TCE Weekly Roundup: AI, Ransomware & Risks 2026
In this weekly roundup from The Cyber Express, the global cybersecurity landscape in 2026 continues to shift rapidly as emerging technologies and evolving cyber threats…
Month: May 2026
NBN Co AI could give RSPs more network intelligence
NBN Co’s AI strategy is moving toward an agentic phase that could see the network wholesaler open its data to retailers and give them greater…
Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild
Microsoft Exchange Server users are urged to immediately mitigate a newly disclosed zero-day vulnerability that has been exploited in attacks. Microsoft this week patched 137…
Ghostwriter group resumes attacks on Ukrainian Government targets
Ghostwriter group resumes attacks on Ukrainian Government targets Pierluigi Paganini May 15, 2026 ESET uncovered new Ghostwriter (aka FrostyNeighbor) activity targeting Ukrainian government organizations in…
Rapid7 analysis flags Cisco and Palo Alto authentication bypass vulnerabilities
Rapid7 has published analysis of two newly disclosed authentication bypass vulnerabilities affecting enterprise networking and security platforms from Cisco and Palo Alto Networks, with both…
Autonomous systems are finally working. Security is next
The problem was never detection For the last decade, the security industry has focused on detection. The emphasis has been on generating more alerts, improving…
Huntress × Acrisure Cyber Insurance Program
TL;DR: Huntress and Acrisure are partnering to help eligible businesses turn stronger cybersecurity into better cyber insurance outcomes. Through the Huntress × Acrisure Cyber Insurance…
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to…
Microsoft Details Kazuar Malware’s Modular Architecture and P2P Botnet Operations
A nation-state malware known as Kazuar has resurfaced with a far more dangerous design than anyone expected. What once started as a relatively standard backdoor…
Tycoon 2FA Operators Use OAuth Device Code Phishing to Bypass MFA
A new phishing campaign uncovered in late April 2026 shows how threat actors behind the Tycoon 2FA Phishing-as-a-Service (PhaaS) kit are evolving beyond traditional credential…
Deepfake detection is losing ground to generative models
Deepfake detection has been built around a single question for close to a decade. Given a video or audio clip, is it real or synthetic?…
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Ravie LakshmananMay 15, 2026Microsoft / Vulnerability Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under…