Daily Threat Briefing – May 10, 2026

Critical, wide-ranging briefing: multiple active incidents include a Canvas LMS extortion and PII risk to students, several supply‑chain compromises distributing RATs and infostealers (JDownloader, fake Hugging Face repo, Trellix breach), an emerging TCLBANKER banking trojan campaign with WhatsApp/Outlook propagation, Quasar Linux RAT targeting developer credentials, ICS/OT intrusions affecting water treatment plants, and high‑severity vulnerabilities in cPanel/WHM and Microsoft products — all requiring immediate mitigation, credential rotation, patching, and incident response.