Explainers

AI Daily Briefing - May 20, 2026

Your AI morning briefing for May 20, 2026 — the top stories you need to know.

Threat Digest 2 min read
Threat Digest Daily Briefing — May 20, 2026

AI Daily Briefing

  • NYC Health Data Breach: Biometrics, Bank Details Exposed: A months-long breach at NYC Health + Hospitals has compromised the data of 1.8 million people, exposing everything from medical histories to biometric identifiers.
  • Android Ad Fraud Hits 659M Daily Bid Requests: Android users were unwittingly ensnared by Trapdoor, a massive ad fraud scheme. This operation masqueraded as utility apps, spiraling into millions of fraudulent ad requests daily.
  • SEPPMail Gateway Flaws Open Door to RCE, Mail Snooping [10.0 CVSS]: Forget incremental updates. SEPPMail Secure E-Mail Gateway just dropped a bomb, revealing a cascade of vulnerabilities that could let attackers not just peek, but take the keys to your entire email kingdom. We’re talking remote code execution and unfettered access to every message flowing through your enterprise. This isn’t just a patch; it’s a seismic shift in how we need to think about email gateway security.
  • GhostTree: Windows Path Manipulation [New Exploit]: Ever wonder why that antivirus scan takes forever? Turns out, a clever trick with Windows file paths might be the culprit, letting attackers hide in plain sight. Welcome to GhostTree.
  • Nx Console Hijacked: VS Code Developers Targeted: They say developers are paranoid. Turns out, they’re right. A popular VS Code extension, Nx Console, just became the latest vector for a sophisticated credential stealer.
  • Fox Tempest: How Malware Found a Legitimate Address: Ever wonder how malware slips past your defenses, looking utterly legitimate? It turns out there’s a whole underground industry dedicated to giving it a convincing digital handshake. Fox Tempest, a cybercrime-as-a-service provider, was just busted for doing exactly that, and the implications are chilling.
  • Windows Update Failures Hit Restricted Networks [2026]: Restricted Windows networks are facing update failures after January’s non-security preview. Microsoft’s workaround is here, but it highlights ongoing network update woes.
  • GitHub Breach: TeamPCP Lists 4,000 Repositories For Sale: GitHub’s internal source code is reportedly up for grabs on the dark web, and the company’s scrambling to figure out what happened. This latest incident highlights the ever-present danger lurking in the supply chain.
Written by
Threat Digest

Daily briefing by Threat Digest

More in Explainers →

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Related Stories

📬

Stay in the loop

The week's most important stories from Threat Digest, delivered once a week.

No spam. Unsubscribe any time.