Incomplete fix for Fancy Bear exploit opens zero-click hole in Windows

Microsoft's partial patching in February 2026 of a zero-day vulnerability abused by Russian state-sponsored threat group ...

Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug ...
The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.
SecurityWeek

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click ...
CoinDesk

Kelp DAO claims LayerZero’s 'default' settings are what actually caused the massive $290 million disaster

The liquid restaking protocol said the compromised verifier was LayerZero's own infrastructure, and the setup it was faulted ...

iOS 26.4.2: Apple Emergency iPhone Update Fixes Deleted Notification Bug

Apple has released a new iPhone update — that has taken many by surprise — to address a vulnerability that was recently ...

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate ...
Communications of the ACM

Subscription Bombing: Email under Attack

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms a target’s inbox with a high volume of benign but unwanted emails. The ...
The EconomistOpinion

Stop big tech from making users behave in ways they don’t want to

Teens can’t switch off from Instagram even if they want to.” On March 25th this year, a Los Angeles jury read it into the ...

With AI, cyberattacks come fast; it’s time firms patch faster

Discover how AI accelerates cyberattacks and why firms need to improve their patching strategies to mitigate escalating risks ...

Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall

Autonomous SOC agents now shipping can rewrite firewall rules and modify IAM policies — outpacing the governance frameworks ...