Google accidentally exposed details of unfixed Chromium flaw
…Since it was a security problem, the labels for the bug were updated so it could go through the Chrome Vulnerability Rewards Program (VRP) Panel, and the issue was marked as fixed…
Search
SimpleHelp bug lets hackers create rogue remote support accounts
…Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen. The Picus whitepaper shows how breach and…
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
…Other successful attempts include k3vg3n chaining 3 bugs to take down LiteLLM ($40,000), Satoki Tsuji and haehae exploiting NVIDIA Megatron Bridge zero-days ($20,000), Compass Security and maitai of Doyensec…
WP Maps Pro bug exploited to create admin accounts on WordPress sites
…The vulnerability, tracked as CVE-2026-8732, has a critical severity rating and impacts WP Maps Pro versions 6.1.0 and older. It was discovered and reported by security researcher David…
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
…Windows 11 and Red Hat Enterprise Linux for Workstations again, and used a memory corruption bug to exploit VMware ESXi. After Pwn2Own ends, vendors have 90 days to release security patches before…
Ivanti: Max severity Sentry flaw allows code execution as root
…Formerly known as MobileIron Sentry, Ivanti Sentry is a security gateway appliance that secures traffic between back-end corporate systems and remote mobile devices. Tracked as CVE-2026-10520 , the maximum-severity…
Microsoft fixes KB5089549 Windows security update install issues
…Earlier this month, Microsoft also confirmed that the April 2026 security updates were causing failures in third-party backup applications that used a vulnerable driver, and fixed a Windows Autopatch bug that…
Microsoft fixes Windows update failures linked to WUSA installer
…April 2025 preventing enterprise customers from installing the April 2025 security updates via Windows Server Update Services (WSUS), and an identical bug that caused the August 2025 Windows 11 updates to fail…
Max severity Ivanti Sentry vulnerability now exploited in attacks
…Formerly known as MobileIron Sentry, the Ivanti Sentry security gateway appliance secures traffic between back-end corporate systems and remote mobile devices. Tracked as CVE-2026-10520 , the maximum-severity vulnerability stems…
Ubiquiti patches three max severity UniFi OS vulnerabilities
…Cybersecurity and Infrastructure Security Agency (CISA) also added a critical command injection flaw ( CVE-2010-5330 ) in Ubiquiti AirOS to its catalog of actively exploited vulnerabilities and ordered federal agencies to secure…