New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

May 14, 2026 at 12:36PM Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) …

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

May 14, 2026 at 11:30AM Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX…

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

May 13, 2026 at 04:06PM Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, al…

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

May 13, 2026 at 01:38PM Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the…

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

May 13, 2026 at 12:25PM Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic log…

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

May 12, 2026 at 10:14PM Exim has released security updates to address a severe security issue affecting certain configurations th…

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

May 12, 2026 at 12:25PM OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial int…

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android

May 12, 2026 at 10:48AM Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Commun…

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

May 12, 2026 Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. …

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

May 11, 2026 at 11:24PM A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cP…

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

May 11, 2026 at 06:06PM Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public …

Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room

May 11, 2026 at 05:00PM Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM …