Somewhere around late May, an attacker pointed a browser at a SimpleHelp server, submitted a self-signed JWT to the OIDC callback endpoint, and walked away...
CISA gave federal agencies until July 4 to patch CVE-2026-45659 — a SharePoint Server deserialization flaw that's been actively exploited in the wild.
Netlogon was supposed to be a solved problem.
SQL injection was supposed to be a solved problem. Parameterized queries have existed for decades.
A 732-byte Python script. No race conditions, no kernel offsets to guess, no special permissions needed.
Every security product on your endpoint runs as SYSTEM. That sentence should terrify you more than it does.
ssh-keysign runs as root. It opens your host's private SSH keys, does its work, and exits.
Every Windows machine on your network does thousands of DNS lookups a day.
UAT-8616 broke into Cisco SD-WAN controllers earlier this year through CVE-2026-20127. Cisco patched it.
On May 7, Vercel dropped a coordinated security release for Next.js addressing thirteen advisories in one batch.
Microsoft's May Patch Tuesday shipped without a single zero-day — the first clean month since June 2024. Press coverage was almost celebratory.
Georgia Tech's Vibe Security Radar project has been quietly counting since May 2025.
Microsoft dropped a research post on May 7 that should make every team building AI agents stop and audit their tool-calling code tonight.
A 732-byte Python script. Three syscalls.
Apache Polaris mints short-lived, scoped cloud credentials so your Spark and Trino jobs can read Iceberg tables without holding permanent keys.
Sometimes the most devastating bugs are the simplest.
Every few months, a CVSS 10.0 drops and security Twitter loses its collective mind.
Wiz dropped CVE-2026-3854 on April 28 and the headline sounds made up: any authenticated GitHub user could get remote code execution on the backend with...
Somewhere around 3 AM UTC on April 22, an attacker fed a chat completion request to an LMDeploy server.