(314) Critical Researchers uncover YellowKey and GreenPlasma Windows Zero-Days
Critical Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Critical CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
Critical NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light
Critical Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
Critical Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
Critical Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Critical Siemens Ruggedcom Rox
Critical Siemens Opcenter RDnL
Critical Siemens SENTRON 7KT PAC1261 Data Manager
Critical Siemens Solid Edge
Critical Siemens Teamcenter
Critical Siemens Ruggedcom Rox
Critical Universal Robots Polyscope 5
Critical Siemens Simcenter Femap
Critical Siemens Ruggedcom Rox
Critical Siemens gWAP
Critical Siemens Siemens ROS#
Critical Russian Attacks on Polish Water Utilities Use Fear as Weapon
Critical Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations
Critical Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming
Critical [webapps] Flowise < 3.0.5 - Missing Authentication for Critical Function
Critical 73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
Critical Windows BitLocker zero-day gives access to protected drives, PoC released
Critical New critical Exim mailer flaw allows remote code execution
Critical Microsoft’s Patch Tuesday Update Targets 120 Security Flaws
Critical Microsoft’s agentic security system found four critical Windows RCE flaws
Critical Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
Critical It's Patch Tuesday for Microsoft and Not a Zero-Day In Sight
Critical Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days
Critical Microsoft Patch Tuesday for May 2026 — Snort rules and prominent vulnerabilities
Critical Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days
Critical Critical Patches Issued for Microsoft Products, May 12, 2026
Critical Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution
Critical Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
Critical Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Critical Microsoft and Adobe Patch Tuesday, May 2026 Security Update Review
Critical Google Says Hackers Used AI to Build Zero-Day Exploit
Critical SAP unveils Autonomous Enterprise for AI-driven business operations
Critical Fuji Electric Tellus
Critical ABB Automation Builder Gateway for Windows
Critical ABB AC500 V3 Multiple Vulnerabilities
Critical ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
Critical Software Bill of Materials for AI - Minimum Elements
Critical Subnet Solutions PowerSYSTEM Center
Critical ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
Critical Attackers exploit cPanel CVE-2026-41940 to deploy Filemanager Backdoor
Critical SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
Critical cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
High The AI oversight paradox: Is the investment worth the cost of watching it?
High Breach Roundup: US Lawmakers Sound Alarm on AI Bug Hunters
High 18-year-old NGINX vulnerability allows DoS, potential RCE
High TeamPCP hackers advertise Mistral AI code repos for sale
High ODNI taps officials to coordinate response to foreign election threats
High Siemens SIPROTEC 5
High Siemens SIMATIC
High Nitrogen Ransomware claims massive data theft from Foxconn
High When ransomware gets physical: cybercriminals turn to threats of violence
High Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape
High Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak
High Machine identities outnumber humans 109 to 1
High Over 70% of organizations hit by identity breaches
High Exaforce Brings in $125M for Real-Time Cyber Reasoning
High Abrigo - 711,099 breached accounts
High OpenLoop Health confirms January 2026 Data breach affecting 716,000
High Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities
High Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
High KDE gets over €1 million investment to strengthen security and core infrastructure
High Researchers open-source a Wi-Fi cyber range for security training
High Sandyaa: Open-source autonomous security bug hunter
High NetSPI AI-powered Continuous Pentesting identifies high-impact vulnerabilities
High Hackers accessed BWH Hotels reservation system for months
High Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
High Škoda warns of customer data breach after online shop hack
High West Pharmaceutical warns of ransomware attack impacting business operations
High Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain
High Amazon Quick authorization bypass let users reach blocked AI chat agents
High Exaforce raises $125 million to respond to AI-powered attacks
High New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
High Fake Claude search results lure Mac users into ClickFix attack
High FCC Robocall Crackdown Raises Privacy Concerns Over Mandatory ID Checks
High UK water company allowed hackers to lurk undetected for nearly two years, regulator finds
Medium Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
Medium NIST NVD Enrichment Policy Change: Prioritizing Vulnerabilities with Attacker Behavior Signals
Medium Broadcom releases VMware Fusion security update for root access bug
Medium Linux Kernel bug Fragnesia allows local root access attacks
Medium U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog
Medium Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Medium Siemens Industrial Devices
Medium Siemens SIMATIC
Medium CISA Adds One Known Exploited Vulnerability to Catalog
Medium Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Medium China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
Medium FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Medium New Fragnesia Linux flaw lets attackers gain root privileges
Medium Microsoft on pace to break annual vulnerability record as AI-driven patch wave takes hold
Medium GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
Medium Most Remediation Programs Never Confirm the Fix Actually Worked
Medium Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
Medium Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Medium The world’s most “Dangerous” AI, Anthropic’s Mythos, found only one flaw in curl
Medium Fake Claude Code Installer Targets Developers With Browser Credential Stealer
Medium Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
Medium ZDI-26-308: Ivanti Endpoint Manager RemoteControlAuth Exposed Dangerous Method Information Disclosure Vulnerability
Medium ZDI-26-309: Microsoft Windows Message Queueing Double Free Local Privilege Escalation Vulnerability
Medium ZDI-26-310: Microsoft Windows splwow64 Race Condition Local Privilege Escalation Vulnerability
Medium ZDI-26-311: Apple macOS CoreSymbolication Out-Of-Bounds Read Information Disclosure Vulnerability
Medium ZDI-26-312: Apple Safari Web Inspector WebCore Style Resolver Use-After-Free Remote Code Execution Vulnerability
Medium ZDI-26-313: Apple Safari Regular Expression Duplicate Named Groups Heap-based Buffer Overflow Remote Code Execution Vulnerability
Medium ZDI-26-314: Apple macOS USD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Medium ZDI-26-315: Apple macOS USD Out-Of-Bounds Read Information Disclosure Vulnerability
Medium ZDI-26-316: Siemens Simcenter Femap IPT File Parsing Memory Corruption Remote Code Execution Vulnerability
Medium ZDI-26-317: Siemens Simcenter Femap IPT File Parsing Memory Corruption Remote Code Execution Vulnerability
Medium Copy.Fail Linux Vulnerability
Medium JetBrains TeamCity vulnerability allows privilege escalation, API exposure (CVE-2026-44413)
Medium ThreatDown ITDR prevents credential-based attacks
Medium Stealthy hackers exploit cPanel flaw in active backdoor campaign (CVE-2026-41940)
Medium Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
Medium Hackers Use AI for Exploit Development, Attack Automation
Medium Dirty Frag is a new Linux bug putting your system at risk - and there's no easy fix yet
Medium Cops Shutter Rebooted German Language Cybercrime Market
Informational SecurityScorecard Snags Driftnet to Level Up Threat Intelligence
Informational Taiwan Incident Highlights Cybersecurity Gaps in Rail Systems
Informational Home Depot and Lowe's have power tool deals for up to $400 off ahead of Memorial Day
Informational Cable, cords, and adapters I never throw away - and why these accessories are worth saving
Informational New infosec products of the week: May 15, 2026
Informational Zombie linkages are keeping expired domains trusted for years
Informational Deepfake detection is losing ground to generative models
Informational Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Informational Akamai to Buy LayerX for $205M to Expand AI Browser Security
Informational Mustang Panda Linked to New Modular FDMTP Backdoor
Informational Go-Ahead for AI Chip Sales to 10 Chinese Firms Raise Alarms
Informational How Fintech APIs Are Modernizing Business Cash Flow Management
Informational Suspected Dream Market kingpin arrested after gold bars sent to his home address
Informational [webapps] ePati Antikor NGFW 2.0.1301 - Authentication Bypass
Informational [webapps] Apache HertzBeat 1.8.0 - Remote Code Execution
Informational Welcoming the Bahamian Government to Have I Been Pwned
Informational Upcoming Speaking Engagements
Informational KongTuke hackers now use Microsoft Teams for corporate breaches
Informational Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
Informational OpenAI confirms security breach in TanStack supply chain attack
Informational Siemens SIMATIC S7 PLC Web Server
Informational Siemens Ruggedcom Rox
Informational FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign
Informational April 2026 Cyber Attacks Statistics
Informational US charges suspected Dream Market admin arrested in Germany
Informational Dell confirms its SupportAssist software causes Windows BSOD crashes
Informational ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th)
Informational Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th)
Informational Attackers Weaponize RubyGems for Data Dead Drops
Informational Checkbox Assessments Aren't Fit to Measure to Risk
Informational Best Buy just slashed the price on this 8TB SanDisk SSD - and I'd recommend it
Informational Googlebook looks promising, but one big laptop brand is conspicuously absent
Informational Best Buy is selling last year's LG OLED TV for 50% off - and I can vouch for it
Informational My new favorite Android file manager is way better than Google's default - and it's free
Informational Adobe Express vs Canva: Which design tool is better?
Informational I'm following the 60-60 rule for headphone listening, and my future self will thank me for it
Informational Closing the AI governance gap in your enterprise
Informational Vector embedding security gap exposes enterprise AI pipelines
Informational Instructure Pays ShinyHunters Ransom to Little Likely Return
Informational IMF Warns AI Has Made Cyber Risk a Financial Stability Threat
Informational Cisco CEO Robbins Ties AI Push to Unpatchable Tech Risk
Informational TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages
Informational Instructure Reaches Deal with ShinyHunters to Prevent Canvas Data Leak
Informational TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack
Informational [webapps] coreruleset 4.21.0 - Firewall Bypass
Informational [webapps] glances 4.5.2 - command injection
Informational [webapps] Ninja Forms Uploads - Unauthenticated PHP File Upload
Informational OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities
Informational Microsoft fixes Windows Autopatch bug installing restricted drivers
Informational Microsoft fixes BitLocker recovery issue only for Windows 11 users
Informational Webinar tomorrow: Why security alone won't stop modern attacks
Informational Iranian hackers targeted major South Korean electronics maker
Informational UK moves to shield security researchers in cybercrime law overhaul
Informational European Commission head pushes creation of new law delaying teens’ social media access
Informational Alleged Dream Market admin arrested in Germany after US indictment
Informational Cofense Launches AI-Driven Campaign Detection to Unified Phishing Defense Platform
Informational 5 Reasons Vision AI Changes Phishing Remediation
Informational State-sponsored actors, better known as the friends you don’t want
Informational 🎙️SECURITY.COM The Podcast: Iran’s Cyber Warfare Playbook: What Defenders Need to Know Right Now
Informational Canvas Breach Hackers Reach Deal After Claiming 275M Records Stolen
Informational Hackers Claim 11M Files Stolen From Foxconn, Supplier to Apple and Nvidia
Informational Google Launches New Android Security Features to Fight Scams, Theft
Informational China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm
Informational LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly
Informational Sony just gave me a compelling reason to put my AirPods and Bose headphones away
Informational How to learn Claude Code for free with Anthropic's AI courses - one took me just 20 minutes
Informational Red Hat Desktop vs. Fedora Hummingbird: Which AI development Linux path is right for you?
Informational What is digital transformation? Everything you need to know about how technology is changing business
Informational Your TV's RS-232 port is a powerful automation tool - how to unlock it (and what it can do)
Informational Get Audible for 30 days totally free - here's how
Informational T-Mobile will give you $400 just for switching - here's how to qualify
Informational Versa CSPM brings continuous visibility to cloud risk and compliance exposure
Informational Apricorn hardens ASK3 encrypted USB drive for extreme conditions
Informational Tuskira’s Kairo exposes hidden AI-driven breach paths
Informational Signal responds to phishing attacks with new in-app security warnings
Informational WhatsApp adds Incognito Chat for private Meta AI conversations
Informational Android Adds Intrusion Logging for Sophisticated Spyware Forensics
Informational [Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
Informational Over 1 Million Baby Monitors, Security Cameras Exposed Through Meari Flaws
Informational How I made my Windows 11 widgets truly useful: 8 simple tweaks to try before you hide them
Informational I switched to a Wi-Fi 7 mesh router at home, and the faster download speed is so worth it
Informational Elementary OS vs. Linux Mint: I compared my once favorite distro to the Windows alternative
Informational Chromebook vs. Googlebook: How I'm deciding which laptop to upgrade to next
Informational Fedora Kinoite vs. Silverblue: My verdict after testing both immutable Linux distros
Informational Fedora Hummingbird brings the container security model to a Linux host OS
Informational Android pushes new scam, theft, and AI protections in 2026 update wave
Informational Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark
Informational Accelerating detection engineering using AI-assisted synthetic attack logs generation
Informational Top Video Downloaders in 2026: Why Wondershare UniConverter Remains a Strong Choice
Informational Canvas Hackers ShinyHunters Say Their Official Domain Was Suspended
Informational Microsoft May 2026 Patch Tuesday, (Tue, May 12th)
Informational Windows 11 KB5089549 & KB5087420 cumulative updates released
Informational Microsoft releases Windows 10 KB5087544 extended security update
Informational Signal adds security warnings for social engineering, phishing attacks
Informational UK fines water supplier $1.3M for exposing data of 664k customers
Informational US govt seeks Instructure testimony on massive Canvas cyberattack
Informational European countries are exporting surveillance tech to countries with poor human rights records, report says
Informational Congressman launches inquiry into how food retailers use surveillance pricing
Informational Foxconn confirms cyberattack impacting North American factories
Informational 20 Leaders Who Built the CISO Era: 2 Decades of Change
Informational Hugging Face Packages Weaponized With a Single File Tweak
Informational Linux Mint vs. Elementary OS: I compared both distros, and here's my advice
Informational Your iPhone RCS chats with Android are encrypted in iOS 26.5: How to verify E2E is enabled
Informational I overlooked this Sony headphone feature for years - Apple and Bose have nothing like it
Informational Android will hang up on banking scammers for you - how its new anti-spoofing feature works
Informational I'm a devoted iPhone user but Android 17 is tempting me with its new video and social features
Informational General Motors to pay $12.75 million over driver data sales
Informational Instructure took a risky approach to recover stolen Canvas data
Informational iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android
Informational Why Agentic AI Is Security's Next Blind Spot
Informational Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
Informational Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help
Informational Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign
Informational Instructure reaches 'agreement' with ShinyHunters to stop data leak
Informational New GhostLock tool abuses Windows API to block file access
Informational Cyber Espionage Group Targets Aviation Firms to Steal Map Data
Informational Linux developers weigh emergency “killswitch” for vulnerable kernel functions
Informational Crimenetwork returns after takedown, dismantled again by German authorities
