Browsing Category
Security
98 posts
Cybersecurity news, software supply chain risk, privacy threats, and practical security guidance.
SharePoint’s New Exploited RCE Turns Patching Into Key Rotation Triage
CISA added Microsoft SharePoint Server CVE-2026-58644 to its exploited-vulnerabilities catalog on July 16, two days after Microsoft patched it. Admins should patch, verify AMSI, hunt for machine-key theft, and reduce internet exposure before treating the farm as clean.
CMS Webshell Campaign Puts WordPress Plugins on an Emergency Checklist
Australia's cyber agency says attackers are exploiting known CMS and plugin flaws at scale to plant webshells on public websites. Site owners should treat this as a compromise check, not just a routine update reminder.
Microsoft Purview Migration Puts Defender DLP Policies on a Deadline
Microsoft is retiring Defender for Cloud Apps file policies on January 6, 2027, forcing Microsoft 365 security teams to rebuild DLP and auto-labeling controls in Purview before existing policies stop being supported or enforced.
Microsoft Says AI Will Make Windows Security Updates Bigger
Microsoft says AI-assisted vulnerability discovery will increase the number of Windows security fixes customers see in each release. For IT teams, the shift makes patch operations less about one monthly event and more about continuous risk-based deployment.
Januscape KVM Flaw Turns Nested Virtualization Into a Host-Escape Risk
CVE-2026-53359, dubbed Januscape, is a 16-year-old Linux KVM shadow MMU flaw that can let a guest VM crash, and potentially escape to, an x86 host when nested virtualization is exposed. Operators should treat it as a hypervisor-boundary patch event, not a routine kernel update.
Signal Backup-Key Phishing Turns Account Recovery Into an Espionage Target
The FBI and CISA warn that Russian intelligence-linked actors are impersonating messaging-app support accounts to steal Signal backup recovery keys, verification codes, and account PINs. The attacks do not break encryption, but they can expose message backups and keep account-takeover paths alive until users replace compromised keys.
Hidden Web Prompts Turn AI Agents Into Payment Targets
Zscaler found malicious websites using SEO poisoning, hidden HTML, JSON-LD metadata, and crypto-payment flows to manipulate browsing AI agents. The findings show why agent deployments need transaction limits, source checks, and runtime controls before they are allowed to browse the open web or move money.
FLARE-AI Gives AI Failures a CERT-Style Reporting Path
FLARE-AI, a new open-source reporting system launched July 1, gives researchers and users a structured way to report AI flaws, incidents, hazards, and vulnerabilities to developers, CERT/CC, incident databases, and other coordinators. Its real test is whether AI safety reporting can move beyond scattered emails, social posts, and vendor-specific forms.
New CitrixBleed Flaw Puts NetScaler SAML Gateways on Patch Watch
CVE-2026-8451 affects NetScaler ADC and Gateway appliances configured as SAML identity providers, and Lupovis says exploit payloads appeared within 24 hours of disclosure. Admins should verify SAML IdP exposure, upgrade affected builds, and review SAML endpoint logs before treating the issue as routine patching.
AirDrop and Quick Share Flaws Show the Risk of Nearby Sharing
CISPA researchers found six flaws across Apple AirDrop and Google/Samsung Quick Share, including AirDrop crashes, Samsung Quick Share protocol bypasses, and a Google Quick Share for Windows use-after-free. The risk is local, but crowded places make nearby-sharing settings worth checking now.