Microsoft warns of Exchange zero-day flaw exploited in attacks
…If you have EM Service currently disabled, we recommend you enable it right away. Please note that EM Service will not be able to check for new mitigations if your server is…
Search
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
…However, on Friday, Palo Alto Networks updated the advisory to warn that the flaw was now being actively exploited in attacks against unpatched devices, raising the severity rating to High. "Palo Alto…
Chinese hackers target telcos with new Linux, Windows malware
…processes and services. Registry manipulation — Modify Windows registry keys and values. Screenshot capture — Take screenshots of the victim's desktop and encrypt them for exfiltration. Encrypted configuration management — Store/update malware settings…
Drupal critical update to fix bug with high exploitation risk
…According to the public service announcement , the vulnerability affects Drupal core versions 8 and later, but the advisory clarifies that not all configurations are impacted. Security updates will be available for the…
Microsoft confirms Windows 11 security update install issues
Microsoft confirms Windows 11 security update install issues By Sergiu Gatlan May 18, 2026 04:33 AM Microsoft has confirmed that the May 2026 Windows 11 security update ( KB5089549 ) fails to install…
Microsoft fixes KB5089549 Windows security update install issues
…Undoing changes." message when the update rolls back, and may also find "SpaceCheck" and "ServicingBootFiles failed" log entries pointing to insufficient ESP free space. "This issue affects devices with limited free space…
Microsoft to automatically roll back faulty Windows drivers
…This is handled through coordinated updates to the PnP driver stack and the driver flighting and publishing services." The company also noted that: Devices where a Driver Shiproom-approved driver cannot be…
Fake Claude AI website delivers new 'Beagle' Windows malware
…The threat actor advertises Claude-Pro as a "high-performance relay service designed specifically for Claude-Code" developers. The fake website is a simplistic attempt at mimicking the legitimate site for the…
Australia warns of ClickFix attacks pushing Vidar Stealer malware
…Vidar Stealer is an information-stealing malware family and malware-as-a-service (MaaS) operation that emerged in late 2018. It gradually became a popular choice among cybercriminals for its cost-effectiveness…
Hackers abuse Google ads for GoDaddy ManageWP login phishing
…Avada Builder WordPress plugin flaws allow site credential theft TikTok for Business accounts targeted in new phishing campaign cPanel, WHM emergency update fixes critical auth bypass bug New Bluekit phishing service includes…