Paid Promotion
Add your product or open-source project on TechLogHub
Listing is free. Sponsored featured placements are paid and priced in USD — open the pricing dialog to see plan details.
May 13, 2026
Security & Infrastructure Tools
West Pharmaceutical says hackers stole data, encrypted systems
West Pharmaceutical Services says it was the target of a material cybersecurity attack in which data was exfiltrated and some systems were encrypted. The compromise was detected May 4, 2026, with incident response actions including taking systems offline, notifying law enforcement, and engaging external forensics; core shipping and manufacturing systems have been restored and manufacturing partially restarted, but full restoration and the incident's financial impact are still undetermined. The company is working with Palo Alto Networks’ Unit 42, and no ransomware group has claimed responsibility at this time.
By TechLogHub
May 13, 2026
Security & Infrastructure Tools
Iranian hackers targeted major South Korean electronics maker
An Iran-linked hacking group known as MuddyWater (Seedworm) has launched a broad cyber-espionage campaign targeting at least nine high-profile organizations across multiple sectors and countries, including a major South Korean electronics manufacturer, government agencies, and educational institutions. The February 2026 operation used DLL sideloading of legitimate binaries (fmapp.exe and sentinelmemoryscanner.exe) carrying ChromElevator, PowerShell with Node.js loaders, credential theft, and data exfiltration via sendit.sh, signaling a more mature, geographically expanded campaign focused on industrial/IP theft and access to downstream networks.
By TechLogHub
May 13, 2026
Security & Infrastructure Tools
New critical Exim mailer flaw allows remote code execution
Exim’s open‑source mail transfer agent has a critical vulnerability (CVE-2026-45185) that allows unauthenticated remote code execution on affected builds (Exim 4.97–4.99.2) compiled with GnuTLS. The bug is a use-after-free during TLS shutdown in BDAT chunked SMTP traffic and can give attackers control over the server; OpenSSL builds are not affected. A patch is available in Exim 4.99.3. The flaw was discovered by Federico Kirschbaum of XBOW, who demonstrated an AI‑assisted PoC exploit, though researchers note humans still play a crucial role. Ubuntu and Debian users should update via their package managers.
By TechLogHub
May 13, 2026
Security & Infrastructure Tools
Windows BitLocker zero-day gives access to protected drives, PoC released
Security researcher Chaotic Eclipse has released PoCs for two unpatched Windows flaws, YellowKey and GreenPlasma, collectively known as Chaotic Eclipse. YellowKey is a BitLocker bypass that exploits the Windows Recovery Environment to gain shell access on TPM-protected drives for Windows 11 and Windows Server 2022/2025, while GreenPlasma is a privilege-escalation flaw that could yield a SYSTEM shell. The disclosures follow earlier leaks (BlueHammer, RedSun), with the researcher promising more PoCs; Microsoft says it is investigating and urging mitigations like BitLocker PINs and BIOS passwords, though some configurations (such as TPM-only) may remain vulnerable.
By TechLogHub