🔴 Critical Zero-Day Vulnerabilities
1. Microsoft Defender Zero-Days Actively Exploited — Two new Microsoft Defender vulnerabilities (CVE-2026-45498 and CVE-2026-33825) are being exploited in the wild. CISA warns these are on its KEV catalog with a federal patch deadline of June 3. CVE-2026-33825 "BlueHammer" grants full system access and is already causing denial-of-service attacks (Forbes, Reddit, SecurityWeek)
2. AI EDR Auto-Stop of Zero-Day Attack — SentinelOne's AI-powered EDR autonomously discovered and stopped an attack where Anthropic's Claude AI was being used to execute a zero-day supply chain attack globally (SentinelOne Blog)
🤖 AI-Enabled Cyber Attacks
3. US Congress Warned of AI Attacks on Schools — A senior technology figure warned the U.S. Congress of a rapid rise in AI-enabled cyber attacks targeting schools and educational institutions. Attackers are using AI to automate vulnerability discovery and craft targeted phishing campaigns (AML Intelligence)
4. 97.7% of Organizations Use EDR — New Bitdefender research reveals that 97.7% of respondents use endpoint detection and response (EDR) as a baseline security tool. This remains table stakes security despite the evolving threat landscape (Security Boulevard)
💥 Major Data Breaches
5. Buffalo Convention Center Ransomware Attack — The Akira ransomware group targeted the Buffalo Convention Center. The nature and quantity of data compromised is being assessed, but this adds to the growing list of 2026 breaches (SharkStriker)
6. Canvas Learning Platform Breach — The ShinyHunters hacking group claimed responsibility for stealing 3.65 terabytes of data from approximately 275 million users of the Canvas learning management system, including private student messages and research data (NPR, Wikipedia)
🎯 Key Threat Intelligence
7. AI as Dual Threat — Industry experts now recognize AI as a dual threat: it acts as a force multiplier for cyberattacks while simultaneously introducing a new attack surface. Over 90 organizations had legitimate AI tools compromised in recent attacks (CrowdStrike Global Threat Report)
8. 2,090 Cyber Attacks Per Week — The average number of cyber attacks has increased to 2,090 per week, a 17% increase from previous years. The average cost of a data breach has risen to USD 4.88 million (SentinelOne)