Patch Tuesday notes: Microsoft patches over a hundred flaws, none of which are zero-days.

Summary

By the N2K CyberWire staff

Patch Tuesday notes: Microsoft patches over 100 flaws, none of them zero-days.

Microsoft yesterday issued patches for 137 vulnerabilities across its products, the most serious of which is a critical privilege escalation flaw (CVE-2026-41103) in the Microsoft SSO Plugin for Jira & Confluence. KrebsOnSecurity notes that this is the first Microsoft Patch Tuesday in nearly two years that didn't include any actively exploited or publicly disclosed zero-days.

Adobe released fixes for 52 flaws across ten of its products. Of note are two critical vulnerabilities in Adobe Connect that could lead to arbitrary code execution (CVE-2026-34659) and privilege escalation (CVE-2026-34660).

Zoom, Fortinet, and Ivanti also released patches for high-severity vulnerabilities affecting their products. On the hardware side, Intel and AMD published more than two dozen advisories covering 70 vulnerabilities.

SecurityWeek has a summary of fixes issued by ICS vendors, including Siemens and Schneider Electric.

The browser is the new endpoint. Are you securing it?

Today’s work happens in the browser - but that’s also where new risks live. From shadow IT to session-based threats, critical activity often goes unseen.

NordLayer Browser gives IT teams visibility and control inside the browser itself—helping protect company data and enforce security across SaaS apps without disrupting workflows.

If your security stack stops short of the browser, it may be time to take a closer look.

Foxconn confirms disruptive cyberattack as ransomware gang claims responsibility.

Taiwanese electronics manufacturing giant Foxconn has confirmed that a cyberattack disrupted operations at several of its factories in North America, the Record reports. A Foxconn spokesperson stated, "The cybersecurity team immediately activated the response mechanism and implemented multiple operational measures to ensure the continuity of production and delivery. The affected factories are currently resuming normal production." The spokesperson didn't specify which facilities were impacted. The Record notes that the company has factories in Wisconsin, Ohio, Texas, Virginia, Indiana, and several in Mexico. According to DysruptionHub, employees at one of Foxconn's Wisconsin locations were sent home early last Friday due to network outages.

WIRED says the Nitrogen ransomware gang listed Foxconn as a victim on Monday, claiming to have stolen eight terabytes of data from the company. The crooks say the stolen data contains schematics and project details belonging to Foxconn's customers, including Dell, Google, Apple, and Nvidia.

Iran’s evolving cyber playbook.

Iran’s cyber operations have evolved beyond destructive malware, with actors pivoting to target identity systems. Dave Bittner sat down with Sam Rubin, Senior Vice President at Palo Alto Networks, to discuss how Iranian groups are weaponizing stolen credentials and trusted access to reach high-value targets. Whether it be attacking vulnerable trusted parties or crafting documents loaded with malware, listen to the conversation to learn how Iran’s pivot is impacting the cybersecurity landscape.

Business news: Exaforce raises $125 million in Series B funding.

San Francisco-based agentic SOC provider Exaforce has raised $125 million in Series B funding from HarbourVest, Peak XV, Mayfield, Khosla Ventures, Seligman Ventures, and AICONIC. The company stated, "Exaforce will use the Series B funding to advance its core platform, including multi-model AI and its real-time knowledge graph, while expanding the capabilities security teams need to investigate, detect, and respond at machine speed. The company will also expand its global footprint, with go-to-market investment across key regions including Japan and Europe. In parallel, Exaforce will continue investing in customer success, research, MDR oversight, and support to help customers operationalize the platform and improve response speed, resilience, and confidence across critical environments."

Notes.

Today's issue includes events affecting , and the United States.

Attacks, Threats, and Vulnerabilities

716,000 Impacted by OpenLoop Health Data Breach (SecurityWeek) The telehealth platform was hacked in January, and users’ personal information was exfiltrated from its systems.

Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign (Symantec) Iran-linked threat actor abused signed Fortemedia and SentinelOne binaries for DLL sideloading and exfiltrated data through a public file-transfer service.

Technologies, Techniques, and Standards

Global Cyber Agencies Issue New SBOMs for AI Guidance (Infosecurity Magazine) The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chains

Litigation, Investigation, and Law Enforcement

Congressman launches inquiry into how food retailers use surveillance pricing (The Record) The letter noted that many Americans are unaware that their data is being used to set variable prices, a trend that is particularly pervasive for online shoppers.

US govt seeks Instructure testimony on massive Canvas cyberattack (BleepingComputer) The U.S. House Committee on Homeland Security is calling on Instructure executives to testify about two cyberattacks by the ShinyHunters extortion group that targeted the company's Canvas platform, allowing threat actors to steal student data and disrupt schools during final exams.

Industry Events

For a complete running list of events, please visit the Event Tracker.

Events

CyberArk IMPACT 2026 (Austin, Texas, USA, May 11 - 13, 2026) At CyberArk IMPACT, cybersecurity practitioners and leaders will come together to explore today’s #1 attack vector – identity. Attendees will acquire a deep understanding of the latest developments in identity-based cyberattacks, including sophisticated attacker techniques that leverage AI and other methods. And most importantly, they will learn how to shut out attackers and prevent unauthorized access by securing every identity across the organization with the right level of privilege controls.

KB4-CON 2026 (Orlando, Florida, USA, May 12 - 14, 2026) Since its inception in 2018, KB4-CON has evolved from a user-focused gathering to the must-attend event for anyone serious about staying ahead in the security landscape. It is the human risk management industry’s premier event, bringing together KnowBe4 customers, channel partners, prospects, plus security advocates and industry professionals. This is your exclusive opportunity to engage with and learn from the industry’s most influential players, all under one roof.

ASCEND 2026 (Washington, DC, USA, May 19 - 21, 2026) ASCEND connects the civil, commercial, and national security space sectors, along with adjacent industries, to embrace the opportunities and address the challenges that come with increased activity in space. Building our sustainable off-world future requires long-term thinking. Strategic planning, innovation, scientific exploration, and effective regulations and standards will help us preserve space for future generations. ASCEND will enable the technical exchanges, debates, and collaboration that will help forge a sustainable off-world future for all.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry's largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust N2K CyberWire to get the message out. Learn more.

Daily Briefing for 05.13.26

Top stories.