A hacker returned $8.5 million in Ethereum to the Verus team following a cross-chain bridge exploit and subsequent negotiations. The attacker retained $2.8 million as a bounty payment, sparking debate about the implications of these white-hat deals in decentralized finance.
https://databreaches.net/2026/05/22/verus-hacker-returns-8-5m-after-bridge-exploit-deal/

Radiology Associates of Richmond has disclosed a second data breach affecting 266,183 people, following a larger incident in 2024 that impacted 1.4 million patients. Critical details regarding the cause of these breaches, the specific information compromised, and potential ransom payments remain undisclosed by the practice.
https://databreaches.net/2026/05/22/radiology-associates-of-richmond-discloses-second-data-breach-266k-people-affected/

The Las Vegas casino giant Station Casinos has officially confirmed a cybersecurity breach that occurred on March 5, 2026, following an unauthorized system intrusion. While the company disclosed the incident in a regulatory filing, the specific scope of the breach and the total number of affected individuals remain unknown.
https://cybernews.com/security/station-casinos-data-breach-las-vegas-hacking/

Indian education sector data is being weaponized by threat actors to conduct highly targeted phishing, social engineering, and financial fraud against students. Criminals exploit security gaps in universities and EdTech platforms to steal sensitive records, which are then sold on the dark web to facilitate convincing, data-driven scams.
https://cybersecuritynews.com/indian-student-data-weaponized-for-phishing/

Google inadvertently exposed details of a Chromium vulnerability that allows for remote code execution by keeping malicious JavaScript running in the background even after the browser is closed. This unfixed security flaw impacts all Chromium-based browsers and poses a significant risk as it enables attackers to potentially create stealthy botnets.
https://www.bleepingcomputer.com/news/security/google-accidentally-exposed-details-of-unfixed-chromium-flaw/

CVE-2026-40369 is a critical 12-byte kernel write vulnerability in nt!ExpGetProcessInformation that enables attackers to escape browser sandboxes and escalate privileges to NT AUTHORITY\SYSTEM. By exploiting an unchecked pointer in NtQuerySystemInformation, researchers can bypass security features to forge a system token and execute arbitrary code.
https://voidsec.com/cve-2026-40369-browser-sandbox-escape/

Bugcrowd has launched Reinforcement Learning Environments to enable AI models to train on real software vulnerabilities rather than synthetic data. The platform also includes ExploitBench, a framework designed to measure the exploit-development capabilities of these AI agents.
https://siliconangle.com/2026/05/21/bugcrowd-launches-reinforcement-learning-environments-train-ai-real-software-vulnerabilities/

A study by Aikido Security reveals that deleted Google API keys remain active for up to 23 minutes due to eventual consistency in the company's authentication infrastructure. This delay allows attackers to potentially access GCP, Gemini, BigQuery, and Maps data even after a key has been revoked.
https://hackread.com/deleted-google-api-keys-active-23-minutes/

The security team at Calif successfully developed a macOS kernel memory corruption exploit for M5 silicon in just five days by leveraging Anthropic Mythos to bypass Apple's Memory Integrity Enforcement (MIE). This discovery highlights how the combination of AI models and human expertise can rapidly identify vulnerabilities in advanced security mitigations.
https://9to5mac.com/2026/05/14/calif-team-details-how-anthropic-mythos-helped-build-a-working-macos-exploit-in-five-days/

The threat actor TeamPCP successfully breached approximately 3,800 internal GitHub repositories by utilizing a poisoned VS Code extension. The group is actively selling the stolen source code for $50,000.
https://www.secureblink.com/cyber-security-news/3-800-git-hub-repos-breached-via-poisoned-vs-code-extension-by-team-pcp