A newly disclosed Windows zero-day privilege escalation vulnerability, called MiniPlasma, allows attackers to gain SYSTEM-level access on fully patched systems. A proof-of-concept exploit has been publicly...
A local privilege escalation vulnerability in the Linux kernel's rxgk module has been patched, but a proof-of-concept exploit is now publicly available, enabling attackers to obtain...
Two new Windows zero-day vulnerabilities have been disclosed involving a BitLocker bypass and a privilege escalation in the Collaborative Translation Framework. The flaws were detailed by...
AI hallucinations, or confidently incorrect outputs, are creating security challenges by misleading human operators in critical infrastructure settings.
Shortly after its public disclosure, attackers began exploiting CVE-2026-44338, an authentication bypass vulnerability in PraisonAI that exposes sensitive endpoints.
Google has introduced Intrusion Logging as a new opt-in feature on Android devices to support forensic analysis of sophisticated spyware attacks. This capability is included within...
The US House Committee on Homeland Security requests Instructure executives to testify on two cyberattacks by the ShinyHunters group targeting the Canvas platform, resulting in stolen...
The TeamPCP group has compromised npm and PyPI packages from several prominent organizations including TanStack and Mistral AI, embedding malicious code as part of the Mini...
Security operations centers face challenges investigating critical alerts, with key high-risk categories frequently overlooked due to operational blind spots rather than sheer alert volume.
May 18, 2026
May 18, 2026
