phishing payloads 

BTMOB Operators 

The BTMOB malware-as-a-service platform enabled cybercriminals to generate custom Android phishing payloads that stole banking credentials, intercepted SMS messages, and compromised mobile devices, increasing the risk of financial fraud and large-scale credential theft campaigns targeting Android users. 

Source: Bleeping Computer 

May 28, 2026

Organisations and users targeted by GreyVibe campaigns 

GreyVibe hackers use ChatGPT, Gemini to power cyber attacks 

 GreyVibe 

The GreyVibe hacking group leveraged AI tools such as ChatGPT and Gemini to automate phishing, malware development, and social engineering attacks, increasing the speed, scale, and sophistication of cyber campaigns targeting organisations and online users. 

Source: Bleeping Computer 

May 30, 2026

CBSE revaluation portal 

CBSE revaluation portal hit by cyber attack; around 50 students affected  

Unknown

A cyber attack on the CBSE revaluation portal disrupted student access and allegedly altered revaluation related records affecting around 50 students and causing confusion during the answer sheet review process. 

Source: Bleeping Computer 





Source link

Leave a Reply

Subscribe to Our Newsletter

Get our latest articles delivered straight to your inbox. No spam, we promise.

It’s not just you. Research says people don’t like overtly friendly AI chatbots

Biggest Cyber Attacks, Data Breaches, Ransomware Attacks of May 2026

Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

3 gritty Prime Video shows to watch this weekend (May 1

Biggest Cyber Attacks, Data Breaches, Ransomware Attacks of May 2026

Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

3 more gripping HBO Max documentaries to watch this weekend (May 29-31)

Biggest Cyber Attacks, Data Breaches, Ransomware Attacks of May 2026

Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

Recent Reviews

3 gritty Prime Video shows to watch this weekend (May 1


When it comes to content, there’s little I love more than a good, gritty crime drama. From their dark, cynical, often realistic portrayals of criminal underworlds, violence, and justice systems to their heavily flawed, obsessed, anti-hero protagonists and intense, gritty tones, it all sucks us in, and it’s why we can’t look away. These types of criminal shows have carved out a powerful space in television by refusing to glamorize the worlds they depict and being willing to confront uncomfortable truths.

This weekend on Amazon Prime Video in the U.S., we’re exploring three immensely popular, critically acclaimed criminal shows that will hook you from the get-go with their honesty, and my top pick is a must-see that reinvented the police procedural genre.

3

City on a Hill

A Wire-like look at corruption, race, and justice

Based on a story by Ben Affleck and author Charlie MacLean, the underrated crime drama City on a Hill revisits a charged moment in Massachusetts history known as The Boston Miracle. For 18 months in the mid-90s, gang-related violence dropped 63% as the result of a community-wide initiative developed in collaboration with the Boston Police Department, street workers, juvenile corrections officers, churches, and neighborhood programs. Kevin Bacon (Footloose), Aldis Hodge (Cross), and Jonathan Tucker (Kingdom) headline the cast.

Set in early 1990s Boston, corruption, violent criminals, and racism are normal parts of life, and to make matters worse, they’re backed by local law enforcement agencies. The series focuses on an unlikely alliance between hardened, corrupt, charismatic FBI agent Jackie Rohr (Bacon) and idealistic Assistant District Attorney Decourcy Ward (Hodge) as they work together to navigate the city and take down a family of armored car thieves, aiming to overhaul the broken criminal justice system.



















Quiz
8 Questions · Test Your Knowledge

Prime Video movies
Trivia challenge

From thrillers to tearjerkers — see how well you know these Amazon Prime Video films.

DramaThrillerTrue StoryComedySports

In Crime 101, what profession does the main character use as cover while pulling off elaborate heists?

That’s right! The protagonist poses as a real estate agent, using the job’s access and mobility as a convenient front for criminal activity. The film plays with how ordinary professions can mask extraordinary deception.

Not quite — the correct answer is real estate agent. The film uses this cover cleverly, showing how a respectable-seeming profession can provide the perfect camouflage for a career criminal operating in plain sight.

In Saltburn, which prestigious English university does protagonist Oliver Quick attend when he befriends Felix Catton?

Correct! Oliver and Felix meet at Oxford, where the stark class divide between scholarship student Oliver and the aristocratic Felix is immediately established. That university setting is crucial to the film’s themes of privilege and obsession.

Not quite — it’s Oxford where Oliver and Felix first cross paths. Director Emerald Fennell deliberately chose Oxford’s world of old money and social stratification to set up the film’s exploration of class envy and manipulation.

In The Tender Bar, based on J.R. Moehringer’s memoir, who plays Uncle Charlie, the bartender who becomes a father figure to young J.R.?

Spot on! Ben Affleck plays the warm and charismatic Uncle Charlie, earning considerable praise for the role. Affleck’s performance was seen as one of the film’s greatest strengths, bringing real depth to a man who shapes a fatherless boy’s entire worldview.

The correct answer is Ben Affleck. His portrayal of Uncle Charlie was widely praised as a career highlight, capturing the rough charm of a bartender who becomes the most important male role model in J.R.’s life.

In the 2024 Prime Video remake of Road House, who plays ex-UFC fighter Elwood Dalton, the new bouncer at a Florida Keys roadhouse?

That’s right! Jake Gyllenhaal steps into the role made famous by Patrick Swayze, playing a disgraced MMA fighter hired to clean up a rowdy bar in the Florida Keys. Gyllenhaal underwent intense physical training to prepare for the action-heavy role.

The correct answer is Jake Gyllenhaal. He took on the iconic role previously played by Patrick Swayze in the 1989 original, with the remake shifting the setting from Missouri to the Florida Keys and updating the protagonist’s fighting background to MMA.

Thirteen Lives depicts the dramatic 2018 rescue of a youth soccer team trapped in a cave in which country?

Correct! The film recreates the harrowing rescue of the Wild Boars youth soccer team from the Tham Luang cave in Thailand. The real-life operation captivated the world and involved expert cave divers from across the globe.

The answer is Thailand. The real rescue took place in the Tham Luang Nang Non cave in Chiang Rai province, where 12 boys and their coach were trapped for 18 days before a multinational team of divers managed to bring them all out safely.

In Manchester by the Sea, what unexpected event forces Lee Chandler to return to his hometown and become guardian of his teenage nephew?

That’s right! Lee’s brother Joe dies suddenly from congestive heart failure, pulling Lee back to a town filled with painful memories. Casey Affleck won the Academy Award for Best Actor for his portrayal of the grief-stricken, emotionally closed-off Lee.

Not quite — Lee returns because his brother Joe dies of congestive heart failure. The film, written and directed by Kenneth Lonergan, won two Academy Awards including Best Original Screenplay, and is celebrated for its unflinching portrayal of grief and guilt.

In American Fiction, what pen name does frustrated author Thelonious ‘Monk’ Ellison use when he writes a satirical novel pandering to racial stereotypes?

Correct! Monk writes his outrageous satirical manuscript under the pseudonym Stagg R. Leigh, a name that itself plays on stereotypes. The film, based on Percival Everett’s novel Erasure, won Cord Jefferson the Academy Award for Best Adapted Screenplay.

The pen name Monk uses is Stagg R. Leigh. The choice of pseudonym is itself part of the satire — a name loaded with cultural baggage. Jeffrey Wright received an Academy Award nomination for Best Actor for his nuanced portrayal of Monk.

In Air, the film about Nike signing Michael Jordan, which actress plays Jordan’s mother Deloris, who plays a pivotal role in negotiating his landmark deal?

That’s right! Viola Davis plays Deloris Jordan with commanding presence, portraying her as the savvy negotiator who helped secure the revolutionary contract that gave Michael unprecedented royalties. The real Deloris Jordan is widely credited with shaping the deal that changed sports marketing forever.

The correct answer is Viola Davis. She received widespread praise for capturing the intelligence and determination of Deloris Jordan, whose behind-the-scenes negotiations were instrumental in creating the Air Jordan brand that would go on to generate billions of dollars.

Challenge Complete

Your Score

/ 8

Thanks for playing!

Expect a thick atmosphere of 90s Boston authenticity, compelling power dynamics, character-driven narratives, and exceptional acting, particularly from Bacon, who gives a career-best performance. The show offers a serious, slow-burn exploration of one city’s criminal justice system while blending police corruption with family drama and social issues. Though fictionalized, it’s a fascinating look at Boston’s transition from a corrupt era to a new system and is executive produced by Affleck and Matt Damon.

2

River

A traditional “whodunit” investigation

Boasting a perfect critics’ score on Rotten Tomatoes, River is a six-part British police procedural and psychological crime drama about a haunted detective investigating his partner’s murder while also struggling with his mental health. Stellan Skarsgård (Good Will Hunting) and Nicola Walker (Unforgotten) star.

Detective Inspector John River (Skarsgård) is brilliant at what he does, but his fractured mind keeps him trapped between the living and the dead, haunted by “manifests,” or visions of murder victims, including his recently deceased partner, Stevie. Under enormous pressure from the media and psychiatric evaluation for his hallucinations, River works hard to navigate his guilt and, in the process, discovers the shocking truth about Stevie’s death.

Unlike typical crime shows, River focuses heavily on its protagonist’s mental states in the wake of his criminal experiences. The slow-burn, dramatic crime thriller is characterized by intense psychological scenes, a traditional “whodunit” investigation, and a masterful performance from Skarsgård. Expect a deeply human study of loss with smart writing, a genuinely creepy atmosphere, and a unique, emotional take on the police procedural drama.

1

The Shield

One of the best cop shows ever made

One of this century’s best crime dramas, The Shield is a multi-Golden Globe and Primetime Emmy Award winner. Michael Chiklis (The Commish), Walton Goggins (The White Lotus), Kenny Johnson (Ray), and Michael Jace (The Replacements) star alongside an enormous cast that includes Forest Whitaker, Katey Sagal, Kurt Sutter, CCH Pounder, Glenn Close, Benito Martinez, and more.

The hit FX show follows the corrupt activities of rogue cop Vic Mackey (Chiklis) in an experimental criminal division task force of the Los Angeles Police Department. He’ll go to any lengths to take down the criminals he and his team are chasing, including breaking the law and working with other criminals, and eventually he ropes his team into doing the same. Everything is set in a district rife with gang-related violence, drug trafficking, and prostitution.

Highly regarded for reinventing the police procedural and setting the standard for modern anti-hero dramas, the show paved the way for “prestige” television on basic cable with its raw, unflinching tone full of twists and thrills that explores the fine line between right and wrong. Over the course of 88 episodes, you’ll experience fast-paced action, moral ambiguity, high-stakes tension, and more riveting, gritty crime drama in one continuously solid storyline than you can stand. When viewing turns to obsession, don’t say I didn’t warn you. This one is a true gem.

Each of these hit criminal shows stands out for its realism and complexity, offering a much darker, thought-provoking take on crime storytelling that burrows into our brains and leaves us craving more. The platform has plenty of excellent crime dramas to choose from, so once you finish these three, stick around and see what else is there to transport you to the criminal underworld. Before you leave, though, be sure to check out everything coming to Prime Video in May 2026.

The Prime Video logo.

Subscription with ads

Yes, via Prime membership or $9/month

Simultaneous streams

3




Source link

New Deep#Door RAT uses stealth and persistence to target Windows

Trellix discloses the breach of a code repository

Two US cybersecurity experts sentenced in ransomware case, third awaits July ruling

Copyright © 2024 All Rights Reserved.