THREATSDAY’S ThreatsDay Bulletin for 07 May 2026 surveys a week of cybercrime and security stories, noting that attackers continue to rely on low-effort methods such as shady packages, fake apps and compromised logins, with AI speeding up exploit hunting and attackers automating faster. A new MicroStealer was observed in December 2025, targeting education and telecom sectors and exfiltrating browser credentials, active session data and other data via Discord webhooks.
In a notable privacy action, according to the Federal Trade Commission (FTC) and Kochava, a settlement blocks the company and its subsidiary from selling or disclosing sensitive location data without explicit consumer consent and imposes a data-retention regime. Proton has added post-quantum cryptography support in Proton Mail to protect future communications, while pnpm 11 introduces new supply chain protections to prevent immediate installation of compromised packages.
The bulletin also highlights Edge memory exposure, with Edge storing passwords in cleartext in memory, and MOVEit Automation’s critical authentication bypass flaw CVE-2026-4670, which has driven a push to accelerate patching on associated exposed instances.