Vulnerabilities PoC Code Published for Critical NGINX Vulnerability Introduced in 2008, the critical-severity security defect was patched this week in NGINX Plus and NGINX open source. Ionut ArghireMay 16, 2026
Vulnerabilities Chrome 148 Update Patches Critical Vulnerabilities The refresh resolves critical-severity use-after-free and other types of bugs in various browser components. Ionut ArghireMay 15, 2026
Vulnerabilities F5 Patches Over 50 Vulnerabilities The company’s latest quarterly advisory describes high and medium-severity issues in BIG-IP, BIG-IQ, and NGINX. Ionut ArghireMay 14, 2026
Artificial Intelligence Hackers Targeted PraisonAI Vulnerability Hours After Disclosure The first exploitation attempts were observed less than four hours after the authentication bypass was publicly disclosed. Ionut ArghireMay 14, 2026
Vulnerabilities High-Severity Vulnerability Patched in VMware Fusion The patch was announced as Broadcom is attending the Pwn2Own hacking competition in Berlin this week. Eduard KovacsMay 14, 2026
Artificial Intelligence Microsoft, Palo Alto Networks Find Many Vulnerabilities by Using AI on Their Own Code Microsoft’s MDASH discovered 16 of the Patch Tuesday vulnerabilities, and Palo Alto used Mythos to find dozens of flaws. Eduard KovacsMay 13, 2026
Email Security Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises CVE-2026-40361 is similar to a vulnerability found a decade ago, BadWinmail, which at the time was dubbed an “enterprise killer”. Eduard KovacsMay 13, 2026
Vulnerabilities Fortinet, Ivanti Patch Critical Vulnerabilities Successful exploitation of these flaws could lead to arbitrary code execution and information disclosure. Ionut ArghireMay 13, 2026
Vulnerabilities Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabilities The two chip giants have published over two dozen advisories describing recently identified security defects. Ionut ArghireMay 13, 2026
ICS/OT ICS Patch Tuesday: New Security Advisories From Siemens, Schneider, CISA Many ICS vendors have not released new advisories for the May 2026 Patch Tuesday. Eduard KovacsMay 13, 2026
Vulnerabilities Microsoft Patches 137 Vulnerabilities Fresh security updates resolve critical flaws in Azure, Windows, Dynamics 365, and the SSO Plugin for Jira & Confluence. Ionut ArghireMay 12, 2026
Vulnerabilities Adobe Patches 52 Vulnerabilities in 10 Products While none of the flaws have been exploited in the wild, many of them could lead to arbitrary code execution. Ionut ArghireMay 12, 2026
Vulnerabilities SAP Patches Critical S/4HANA, Commerce Vulnerabilities The flaws could allow attackers to inject malicious code, leading to information disclosure and code execution. Ionut ArghireMay 12, 2026
Artificial Intelligence Claude Mythos Finds Only One Curl Vulnerability; Experts Divided on What It Really Means Curl’s lead developer says Mythos claims are marketing, but many in the industry believe the results stem from Curl’s robust security. Eduard KovacsMay 12, 2026
Artificial Intelligence Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover Lax extension permissions and improper trust implementation allow attackers to inject prompts in the Claude Chrome extension. Ionut ArghireMay 8, 2026
Vulnerabilities Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks CVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code. Eduard KovacsMay 8, 2026
Vulnerabilities Chrome 148 Rolls Out With 127 Security Fixes The fresh browser update resolves critical-severity integer overflow and use-after-free vulnerabilities. Ionut ArghireMay 7, 2026
Network Security Cisco Patches High-Severity Vulnerabilities in Enterprise Products Successful exploitation of the flaws could lead to code execution, server-side request forgery attacks, and denial-of-service conditions. Ionut ArghireMay 7, 2026
Artificial Intelligence Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack Attackers could inject prompts into a GitHub issue and take over the AI agent designed to automatically triage the issue. Ionut ArghireMay 7, 2026
Vulnerabilities Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. Eduard KovacsMay 6, 2026