CISA warns of active attacks exploiting Android, Linux bugs
… The issue has been addressed with the release of June 2026 security patches 2026-06-01 and 2026-06-05 security patch levels . …
Search
All sources
bleepingcomputer.com
42
theregister.com
14
theverge.com
9
tomshardware.com
8
hothardware.com
6
pcworld.com
6
androidauthority.com
4
arstechnica.com
4
macrumors.com
4
techradar.com
3
engadget.com
3
appleinsider.com
3
Videos
More videos
This Linux Bug Gives Attackers Root
Dirty Frag Won't Be The Last Exploit
Sorry Windows 10 Users...
An initiative to secure the world's software | Project Glasswing
Firefox JIT Bug - Pwn2Own Documentary (Part 3)
Microsoft Windows Agentic AI Malware
AI Is Hacking Everything Now...
Intel again making chips for Apple? Googlebook + [UNNAMED] OS - Talking Heads Ep.432
A Vulnerability to Hack The World - CVE-2023-4863
MechaCon: PS2s Unbreakable Gatekeeper ...Until it wasn't
Top stories
Microsoft's GitHub bans security researcher who posted zero-day Windows exploits because company 'ruined their life' — expert claims action is vindictive and promises further retaliation
1w agoAI shrinks zero-day exploit time from a year to a single day, heading toward one minute — Zero-Day Clock warns security window has collapsed
1w agoAnother major Linux security flaw revealed — nine-year old issue could spell disaster for users
1w agoMillions of Chrome and Edge Users Exposed To Alarming Exploit by Google Security Blunder
1w agoMicrosoft warns of new Defender zero-days exploited in attacks
… For example, type "Security" in the Search bar, then select the Windows Security program. …
Google fixes one actively exploited Android zero-day, 124 flaws
… Download Now Related Articles: Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks Race Against Time: Why Faster Vulnerability Alerts Matter Disgruntled r… …
CISA flags two-year-old Oracle flaw as actively exploited in attacks
… "Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data." Internet intelligence platform Shodan now tracks over 1,592 Oracle WebLogic servers exposed online and vulnerable to CVE-2024-21182 exploit… …
Discussions and forums
Microsoft's GitHub bans security researcher who posted zero-day Windows exploits because company "ruined their life" — expert claims action is vindictive and promises further retaliation
Microsoft's GitHub bans security researcher who posted zero-day Windows exploits because company "ruined their life" — expert claims action is vindictive and promises further retaliation
Speed Matters: Why AI Software Vulnerability Exploitation is going be bad
I co-founded a successful security company close to the Mythos ecosystem and have spoken with participants in the know and I am deeply concerned. We, collectively, have answers for some but not all of the problems ahead …
13
5
The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice.
The traditional vulnerability disclosure timeline relies on a fundamental assumption: exploit development and vulnerability discovery take time. Over the last 12 months the integration of LLMs into offensive tooling has …
Microsoft vs Chaotic Eclipse: three zero-days now actively exploited
This one has been building for a month and it came to a head this week. A researcher going by Chaotic Eclipse has released six Windows zero-days publicly over the past several weeks, covering Defender, BitLocker, and Win…
Tell HN: Compliance is not equal to Security
For over a decade, I’ve been doing bug bounty, security audits, and security consulting. And if there’s one thing I’ve seen repeatedly, it’s this:Most startups call a security engineer or hire a security agency only when…
1
1
CISA orders feds to patch actively exploited Drupal vulnerability
… Cybersecurity and Infrastructure Security Agency CISA added the flaw to its Known Exploited Vulnerabilities KEV Catalog and ordered Federal Civilian Executive Branch FCEB agencies to patch their systems by midnight on Wednesday, May 27, as mandated by Binding Operational Directive BOD 22-01 . …
Unknown attackers exploit another critical SharePoint bug
… In October, we learned that other Beijing crews – including Salt Typhoon – also joined in the attacks. ® security microsoft cybersecurity and infrastructure security agency cybercrime cyber-crime
First Apple M5 memory exploit discovered using Anthropic AI, gives root access on MacOS — Claude Mythos helps security researchers bypass Memory Integrity Enforcement
Thanks to AI-assisted security research, hackers with hats of various colors are finding exploits everywhere. …
Max severity Cisco Secure Workload flaw gives Site Admin privileges
… Cybersecurity and Infrastructure Security Agency CISA added the CVE-2026-20182 flaw to its Known Exploited Vulnerabilities Catalog on May 14 and ordered federal agencies to secure affected devices within three days, by May 17. …
Drupal critical update to fix bug with high exploitation risk
Drupal critical update to fix bug with high exploitation risk By Bill Toulas May 20, 2026 08:52 AM Drupal has announced a "core security release" scheduled for later today, warning that threat actors might develop exploits within hours of the update disclosure. …
Palo Alto Networks firewall zero-day exploited for nearly a month
… Cybersecurity and Infrastructure Security Agency CISA also added the CVE-2026-0300 zero-day to its Known Exploited Vulnerabilities KEV Catalog and ordered Federal Civilian Executive Branch FCEB agencies to secure vulnerable firewalls by Saturday midnight, May 9. …