CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
CISA added CVE-2026-31431 to its Known Exploited Vulnerabilities catalog after confirming active exploitation. The flaw affects multiple Linux distrib…
Patch Tuesday, April 2026 Edition
Microsoft released patches for 167 vulnerabilities across Windows and related products. The update addresses a SharePoint Server zero-day and "BlueHam…
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
AI-assisted code scanning identified a Linux vulnerability dormant for nine years. The flaw accepts exploitation through a 10-line proof-of-concept ex…
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Tens of thousands of Chinese surveillance cameras remain unpatched for an 11-month-old critical vulnerability, creating widespread exposure across tho…
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
CISA added CVE-2026-31431 to its Known Exploited Vulnerabilities catalog on Friday, confirming active exploitation of a Linux privilege escalation fla…
Microsoft Patch Tuesday, March 2026 Edition
Microsoft released patches for 77 vulnerabilities across Windows and related software during March 2026 Patch Tuesday. No zero-day flaws received atte…
Microsoft fixes Remote Desktop warnings displaying incorrectly
Microsoft patched a display bug affecting Windows security warnings that appear when users open Remote Desktop (.rdp) files. The warnings, introduced …
Reverse Engineering With AI Unearths High-Severity GitHub Bug
Wiz security researchers employed AI-powered reverse engineering to discover a high-severity vulnerability in GitHub that manual analysis would have b…
AI Finds 38 Security Flaws in Electronic Health Record Platform
AI-driven security testing identified 38 vulnerabilities in OpenEMR, an electronic health record platform deployed by over 100,000 healthcare provider…
Firewall Bug Under Active Attack Triggers CISA Warning
CISA issued a warning that Palo Alto Networks' PAN-OS firewall faces active exploitation in the wild. The vulnerability requires immediate patching. A…
Google Patches Chrome’s Fifth Zero-Day of the Year
Google released a security update addressing 11 vulnerabilities in Chrome, including a fifth zero-day flaw affecting the browser this year. The vulner…
Patch Tuesday, April 2026 Edition
Microsoft released patches for 167 vulnerabilities across Windows and related products. The update addresses a SharePoint Server zero-day and "BlueHam…
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
AI-assisted code scanning uncovered a nine-year-old vulnerability in Linux that researchers exploited with just 10 lines of proof-of-concept code. The…
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Cybercriminals actively sell remote access to tens of thousands of unpatched Chinese surveillance cameras on underground forums. The cameras run outda…
Patch Tuesday, April 2026 Edition
Microsoft patched 167 vulnerabilities across Windows and related products in April 2026 Patch Tuesday updates. The batch includes a SharePoint Server …
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Cybercriminals actively sell access to tens of thousands of unpatched Chinese surveillance cameras exploiting an 11-month-old critical vulnerability. …
Serial-to-IP Devices Hide Thousands of Old & New Bugs
Serial-to-IP converter devices contain thousands of unpatched vulnerabilities that operators and defenders often overlook. These devices translate leg…
April KB5083769 Windows 11 update causes backup software failures
Microsoft's April 2026 KB5083769 security update for Windows 11 (versions 24H2 and 25H2) breaks third-party backup software across multiple vendors. T…
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Anthropic delayed public release of Project Glasswing, an AI vulnerability discovery model, to manage responsible disclosure at scale. The system demo…
iPhone Users Urged to Update to Patch 2 Zero-Days
Apple released security updates for iOS and macOS addressing two zero-day vulnerabilities currently exploited in active attacks. A kernel flaw and a W…
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
CVE-2026-31431, dubbed Copy Fail, exposes a local privilege escalation flaw in Linux with a CVSS score of 7.8. Researchers at Xint.io and Theori discl…
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google patched a CVSS 10.0 remote code execution vulnerability in Gemini CLI, affecting the "@google/gemini-cli" npm package and the "google-github-ac…
Reverse Engineering With AI Unearths High-Severity GitHub Bug
Wiz researchers deployed an AI-powered reverse-engineering tool to discover a previously undetected high-severity vulnerability in GitHub. The tool au…
AI Finds 38 Security Flaws in Electronic Health Record Platform
OpenEMR, a widely deployed electronic health record platform serving over 100,000 healthcare providers, contains 38 security vulnerabilities. Research…