[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"landing-weekly-brief":3,"landing-latest-briefs":11,"landing-red-vs-blue":27},{"weekLabel":4,"slug":5,"bullets":6},"Week of May 4 – May 10, 2026","2026-w19",[7,8,9,10],"- 🎓 **Canvas Crisis**: ShinyHunters breached Instructure's Canvas LMS affecting 9,000+ schools and 275M users during finals season","- 🔥 **Firewall Zero-Day**: Chinese state actors exploited critical Palo Alto Networks PAN-OS flaw for nearly a month","- 🤖 **AI Supply Chain**: Multiple vulnerabilities in AI coding tools (Claude, Gemini CLI, Cursor) enable code execution via malicious repos","- 🏥 **Healthcare Under Fire**: Major breaches hit medical labs, insurers, and transport networks across multiple countries",{"morning":12,"evening":20},{"edition":13,"date":14,"time":15,"title":16,"bullets":17,"severity":18,"link":19},"Morning Brief","May 14, 2026","07:30","ThreatNoir Morning Brief — May 14",[],"HIGH","\u002Freview\u002F2026-05-14\u002Fmorning",{"edition":21,"date":14,"time":22,"title":23,"bullets":24,"severity":25,"link":26},"Evening Brief","18:00","ThreatNoir Afternoon Brief — May 14",[],"MEDIUM","\u002Freview\u002F2026-05-14\u002Fafternoon",{"items":28},[29,36,42],{"title":30,"slug":31,"description":32,"durationLabel":33,"tone":34,"thumbnailUrl":35},"Critical Exim Flaw Hands Attackers Remote Code Execution","critical-exim-flaw-hands-attackers-remote-code-execution","A use-after-free vulnerability in Exim's TLS buffer handling allows unauthenticated remote code execution on versions 4.97-4.99.2 compiled with GnuTLS, affecting default packages on Debian and Ubuntu.","1:40","people","https:\u002F\u002Fcdn.threatnoir.com\u002Fshow\u002F2026-05-14\u002Fthumbnail.jpg",{"title":37,"slug":38,"description":39,"durationLabel":33,"tone":40,"thumbnailUrl":41},"Nitrogen Ransomware Hits Foxconn, Claims 8TB Stolen","nitrogen-ransomware-hits-foxconn-claims-8tb-stolen","Nitrogen ransomware operators breached Foxconn's North American facilities and exfiltrated 8TB of schematics from Apple, Google, Dell, and Nvidia before encrypting systems.","lock","https:\u002F\u002Fcdn.threatnoir.com\u002Fshow\u002F2026-05-13\u002Fthumbnail.jpg",{"title":43,"slug":44,"description":45,"durationLabel":33,"tone":46,"thumbnailUrl":47},"Checkmarx Jenkins Plugin Backdoored With Infostealer","checkmarx-jenkins-plugin-backdoored-with-infostealer","Attackers used stolen Trivy credentials to compromise the official Checkmarx Jenkins AST plugin on the marketplace, injecting an infostealer that harvested build pipeline credentials for at least a month.","skull","https:\u002F\u002Fcdn.threatnoir.com\u002Fshow\u002F2026-05-12\u002Fthumbnail.jpg"]