CISO Daily Digest: Pwn2Own Berlin and Rising Zero-Day Threats (20260521)
Pwn2Own Berlin 2026 concluded with researchers demonstrating 47 zero-day exploits across browsers, OS, and ICS platforms; a new wave of Shai-Hulud supply-chain attacks compromised 600 npm packages; a critical unpatched flaw in OT RobotOS gave attackers remote control over industrial systems; and Microsoft took down a malware-signing service that had been issuing valid code-signing certificates to ransomware groups.
The cybersecurity landscape on 2026-05-21 was dominated by Завершился Pwn2Own Berlin. Исследователи показали 47 уникальных 0-day.
- Event Context: Pwn2Own Berlin 2026 concluded with researchers demonstrating 47 unique zero-day exploits, targeting major platforms including web browsers, operating systems, enterprise software, and ICS/SCADA systems. The event highlights the accelerating discovery of critical vulnerabilities across the technology stack.
- Industry Impact: The breadth of vulnerabilities disclosed through Pwn2Own underscores the growing attack surface faced by enterprise organizations, particularly in operational technology (OT) environments.
🔗 Reference: Завершился Pwn2Own Berlin. Исследователи показали 47 уникальных 0-day | Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks | Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control
This Week’s Active Threats
📌 3 Prerequisites to Adopting Claude Platform on AWS - Security Boulevard
🔗 Reference: 3 Prerequisites to Adopting Claude Platform on AWS - Security Boulevard
📌 Завершился Pwn2Own Berlin. Исследователи показали 47 уникальных 0-day
The Pwn2Own Berlin 2026 hacking competition revealed 47 unique zero-day vulnerabilities across browsers, operating systems, and ICS platforms, demonstrating the expanding threat landscape for enterprise security teams.
🔗 Reference: Завершился Pwn2Own Berlin. Исследователи показали 47 уникальных 0-day
📌 Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft’s takedown of this malware-signing service disrupts a critical enabler of ransomware campaigns, preventing threat actors from obtaining valid code-signing certificates for their malicious binaries.
🔗 Reference: Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
📌 Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control
This critical vulnerability requires immediate attention. Organizations should prioritize patching and implement compensating controls such as network segmentation and access restriction.
🔗 Reference: Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control
📌 Security Experts Pour Cold Water On Claude Mythos Hacking Apocalypse - Yellow.com
🔗 Reference: Security Experts Pour Cold Water On Claude Mythos Hacking Apocalypse - Yellow.com
📌 Новая волна атак Shai-Hulud привела к компрометации 600 npm-пакетов
This supply chain attack targets the open-source ecosystem, compromising package registries to distribute malware to downstream users and organizations.
🔗 Reference: Новая волна атак Shai-Hulud привела к компрометации 600 npm-пакетов
📌 Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
🔗 Reference: Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
📌 Zyxel推出「生成式AI 防護解決方案」,協助企業應對影子 AI資安風險 - iThome
🔗 Reference: Zyxel推出「生成式AI 防護解決方案」,協助企業應對影子 AI資安風險 - iThome
How Can OPSWAT Help
OPSWAT MetaDefender provides multi-engine malware detection with over 30 anti-malware engines and Deep Content Disarm and Reconstruction (CDR) technology, protecting OT/ICS environments from zero-day threats and targeted attacks. Organizations can deploy MetaDefender to prevent malicious files from reaching critical infrastructure, supporting compliance with NIST, IEC 62443, and other regulatory frameworks.