Microsoft’s monthly update included 206 fixes for flaws in everything from Windows to Office to Exchange Server, not to mention three zero-days.
Attackers did not crack a password, intercept a verification code or breach a single server; they simply asked Meta's own AI to hand over the keys. A critical logical flaw in Meta's AI-powered ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based ...
Drupal has patched a highly critical vulnerability that could allow threat actors to hack websites powered by the open source content management system (CMS). The developers of the CMS had alerted ...
Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today to fix a “highly critical” SQL injection vulnerability in the application’s ...
Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the ...
Ivanti warns of security vulnerabilities in Endpoint Manager, a management software for users and devices in the network. In total, there are three security flaws – one narrowly misses the ...
On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft Visual ...
Microsoft released patches for a near record 165 CVEs, one of which attackers are already actively exploiting and another that's publicly known but so far remains unexploited. Microsoft assessed 19 of ...
A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in. A vulnerability in a widely used WordPress ...
In a welcome relief for sysadmins, Microsoft released security updates for just 79 vulnerabilities in this month’s Patch Tuesday yesterday, including two publicly disclosed zero-days. Microsoft ...
As part of Microsoft’s March 2026 Security Update, an elevation of privilege vulnerability in Microsoft SQL Server, tracked as CVE-2026-21262, was disclosed and patched. The flaw arises from improper ...