Threat actors are exploiting CVE-2026-42945, a critical NGINX vulnerability that leads to remote code execution if ASLR is ...

Several major healthcare data breaches, affecting millions of individuals, have been added to the tracker maintained by the ...

Grafana confirmed suffering a data breach, two days after a cybercrime group listed the company on its leak website.

A threat actor started using the Shai-Hulud worm in attacks only days after the malware’s source code was released.

Microsoft and Palo Alto Networks have separately reported significant results after turning AI on their own code to find ...

Google has released a Chrome 148 update that resolves 79 vulnerabilities, including 14 critical-severity security defects.

Microsoft is working to patch CVE-2026-42897, an Exchange Server zero-day vulnerability that has been exploited in attacks.

A disgruntled security researcher this week publicly disclosed two zero-day vulnerabilities in Windows that enable BitLocker ...

Depthfirst has published technical details and proof-of-concept (PoC) exploit code targeting a critical NGINX vulnerability.

Other noteworthy stories that might have slipped under the radar: Nvidia cloud gaming data breach, Android 17 security upgrades, FBI warning after ShinyHunters hacks Canvas. SecurityWeek’s weekly ...

Microsoft patches a critical Outlook vulnerability tracked as CVE-2026-40361 that can be exploited for remote code execution.

F5’s May 2026 quarterly security notification details 51 high and medium-severity vulnerabilities impacting BIG-IP, BIG-IQ, ...