AL26-013 - Critical vulnerability affecting Cisco Catalyst SD-WAN - CVE-2026-20182
HPE security advisory (AV26-477)
Drupal has issued an alert stating that it intends to release a "core security release" for all supported branches on May 20, 2026, from 5-9 p.m. UTC. "The Drupal Security Team urges you to...
May 11, 2026 Dawn Capelli from the Dragos OT CERT issued a Linked-In request for OT Insider Threat cases in industrial environments. Dawn said she keeps hearing that insider threats rank as a top...
May 11, 2026 Dawn Capelli from the Dragos OT CERT issued a Linked-In request for OT Insider Threat cases in industrial environments. Dawn said she keeps hearing that insider threats rank as a top...
Microsoft Edge security advisory (AV26-476)
The FBI says Americans have lost over $388 million last year to scams using cryptocurrency kiosks, also known as crypto ATMs or Bitcoin ATMs. [...]
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adobe Photoshop, OpenVPN, and Gen Digital's Norton VPN.The vulnerabilities...
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. [...]
The U.K. government published guidance on AI, open code, and vulnerability risk in the public sector, outlining how... The post UK links AI-accelerated cyber threats to operational weaknesses, not...
[Control systems] CISA ICS security advisories (AV26–475)
Fox Tempest, a financially-motivated threat group, allowed ransomware operators and other cybercriminals to slip malware-laced software past security controls. The post Microsoft disrupts...
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and...
Two novel Windows zero-day vulnerabilities dubbed YellowKey, which bypasses BitLocker drive encryption, and GreenPlasma, a local privilege escalation bug that targets a trusted Windows process...
Prompt for Agentic AI Security empowers organizations with proactive governance, meaning security teams can deploy agents with confidence.
Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is...
Wiz Runtime Sensor support for Google Cloud Run Containers is now generally available, giving teams real-time threat detection and response for their serverless container workloads.
The main risk from hospital cyber incidents is no longer data breaches or IT disruption – it’s direct threats to care delivery. According to a Black Book Research survey of 284 European hospital...
A first-of-its-kind cybercrime operation in the MENA region has led to the arrest of 201 individuals, with a further 382 suspects identified. Thirteen countries from the Middle East and North...
The head of the World Health Organization said on Tuesday that he was “deeply concerned about the scale and speed” of the Ebola outbreak spreading in the Democratic Republic of Congo and Uganda,...
Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can...
Iran did not improvise the Hormuz crisis. The mine stockpiles, the Islamic Revolutionary Guards Corps’ fast-boat fleet, and the Houthi program at Bab al-Mandab are a coordinated architecture...
A recent audit by the Defense Department’s (DOD) Inspector General found that the Office of the Chief Digital and Artificial Intelligence Officer (OCDAO) failed to implement several required...
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS...
The only thing growing faster than the artificial-intelligence industry may be Americans’ negative feelings about it — as former Google Chief Executive Eric Schmidt saw on Friday. Delivering a...
Anthropic said on Monday it is revising its earlier position to allow users of its Mythos cybersecurity model to share information about cyber threats with others who may be exposed to similar...
Microsoft plans to raise the quality bar of Windows 11 drivers, as drivers "sit at the heart of every Windows experience" and connect the OS to the "silicon, components, and peripherals." [...]
Microsoft has confirmed user reports that the Teams team collaboration app is displaying non-dismissible location prompts on some macOS systems. [...]
ESET researchers identified renewed activity from FrostyNeighbor, a long-running cyberespionage actor apparently aligned with Belarusian interests, targeting Ukrainian... The post Belarus-aligned...
Artificial intelligence is rapidly becoming both a defensive necessity and a strategic risk factor for critical infrastructure operators... The post AI-powered cyber threats overwhelm human...