News
Microsoft Exchange Zero-Day Exploited in the Wild " and Pwn2 Own Researchers Just Made It Worse
1+ hour, 26+ min ago (477+ words) Follow Cyber Kendra on Google News! | Whats App | Telegram Microsoft Exchange Server is having a very bad week. While threat actors are already exploiting a critical cross-site scripting vulnerability in the wild, elite researchers at Pwn2 Own Berlin 2026 independently demonstrated full…...
Google Quietly Cut New Account Storage to 5 GB " Your Phone Number Is Now the Price of 15 GB
1+ day, 45+ min ago (315+ words) Follow Cyber Kendra on Google News! | Whats App | Telegram The prompt users now encounter makes the trade-off explicit: provide your number and get 15 GB, or skip it and stay capped at 5 GB. Google's stated rationale, visible within the signup flow…...
Linux Kernel Strikes Again: "Fragnesia" Is the Third Root-Level Flaw in Two Weeks
2+ day, 10+ hour ago (16+ words) cyberkendra. com...
NGINX Rift: An 18-Year-Old Bug Lets Hackers Hijack One-Third of the Internet's Web Servers
2+ day, 10+ hour ago (392+ words) Follow Cyber Kendra on Google News! | Whats App | Telegram A memory corruption flaw in NGINX's source code, hidden since 2008, now has a working exploit. An unauthenticated attacker anywhere on the internet can send a single crafted HTTP request to crash…...
Whats App's New Incognito AI Chat Is Genuinely Private " But Read the Fine Print
2+ day, 11+ hour ago (416+ words) Follow Cyber Kendra on Google News! | Whats App | Telegram Whats App today launched Incognito Chat with Meta AI, a mode where conversations are processed in a secure environment that even Meta cannot access, with messages disappearing by default once you…...
Composer Bug Silently Dumped Git Hub Tokens Into CI Logs " Patch Now
2+ day, 11+ hour ago (479+ words) Follow Cyber Kendra on Google News! | Whats App | Telegram Millions of PHP developers who rely on Composer for dependency management were silently exposed to a token-leaking vulnerability this week " one that required no misconfiguration, no attacker interaction, and no unusual…...
Tan Stack Packages Hit by Sophisticated Supply Chain Attack
4+ day, 1+ hour ago (404+ words) Follow Cyber Kendra on Google News! | Whats App | Telegram A self-propagating worm has torn through the Tan Stack Java Script ecosystem, publishing 84 malicious versions across 42 widely used npm packages in a six-minute window " and the attack was so well engineered…...
React and Next. js Hit With 12 Security Flaws " Three Let Attackers Bypass Auth, Hijack Servers
1+ week, 1+ day ago (409+ words) Follow Cyber Kendra on Google News! | Whats App | Telegram Cloudflare disclosed the situation on its WAF changelog on May 7, noting that the vulnerabilities were shared with minimal advance notice, leaving investigators still working out which flaws can even be blocked…...
JDownloader Website Hacked " Malicious Installers Served to Windows and Linux Users
1+ week, 1+ day ago (227+ words) Follow Cyber Kendra on Google News! | Whats App | Telegram JDownloader, one of the most widely used free download managers with millions of users across Windows, mac OS, and Linux, had its official website compromised by attackers who quietly swapped legitimate…...
Dirty Frag " No Patch, No Warning " Root Access on Every Major Linux Distro
1+ week, 1+ day ago (447+ words) Follow Cyber Kendra on Google News! | Whats App | Telegram Discovered by Korean security researcher Hyunwoo Kim, Dirty Frag chains two separate kernel vulnerabilities to hand any local user a root shell on virtually every major Linux distribution " and right now,…...