1. A critical heap buffer overflow vulnerability in NGINX tracked as CVE-2026-42945 is being actively exploited in the wild to cause worker crashes and potential remote code execution (The Hacker News).
2. Security researcher Chaotic Eclipse released a proof of concept for a Windows zero day exploit named MiniPlasma that grants attackers SYSTEM privileges on fully patched systems (Bleeping Computer).
3. The Tycoon2FA phishing kit is actively hijacking Microsoft 365 accounts by utilizing device code phishing and abusing Trustifi click tracking URLs (Bleeping Computer).
4. Grafana disclosed a security breach where an unauthorized party accessed their GitHub environment using a compromised token to download the company codebase (The Hacker News).
5. A new proof of concept exploit is available for the DirtyDecrypt local privilege escalation vulnerability affecting the Linux kernel rxgk module (Bleeping Computer).
6. Security researchers earned over 1.2 million dollars for successfully demonstrating 47 zero day exploits during the Pwn2Own Berlin 2026 hacking contest (Bleeping Computer).
7. Analysis of the pre Stuxnet fast16 malware confirmed it was a cyber sabotage tool specifically engineered to tamper with nuclear weapons testing simulations (The Hacker News).
8. Microsoft confirmed that the May 2026 security update KB5089549 is failing to install on some Windows 11 systems and triggering 0x800f0922 errors (Bleeping Computer).
9. A free movie application identified as Netmirror was exposed for engaging in malicious activities against its users (Reddit).
10. Reports indicate that approximately one million baby monitors and security cameras were left exposed and easily viewable by unauthorized parties (Reddit).
Be First to Comment