Search

bleepingcomputer.com › news › security

VS Code zero-day lets hackers steal GitHub tokens in one click

…They also marked it as not having any security impact. "As I mentioned in that post, going forward I would be doing full public disclosure for any security bugs I found in…

Jun 3, 2026 · Sergiu Gatlan

Top stories

bleepingcomputer.com

Maine disables data breach notification portal after fake disclosures

2d ago

bleepingcomputer.com

Maine breach portal abused to publish fake data breach disclosures

3d ago

hothardware.com

Microsoft's June 2026 Patch Tuesday Smashes Record With Over 200 Security Fixes

4d ago

phoronix.com

X.Org Server Starts June With Nine New Security Vulnerabilities Discovered Via AI

1w ago

intel.com › content › www › …

Intel® Dynamic Application Loader (Intel® DAL) Licensee Guide

…Licensee must refrain from any public disclosure of the issue prior to reaching agreement with Intel on the timetable and content for such disclosure. For further details on reporting security issues to…

· Benzi Schreiber

theverge.com › tech › 911888

The FCC just saved Netgear from its router ban for no obvious reason

…material disclosures that might affect their fortunes, they’re legally required to inform investors — and Netgear did do that in this case, submitting these two documents to the US Securities and Exchange…

Apr 14, 2026 · Sean Hollister

theregister.com › security › 2026 › …

Critical Microsoft Excel bug weaponizes Copilot Agent

Security Critical Microsoft Excel bug weaponizes Copilot Agent for zero-click information disclosure attack Could steal sensitive personal and financial data After a whopper of a Patch Tuesday last month , with six…

Mar 10, 2026 · Jessica Lyons

Discussions and forums

r/cybersecurity · u/sunychoudhary · 1w ago

Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process

https://securityaffairs.com/193128/security/researcher-drops-a-new-vs-code-zero-day-after-losing-trust-in-microsofts-disclosure-process.html

r/cybersecurity · u/Aureliand · 2w ago

Microsoft vs Chaotic Eclipse: three zero-days now actively exploited

This one has been building for a month and it came to a head this week. A researcher going by Chaotic Eclipse has released six Windows zero-days publicly over the past several weeks, covering Defender, BitLocker, and Win…

r/netsec · u/unknownhad · May 10, 2026

The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice.

The traditional vulnerability disclosure timeline relies on a fundamental assumption: exploit development and vulnerability discovery take time. Over the last 12 months the integration of LLMs into offensive tooling has …

r/devops · u/pando85 · May 14, 2026

NGINX CVE-2026-42945 (ngx_http_rewrite_module) — patched boundary is 1.30.1 / 1.31.0

Disclosure: I work on Forkline, which maintains a fork of the retired Kubernetes ingress-nginx controller. NGINX published a security advisory for ngx_http_rewrite_module. The affected versions are NGINX Open Source belo…

r/kubernetes · u/pando85 · May 14, 2026

NGINX CVE-2026-42945 (rewrite module) — check your version if you are below 1.30.1 or 1.31.0

TL;DR: If you are running NGINX Open Source below 1.30.1 or 1.31.0, you are affected by the current ngx_http_rewrite_module CVE batch. For Kubernetes ingress-nginx users this is especially relevant — the retired controll…

phoronix.com › news › Patch-Tuesday-May-2026

AMD & Intel Roll Out New Linux Updates For Today's Patch Tuesday

…Both AMD and Intel have rolled out new updates for Linux customers among other security disclosures today. Thankfully though the vulnerabilities don't appear to be too widespread or impactful. Hitting the…

May 12, 2026

tweaktown.com › news › 111895 › …

Microsoft threatened a security researcher with criminal charges, and the cybersecurity community isn't having it

…TweakTown News Hacking, Security & Privacy TL;DR: Microsoft threatened criminal charges against researcher Nightmare Eclipse for uncoordinated zero-day disclosures of six Windows vulnerabilities, sparking backlash from the cybersecurity community. Three exploits…

May 31, 2026 · Hassam Nasir

theverge.com › tech › 940416

Microsoft is threatening legal action for disclosing exploits

…But what caught cyber security researcher Kevin Beaumont’s eye was how Microsoft has responded. Microsoft suggests it plans to bring a criminal case against Nightmare Eclipse for failing to follow “proper…

May 30, 2026 · Terrence O'Brien

extremetech.com › computing

Everything Surrounding These New AMD Security Allegations Reeks of a Hit Job

…Security researchers are also raising the alarm regarding some highly suspicious disclosures and framing of the underlying issues. With Spectre and Meltdown, an early disclosure spilled the beans about a week earlier…

Mar 13, 2018 · Joel Hruska

hothardware.com › news

Anthropic Project Glasswing Targets Safer AI Agents Before They Go Rogue

…The company has also partnered with the Open Source Security Foundation's Alpha-Omega project to help overwhelmed maintainers handle the surge in AI-generated bug disclosures. The patch bottleneck could be…

May 23, 2026 · Tim Sweezy

tomshardware.com › software › linux

CISA flags actively exploited ‘Copy Fail’ Linux kernel flaw enabling root takeover across major distros — unpatched systems may remain vulnerable to attack

…the Openwall oss-security mailing list suggests that the vulnerability and the working exploit were publicly disclosed without prior coordination with Linux distribution maintainers. In typical responsible disclosure processes, vendors are given…

May 4, 2026 · Etiido Uko