[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1TiWFkLn-5AlO_nPNLNOy4BQ_1jbjv0m2ymIS5yilXE":3},{"items":4},[5,16,26,35,44,53,62,71,80],{"id":6,"week_label":7,"slug":8,"date_from":9,"date_to":10,"tldr":11,"article_count":12,"status":13,"created_at":14,"published_at":15},"442102e3-62a7-4aa2-9155-4ddab4d1518f","2026-W21","2026-w21","2026-05-18","2026-05-24","🔥 Supply chain attacks surge as AI accelerates both attack and defense capabilities\n🏦 Critical infrastructure faces elevated risks from NGINX RCE and power grid vulnerabilities\n🔓 BitLocker bypass and Microsoft Defender zero-days expose Windows security gaps\n💰 Ransomware groups target cybersecurity firms in retaliation campaigns\n🌍 Government databases in Uruguay and South Africa leak millions of citizen records\n⚡ Vulnerability exploitation overtakes credential theft as top breach vector for first time",52,"published","2026-05-24T05:14:18.840459+00:00","2026-05-24T05:12:43.509+00:00",{"id":17,"week_label":18,"slug":19,"date_from":20,"date_to":21,"tldr":22,"article_count":23,"status":13,"created_at":24,"published_at":25},"56cdf2df-7cc0-46cd-b126-8dd64b2b2bfe","2026-W20","2026-w20","2026-05-11","2026-05-17","🔗 Supply chain attacks hit new heights as TeamPCP weaponizes 400+ npm\u002FPyPI packages with self-propagating Shai-Hulud worm\n📱 Zero-day disclosures accelerate with Windows BitLocker bypass and privilege escalation flaws released publicly\n🏭 Critical infrastructure takes major hits with Foxconn ransomware and pharmaceutical company breaches\n🛠️ Major vendors rush patches for 200+ vulnerabilities across Microsoft, Adobe, SAP, and Fortinet products\n⚖️ Regulatory pressure increases with $12.75M GM settlement and new CISA CI Fortify initiative\n🤖 AI security emerges as frontier with vulnerabilities in OpenClaw, PraisonAI, and Hugging Face tokenizers",80,"2026-05-17T05:01:45.808157+00:00","2026-05-17T05:00:02.005+00:00",{"id":27,"week_label":28,"slug":29,"date_from":30,"date_to":31,"tldr":32,"article_count":23,"status":13,"created_at":33,"published_at":34},"424b09cb-061c-4cb1-8acc-839db0217ad1","2026-W19","2026-w19","2026-05-04","2026-05-10","- 🎓 **Canvas Crisis**: ShinyHunters breached Instructure's Canvas LMS affecting 9,000+ schools and 275M users during finals season\n- 🔥 **Firewall Zero-Day**: Chinese state actors exploited critical Palo Alto Networks PAN-OS flaw for nearly a month\n- 🤖 **AI Supply Chain**: Multiple vulnerabilities in AI coding tools (Claude, Gemini CLI, Cursor) enable code execution via malicious repos\n- 🏥 **Healthcare Under Fire**: Major breaches hit medical labs, insurers, and transport networks across multiple countries\n- 💳 **Financial Data Exposed**: Credit bureaus and banking institutions suffer massive credential theft campaigns\n- ☁️ **Cloud Turf Wars**: PCPJack malware evicts rival TeamPCP while stealing credentials from AWS, Docker, Kubernetes","2026-05-10T05:01:44.372261+00:00","2026-05-10T05:00:04.926+00:00",{"id":36,"week_label":37,"slug":38,"date_from":39,"date_to":40,"tldr":41,"article_count":23,"status":13,"created_at":42,"published_at":43},"a66f767c-d98d-4800-8cc0-86a1f9943fcf","2026-W18","2026-w18","2026-04-27","2026-05-03","🚨 Critical cPanel authentication bypass (CVE-2026-41940) under mass exploitation for ransomware deployment\n🔗 Supply chain attacks hit SAP packages and PyTorch Lightning, stealing developer credentials\n👮 Two US cybersecurity professionals sentenced to 4 years for conducting BlackCat ransomware attacks\n💳 30,000+ Facebook accounts compromised via Google AppSheet phishing operation\n🔍 Linux privilege escalation (CVE-2026-31431) added to CISA's known exploited vulnerabilities\n🤖 AI-powered phishing kits emerge with automated campaign generation capabilities","2026-05-03T07:36:12.240534+00:00","2026-05-03T07:34:47.6+00:00",{"id":45,"week_label":46,"slug":47,"date_from":48,"date_to":49,"tldr":50,"article_count":23,"status":13,"created_at":51,"published_at":52},"738f0b28-608e-400e-9b21-709d3819dec9","2026-W17","2026-w17","2026-04-20","2026-04-26","🔥 Supply chain attacks evolved with wormable npm malware targeting developer toolchains\n🛡️ Cisco firewalls compromised with persistent backdoors surviving firmware updates\n🎯 Nation-state actors industrializing botnets while exploiting home routers for corporate access\n📱 Mobile and AI threats expanding with fake wallet apps and prompt injection campaigns\n⚖️ Regulatory pressure mounting with DORA compliance and CISA emergency directives\n🏢 Major breaches hit telehealth, insurance, and government agencies across multiple countries","2026-04-26T07:59:12.542269+00:00","2026-04-26T07:59:38.626127+00:00",{"id":54,"week_label":55,"slug":56,"date_from":57,"date_to":58,"tldr":59,"article_count":23,"status":13,"created_at":60,"published_at":61},"d80a0a88-6825-43d0-8969-fc1e0988c746","2026-W16","2026-w16","2026-04-13","2026-04-19","🔥 Critical infrastructure under fire as water treatment malware surfaces, 13-year-old Apache bug exploits go wild, and North Korean infiltration schemes continue\n⚡ Zero-day exploitation accelerates with Windows Defender flaws actively used in attacks while law enforcement takes down 53 DDoS domains\n🏦 Major breaches cascade across sectors from Vercel's $2M ransom demand to France's 1.9M basketball federation records\n🛡️ Supply chain attacks multiply via GitHub malware distribution and compromised OAuth apps targeting developer workflows\n💰 Criminal markets evolve as threat actors pivot from disrupted phishing kits to sophisticated crypto theft operations\n🏛️ Regulatory pressure mounts with €200K+ GDPR fines for excessive monitoring and API security failures","2026-04-20T04:31:16.828337+00:00","2026-04-20T04:33:32.25+00:00",{"id":63,"week_label":64,"slug":65,"date_from":66,"date_to":67,"tldr":68,"article_count":23,"status":13,"created_at":69,"published_at":70},"636f9555-a97e-462d-82c9-750f423fd2a6","2026-W15","2026-w15","2026-04-06","2026-04-12","🚨 Mexican government breached at scale using Claude AI and ChatGPT to exfiltrate 195M tax records\n🎯 Adobe patches critical Reader zero-day exploited since November 2025 with APT connections\n⚡ Marimo RCE flaw weaponized within 10 hours of disclosure, showing acceleration of exploit timelines\n🏭 Iranian APTs confirmed inside US critical infrastructure with SCADA manipulation capabilities\n🔒 Chrome 146 deploys device-bound sessions to combat cookie theft attacks\n💰 Major ransomware week with multiple state\u002Flocal governments and healthcare providers hit\n🔧 Supply chain attacks surge: CPUID, Smart Slider 3 Pro, and W3LL phishing kit disrupted","2026-04-13T00:01:17.779321+00:00","2026-04-19T07:02:17.625+00:00",{"id":72,"week_label":73,"slug":74,"date_from":75,"date_to":76,"tldr":77,"article_count":23,"status":13,"created_at":78,"published_at":79},"39f54b36-d63e-4f43-9ed3-60f0a8233259","2026-W14","2026-w14","2026-03-30","2026-04-05","🔥 Critical week for supply chain attacks with React2Shell (CVE-2025-55182) exploited to harvest credentials from 766+ Next.js hosts\n🎯 North Korean UNC1069 compromised Axios npm maintainer via fake Teams call, injecting malware into packages with 100M weekly downloads\n🚨 European Commission breached via TeamPCP supply chain attack, exposing 92GB of data from 30+ EU entities\n💸 $285M DeFi heist attributed to North Korean hackers using sophisticated durable nonce social engineering\n🛡️ FortiClient EMS zero-day (CVE-2026-35616) actively exploited with emergency patches released\n⚠️ LinkedIn secretly scans 6,000+ browser extensions for competitive intelligence and user profiling\n🎭 Multiple ransomware groups (Qilin, Krybit) target government entities while threat actors sell initial access to critical infrastructure","2026-04-06T00:02:09.939987+00:00","2026-04-06T05:37:13.329+00:00",{"id":81,"week_label":82,"slug":83,"date_from":84,"date_to":85,"tldr":86,"article_count":23,"status":13,"created_at":87,"published_at":88},"32b3c064-102c-454f-9330-fd90820fc016","2026-W13","2026-w13","2026-03-23","2026-03-29","🚨 FBI Director Kash Patel's personal Gmail breached by Iran-linked Handala hackers in major retaliation operation\n🏛️ European Commission investigating 350GB data breach as ShinyHunters claims AWS infrastructure compromise\n📦 TeamPCP threat actors execute 50+ supply chain attacks in 8 days, targeting PyPI packages with steganography\n🔐 Critical Citrix NetScaler memory overread flaw (CVE-2026-3055) under active reconnaissance, echoing CitrixBleed risks\n⚡ F5 BIG-IP vulnerability (CVE-2025-53521) added to CISA's KEV catalog after confirmed exploitation in wild\n🛡️ Google accelerates post-quantum cryptography deadline to 2029 as quantum threats advance faster than expected\n📱 Apple pushes emergency alerts to outdated iPhones over active web-based iOS exploits targeting unpatched devices","2026-03-31T19:50:57.384076+00:00","2026-03-31T19:50:58.013459+00:00"]