New Apple feature automatically changes your compromised passwords
…This changes with a new AI-powered security feature. Apple says the built-in password app and Safari now use AI to "agentically" take action based on your behavior and secure your…
Search
Microsoft: Domain Controller lookup may fail on Windows Server 2016
…In April, Microsoft also finally addressed a bug that had been plaguing Windows servers since September 2024, causing devices running Windows Server 2019 and Windows Server 2022 to upgrade to Windows Server…
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
…Serv-U is the company's Windows and Linux file transfer software that offers Managed File Transfer (MFT) and FTP server capabilities, which allow users to securely exchange files via HTTP/HTTPS…
Instructure confirms hackers used Canvas flaw to deface portals
…The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger…
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
…It surfaced thousands of zero-days across every major OS and browser, including a 27-year-old bug in OpenBSD, an operating system whose entire reputation is built on not having bugs…
Anthropic’s restricted Claude Mythos model may be coming to Claude Code
…On April 7, Anthropic announced the Mythos in early preview and called it a new frontier model with strikingly advanced capabilities in computer security tasks. Anthropic said the Mythos model shows major…
Trend Micro warns of Apex One zero-day exploited in the wild
…Apex One is Trend Micro's enterprise-grade endpoint security platform that protects corporate networks from a wide range of security threats, including malware, ransomware, fileless attacks, and web-based threats. Tracked…
Exploit released for new PinTheft Arch Linux root escalation flaw
…The Cybersecurity and Infrastructure Security Agency (CISA) has added Copy Fail to its list of flaws exploited in attacks on May 1 and ordered government agencies to secure their Linux systems within…
Anthropic confirms Claude Mythos-class models will roll out to the public
…Mythos was announced in April as a restricted model and was made available only to select companies, including security researchers. At that time, Anthropic cited major "security" risks with the Mythos model…
18-year-old NGINX vulnerability allows DoS, potential RCE
…bug causing out-of-bounds reads (medium severity) Impact and fixes The vulnerabilities were discovered on April 18, 2026, and reported to the vendor on April 21. According to F5’s security…