GitHub fixes RCE flaw that gave access to millions of private repos

In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed ...
The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
SecurityWeek

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years

An OpenSSH vulnerability introduced 15 years ago could allow attackers to obtain full root shell access to vulnerable servers ...
The Hacker News

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

PhantomCore exploited three TrueConf flaws since September 2025, enabling remote access and lateral movement across Russian ...

What global banks said about Anthropic's new Mythos model that the company ‘refused’ to release publicly

Anthropic unveiled Claude Mythos in a selective manner earlier this month. However, the AI company chose not to release it ...
Tribune Online on MSN

CBN, NFIU deepen collaboration on financial intelligence, AML/CFT framework

The Central Bank of Nigeria (CBN) and the Nigeria Financial Intelligence Unit (NFIU) have intensified collaboration to strengthen financial intelligence sharing, regulatory coordination and ...
Security Boulevard

Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft ...
Newsworthy.ai

An AI Escaped Its Sandbox, Emailed a Researcher, Then Self-Published Its Own Exploit Online!

VectorCertain LLC today announced new validation results demonstrating that its SecureAgent platform successfully detected ...

Iran and its allies are committing epic financial fraud in America. I watch it happen every day

State actors from Iran, North Korea, Russia and China run coordinated financial fraud operations inside the U.S. system using ...

Mythos shock: Why regulators in India, other nations are spooked by Anthropic’s new tool

Anthropic’s Mythos AI model has triggered global cybersecurity concerns due to its advanced ability to both detect and ...