3+ hour ago  (384+ words) A serious cluster of vulnerabilities has been uncovered in PHP's core string processing and ext-soap components, putting numerous web servers at immediate risk of total takeover. While the SOAP extension has a notorious history of memory corruption flaws, this latest…...

3+ hour, 5+ min ago  (426+ words) Online shoppers have long been targets of digital theft, but a recent wave of attacks has raised the stakes in a troubling new way. Hackers tied to the notorious Magecart group are now hiding credit card skimmers inside Google Tag…...

3+ hour, 45+ min ago  (491+ words) A supply chain attack that started with a relatively obscure open-source scanner has now reached one of the most widely used application security tools in the industry. In May 2026, a malicious version of the Checkmarx Jenkins AST plugin was quietly…...

4+ hour, 21+ min ago  (683+ words) A dangerous Android banking malware known as Trick Mo has resurfaced with a powerful new variant, and this time it is more stealthy, more capable, and harder to stop than ever before. The threat is actively targeting users of banking…...

3+ hour, 31+ min ago  (434+ words) Open AI has introduced Daybreak, a strategic initiative to change how modern software is built and defended against emerging threats. Moving away from traditional reactive patching, Daybreak focuses on making software resilient by design from the very beginning of the…...

4+ hour, 5+ min ago  (372+ words) In a chilling blow to mobile security, Google's May 2026 Android Security Bulletin has unmasked a catastrophic zero-click vulnerability lurking within the core Android System. The CVE-2026-0073 flaw in Android's adbd daemon lets nearby threat actors remotely gain full shell access…...

7+ hour, 57+ min ago  (494+ words) A fatal authentication bypass vulnerability is actively affecting c Panel and Web Host Manager (WHM) servers worldwide. Tracked as CVE-2026-41940 and bearing an apocalyptic maximum severity score of 9. 8, this critical flaw has essentially handed the keys to the kingdom directly…...

21+ hour, 41+ min ago  (457+ words) In today's fast-paced digital environment, businesses increasingly rely on outsourced development teams to accelerate delivery and reduce costs. However, while outsourcing brings efficiency, it also introduces a new layer of cybersecurity risks that many companies underestimate. One of the most…...

6+ hour, 12+ min ago  (566+ words) A new tool, Bit Unlocker, reveals a practical downgrade attack against Microsoft's Bit Locker encryption, allowing attackers with physical access to decrypt protected volumes on patched Windows 11 machines in under 5 minutes by exploiting a crucial gap between patching and certificate…...

8+ hour, 50+ min ago  (437+ words) A significant supply-chain compromise affecting 84 npm package artifacts across the Tan Stack namespace. The malicious versions, published to the npm registry at approximately 19: 20 and 19: 26 UTC, contain a suspected credential-stealing payload targeting CI systems, including Git Hub Actions. According to Socket,…...