2026

Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild

Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild 2026-05-15 at 15:32 By Eduard Kovacs Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions. The post Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt […]

Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild Read More »

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface 2026-05-15 at 15:32 By In Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust, we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration.

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface Read More »

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates 2026-05-15 at 15:32 By OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates Read More »

Everybody on Wall Street is ridiculing Ryan Cohen’s $56B eBay bid — but I’m not so sure

Everybody on Wall Street is ridiculing Ryan Cohen’s $56B eBay bid — but I’m not so sure 2026-05-15 at 14:32 By Charles Gasparino GameStop is a lousy business, which CEO Cohen readily admits, but somehow he has made it work. This article is an excerpt from Latest Technology News | New York Post View Original

Everybody on Wall Street is ridiculing Ryan Cohen’s $56B eBay bid — but I’m not so sure Read More »

Akamai to acquire LayerX for $205 million

Akamai to acquire LayerX for $205 million 2026-05-15 at 14:32 By Industry News Akamai has entered into a definitive agreement to acquire LayerX, a provider of browser-based AI usage control and secure enterprise browser (SEB) technology. LayerX’s solutions will extend Akamai’s protection into the browser, where the majority of enterprise tasks now occur and where

Akamai to acquire LayerX for $205 million Read More »

Thieves unlock stolen iPhones using cheap tools sold on Telegram

Thieves unlock stolen iPhones using cheap tools sold on Telegram 2026-05-15 at 14:32 By Sinisa Markovic Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishing infrastructure used to monetize stolen iPhones. Activation Lock can remotely disable a stolen iPhone and prevent normal resale, with

Thieves unlock stolen iPhones using cheap tools sold on Telegram Read More »

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) 2026-05-15 at 14:32 By Zeljka Zorz A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still in the works. In the meantime, Microsoft provided temporary mitigations. About CVE-2026-42897 CVE-2026-42897 affects on-premises versions of

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) Read More »

Rocky Linux launches opt-in security repository for urgent fixes

Rocky Linux launches opt-in security repository for urgent fixes 2026-05-15 at 14:32 By Sinisa Markovic Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code exists and upstream patches are unavailable. “The repository is disabled by default. That’s intentional. The

Rocky Linux launches opt-in security repository for urgent fixes Read More »

American Lending Center Data Breach Affects 123,000 Individuals

American Lending Center Data Breach Affects 123,000 Individuals 2026-05-15 at 14:32 By Eduard Kovacs The non-bank lender discovered a ransomware attack nearly one year ago, but only recently completed its investigation. The post American Lending Center Data Breach Affects 123,000 Individuals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

American Lending Center Data Breach Affects 123,000 Individuals Read More »

OpenAI Hit by TanStack Supply Chain Attack

OpenAI Hit by TanStack Supply Chain Attack 2026-05-15 at 14:32 By Ionut Arghire Two employee devices were compromised in the attack, and credential material was stolen from OpenAI code repositories. The post OpenAI Hit by TanStack Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

OpenAI Hit by TanStack Supply Chain Attack Read More »

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code 2026-05-15 at 14:32 By Ionut Arghire The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards. The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code Read More »

Keycard helps developers secure autonomous AI agents with scoped access

Keycard helps developers secure autonomous AI agents with scoped access 2026-05-15 at 11:02 By Industry News Keycard has announced Keycard for Multi-Agent Apps, extending its platform to support delegated, session-based access across systems of autonomous agents. Keycard lets developers build apps where every agent has its own identity, access is scoped to each task and

Keycard helps developers secure autonomous AI agents with scoped access Read More »

Chrome 148 Update Patches Critical Vulnerabilities

Chrome 148 Update Patches Critical Vulnerabilities 2026-05-15 at 11:02 By Ionut Arghire The refresh resolves critical-severity use-after-free and other types of bugs in various browser components. The post Chrome 148 Update Patches Critical Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 148 Update Patches Critical Vulnerabilities Read More »

Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026

Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 2026-05-15 at 10:16 By Eduard Kovacs The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. The post Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 appeared first on SecurityWeek. This article is an

Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 Read More »

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email 2026-05-15 at 10:16 By Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email Read More »

Deepfake detection is losing ground to generative models

Deepfake detection is losing ground to generative models 2026-05-15 at 09:04 By Sinisa Markovic Deepfake detection has been built around a single question for close to a decade. Given a video or audio clip, is it real or synthetic? Commercial detectors analyze pixels, frequencies, and biometric signals to answer that question, and the best of

Deepfake detection is losing ground to generative models Read More »

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits 2026-05-15 at 09:04 By The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17,

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits Read More »

Zombie linkages are keeping expired domains trusted for years

Zombie linkages are keeping expired domains trusted for years 2026-05-15 at 08:24 By Sinisa Markovic Domains expire, get transferred, and return to the market every day. The systems connected to those domains can continue trusting the original owner long after control has changed. Researchers at USC and the University of Twente examined this problem in

Zombie linkages are keeping expired domains trusted for years Read More »

Lawyers for Elon Musk, Sam Altman wind down OpenAI trial with testy parting shots

Lawyers for Elon Musk, Sam Altman wind down OpenAI trial with testy parting shots 2026-05-15 at 07:37 By Marc Vartabedian Lawyers for the OpenAI co-founders turned rivals Elon Musk and Sam Altman took final digs at their counterparties and reminded jurors of embarrassing anecdotes Thursday during closing statements in the bombshell case over the future

Lawyers for Elon Musk, Sam Altman wind down OpenAI trial with testy parting shots Read More »

Scroll to Top