Internet Security

Researchers uncover YellowKey and GreenPlasma Windows Zero-Days

May 15, 2026 add comment
Researchers disclosed two new Windows zero-days named YellowKey and GreenPlasma affecting BitLocker and the CTFMON framework. A security researcher known as Chaotic Eclipse, also called Nightmare-Eclipse, disclosed two new... Read more »

Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall

May 15, 2026 add comment
Pwn2Own Berlin 2026 day one saw 22 entries and 24 zero-days across major software, with researchers earning $523,000 in total rewards. Day one of Pwn2Own Berlin 2026 featured 22... Read more »

U.S. CISA adds a flaw in Cisco Catalyst SD-WAN  to its Known Exploited Vulnerabilities catalog

May 14, 2026 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a... Read more »

Linux Kernel bug Fragnesia allows local root access attacks

May 14, 2026 add comment
Fragnesia, a new Linux kernel flaw tracked as CVE-2026-46300, could let local attackers gain root access through page cache corruption. Researchers disclosed a new Linux kernel privilege escalation vulnerability... Read more »

Broadcom releases VMware Fusion security update for root access bug

May 14, 2026 add comment
Broadcom patched a high-severity VMware Fusion flaw, CVE-2026-41702, that could let local attackers gain root privileges. Broadcom released a security update for VMware Fusion to address a high-severity vulnerability,... Read more »

NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light

May 14, 2026 add comment
Researchers found a critical 18-year-old buffer overflow flaw in NGINX, tracked as CVE-2026-42945 and named NGINX Rift. If you run NGINX, and statistically speaking, there is a very good... Read more »

FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign

May 14, 2026 add comment
Chinese-linked FamousSparrow repeatedly targeted an Azerbaijani oil and gas company, reusing the same entry point in three intrusions from Dec 2025 to Feb 2026. Chinese-linked threat actor FamousSparrow has... Read more »

Nitrogen Ransomware claims massive data theft from Foxconn

May 14, 2026 add comment
Foxconn confirmed a cyberattack on some North American factories. The Nitrogen ransomware group claims it stole 8TB of data from the firm. Foxconn confirmed that several of its North... Read more »

Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming

May 13, 2026 add comment
Microsoft’s May 2026 Patch Tuesday fixed 138 flaws, including 30 critical bugs, across Windows, Office, Azure, Edge, SQL Server, and more. Microsoft’s May 2026 Patch Tuesday patched 138 vulnerabilities... Read more »

OpenLoop Health confirms January 2026 Data breach affecting 716,000

May 13, 2026 add comment
In January 2026, telehealth infrastructure firm OpenLoop Health suffered a security breach that exposed information of 716,000 people. OpenLoop Health confirmed a January 2026 cyberattack that exposed personal information... Read more »
Subscribe to our Newsletter