Nearly all 3.5 billion Chrome browser users will soon see a ‘high-risk’ security update from Google. Here’s what you need to know.

On Call: The 600 km drive to fix the mess was a special treat

: How to avoid social engineering attacks? Employee training tops the list

Meta has initiated formal and technical countermeasures against ASIGINT, an Italy-based technology firm accused of creating and distributing a malicious WhatsApp clone.

OpenSSL has released a broad April 2026 security update that fixes seven vulnerabilities across supported branches, led by CVE-2026-31790, a moderate-severity flaw in RSA KEM RSASVE encapsulation that can expose uninitialized memory to a malicious peer.

Cyber espionage group ‘Fancy Bear’ targeting home Wi-Fi systems to access personal data

CVE-2023-33538 allows for command injection in TP-Link routers. We discuss exploitation attempts with payloads characteristic of Mirai botnet malware.

Google’s May 2026 Android Security Bulletin reveals a critical Android System RCE flaw enabling remote access without user interaction.

The attacks likely target CVE-2026-41940, a recently patched zero-day leading to administrative access.

Qualcomm Technologies has issued a critical security bulletin addressing severe flaws in software powering Snapdragon devices.

Multiple critical sandbox escape flaws in vm2 allow attackers to break out of the sandbox and execute arbitrary commands on host systems.

PamDOORa Linux backdoor hijacks PAM authentication to steal SSH credentials and silently persist on systems.

Let's Encrypt temporarily suspended all certificate issuance on May 8, 2026, after engineers identified a critical issue involving a cross-signed certificate linking the organization's Generation X root to its upcoming Generation Y root infrastructure.

Have a photo? ClarityCheck's reverse image lookup scans the web for matches and surfaces names, social profiles, and online mentions in seconds. Try free.

Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks.

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices.

Hackers are actively exploiting a newly disclosed critical NGINX heap buffer overflow flaw.

The critical Windows Netlogon remote code execution (RCE) vulnerability tracked as CVE-2026-41089 is now under active exploitation in the wild, significantly raising the risk profile for unpatched Windows Server environments.

You've been invited to try Claude