Daily Threat Briefing – May 14, 2026

This briefing reports multiple concurrent high-risk incidents: publicly disclosed Windows BitLocker zero-days (YellowKey, GreenPlasma) with PoC enabling full-disk access; active Exchange exploitation by a China-linked APT (FamousSparrow) targeting energy firms; widespread Canvas platform data extortion disrupting education; a claimed Nitrogen ransomware theft from Foxconn North American facilities; and a critical Exim RCE affecting mail servers — all requiring urgent patching, threat hunting, and incident response.