1. Cloud development platform Vercel confirmed a security breach involving unauthorized access to internal systems following the compromise of a third party AI tool used by an employee (The Hacker News).
2. Threat actors are actively exploiting a 17 year old Microsoft Excel vulnerability which has been flagged by the US cyber defense agency (Reddit).
3. Researchers identified a new malware strain named ZionSiphon targeting Israeli water treatment and desalination operational technology systems (The Hacker News).
4. Microsoft released emergency out of band updates to address issues affecting Windows Server systems following the April 2026 security patch cycle (Bleeping Computer).
5. Microsoft reverted a service update that caused launch failures for the Microsoft Teams desktop client (Bleeping Computer).
6. Attackers are abusing legitimate Apple account change notifications to distribute phishing emails that bypass spam filters (Bleeping Computer).
7. A high severity second order SQL injection vulnerability was reported in mailcow and assigned CVE 2026 40871 (Reddit).
8. NIST announced it will stop assigning severity scores to lower priority vulnerabilities due to a significant increase in submission volume (Bleeping Computer).
9. Indicators of compromise related to the Vercel breach were discovered in infostealer malware linked to a Context AI employee (Reddit).
10. Security researchers warned of a campaign involving the exploitation of various vulnerabilities before they are fully disclosed (Reddit).
11. An account takeover incident was discovered that persisted for six weeks during a routine license audit (Reddit).
12. Users reported suspicious account access notifications involving OTP services for Spotify and Microsoft (Reddit).
Be First to Comment