YellowKey affects Windows 11 and Server 2022/2025; GreenPlasma could enable abuse of SYSTEM-writable paths.
Two new Windows zero-days expose a BitLocker bypass in WinRE and a CTFMON privilege escalation issue.
Threat actors targeted PraisonAI CVE-2026-44338, an authentication bypass vulnerability, within hours of disclosure.
The flaw affects versions 2.5.6–4.6.33 and can expose the /agents endpoint without authorization.
The flaw affects versions 2.5.6–4.6.33 and can expose the /agents endpoint without authorization.
Three newly published node-ipc npm versions have been confirmed as malicious, with obfuscated stealer/backdoor behavior targeting developer and cloud secrets.
Limited attacks are exploiting CVE-2026-20182, a CVSS 10.0 auth bypass in Cisco Catalyst SD-WAN Controller.
Unauthenticated remote attackers can gain admin privileges and manipulate SD-WAN configurations.
Affected: on-prem, cloud, government deployments.
Unauthenticated remote attackers can gain admin privileges and manipulate SD-WAN configurations.
Affected: on-prem, cloud, government deployments.
An 18-year-old flaw in NGINX can let unauthenticated attackers run code or crash servers using crafted HTTP requests.
Tracked as CVE-2026-42945 and named NGINX Rift, the bug affects NGINX Plus and Open Source.
Tracked as CVE-2026-42945 and named NGINX Rift, the bug affects NGINX Plus and Open Source.
OpenAI says two employees devices were affected in the TanStack supply-chain attack.
Turla has rebuilt Kazuar into a modular P2P botnet designed for stealth and persistent access.
The upgraded .NET backdoor uses Kernel, Bridge, and Worker modules to handle C2, tasking, collection, and exfiltration.
The upgraded .NET backdoor uses Kernel, Bridge, and Worker modules to handle C2, tasking, collection, and exfiltration.
Four OpenClaw vulnerabilities dubbed Claw Chain can be chained to steal sensitive data, escalate privileges, and establish persistence.
All four flaws are fixed in OpenClaw 2026.4.22.
All four flaws are fixed in OpenClaw 2026.4.22.
On-prem Microsoft Exchange Server CVE-2026-42897 is under active exploitation.
The CVSS 8.1 spoofing flaw stems from XSS and can allow arbitrary JavaScript execution when crafted emails are opened in Outlook Web Access under certain conditions.
The CVSS 8.1 spoofing flaw stems from XSS and can allow arbitrary JavaScript execution when crafted emails are opened in Outlook Web Access under certain conditions.
CISA added CVE-2026-20182, a CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN Controller, to its KEV catalog amid active exploitation.
Google ties full 15GB free cloud storage to mobile number verification for new accounts.
Microsoft patches 120 vulnerabilities in May 2026 update including 17 critical flaws across Windows and Office.
Google says hackers used AI to discover a zero day vulnerability for the first time.
Critical Next.js vulnerability exposes servers to unauthorized requests and potential data leaks.
The hacker group "ShinyHunters" in a new wave of cyberattacks has gained access to data from large companies such as Google, Sony, AMD, and Rockstar.
A new version of the "Kazuar" malware; a tool attributed to Russian hackers designed for covert infiltration, espionage, and information gathering.