May 13, 2026 · #55 episode artwork

EPISODE · May 13, 2026 · 4 MIN

May 13, 2026 · #55

from Security Brief Daily · host Security Brief Daily

Episode 55 — 13 May 2026 1. Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator Source: Bleeping Computer Fortinet has released security updates to address two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code on unpatched systems. The first one, tracked as CVE-2026-44277, impacts the company's... 2. SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA Source: Bleeping Computer SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in Commerce Cloud and S/4HANA. Commerce Cloud is an enterprise-grade e-commerce platform used by online stores owned by large retailers and... 3. New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution Source: The Hacker News Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and... 4. Signal adds security warnings for social engineering, phishing attacks Source: Bleeping Computer Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud. The purpose is to introduce enough friction that users get the time to evaluate the safety... 5. UK fines water supplier $1.3M for exposing data of 664k customers Source: Bleeping Computer The Information Commissioner's Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the personal data of 663,887 customers and employees. The company supplies 330 million liters of... 6. Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation Source: The Hacker News Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for... 7. RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded Source: The Hacker News RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on RubyGems right now," Maciej Mensfeld, senior... 8. New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots Source: The Hacker News Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking...

Episode 55 — 13 May 2026 1. Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator Source: Bleeping Computer Fortinet has released security updates to address two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code on unpatched systems. The first one, tracked as CVE-2026-44277, impacts the company's... 2. SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA Source: Bleeping Computer SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in Commerce Cloud and S/4HANA. Commerce Cloud is an enterprise-grade e-commerce platform used by online stores owned by large retailers and... 3. New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution Source: The Hacker News Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and... 4. Signal adds security warnings for social engineering, phishing attacks Source: Bleeping Computer Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud. The purpose is to introduce enough friction that users get the time to evaluate the safety... 5. UK fines water supplier $1.3M for exposing data of 664k customers Source: Bleeping Computer The Information Commissioner's Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the personal data of 663,887 customers and employees. The company supplies 330 million liters of... 6. Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation Source: The Hacker News Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for... 7. RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded Source: The Hacker News RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on RubyGems right now," Maciej Mensfeld, senior... 8. New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots Source: The Hacker News Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking...

NOW PLAYING

May 13, 2026 · #55

0:00 4:13

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Brief Daily?

This episode is 4 minutes long.

When was this Security Brief Daily episode published?

This episode was published on May 13, 2026.

What is this episode about?

Episode 55 — 13 May 2026 1. Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator Source: Bleeping Computer Fortinet has released security updates to address two critical vulnerabilities in FortiSandbox and...

Can I download this Security Brief Daily episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!