Weekly Tech Digest | 22 May 2026

Weekly Tech Digest – 22-05-2026


The tech world never sleeps, and this week is no exception. From data breaches to the latest in cybersecurity, there’s plenty to unpack. Here’s a roundup of the most pressing stories that have emerged recently.

[Virtual Event] Anatomy of a Data Breach: What to Do if it Happens to You

This virtual event aims to equip attendees with knowledge on handling data breaches effectively.

Infosecurity Europe

Infosecurity Europe is set to showcase the latest innovations and discussions in the field of information security.

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks.

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after a contractor published sensitive agency secrets on a public GitHub account.

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

The Belarus-aligned threat actor known as Ghostwriter has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organisations in the country.

  • Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

    This attack highlights ongoing cyber threats to Ukrainian governmental structures.

Akamai Joins Growing Chorus of Vendors Betting Big on Secure Enterprise Browsers

Akamai’s recent acquisition of LayerX marks its entry into the secure enterprise browser market, joining a trend among vendors.

Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks

The 2026 Data Breach Investigations Report (DBIR) reveals that while ransomware and vendor breaches continue, the healthcare sector is adapting to evolving social engineering tactics.

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window.

Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective

This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for.

Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks

The U.S. Department of Justice (DoJ) announced the arrest of a Canadian man allegedly operating a DDoS botnet known as Kimwolf.

China’s Webworm Uses Discord, Microsoft Graphs to Hack EU Governments

The advanced persistent threat group has been using SOCKS proxies like SoftEther VPN to facilitate their attacks.

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog.

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Cisco has rolled out updates for a severe security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data.

Google API Keys Remain Active After Deletion

A security researcher discovered that API keys can still be used for up to 23 minutes after deletion, despite claims of immediate removal by the cloud provider.

We welcome your thoughts on these developments. Share your comments below.

Related posts

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...

restic | v0.19.1

restic v0 19 1: safer FUSE mounts and mountpoint checks, robust backup source and exclude handling, clearer CLI JSON output, Windows SFTP deletion fixes