Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Microsoft
Microsoft demystifies how Windows updates work

Microsoft has published a guide explaining the Windows servicing model, outlining the purpose of monthly security updates, optional preview releases, hotpatch updates, and the …

Debian
Debian 13.6 security update patches over a hundred advisories in trixie

Most PCs still run with a UEFI Secure Boot certificate authority, installed by default since 2013, that has now expired. That certificate signed the bootloaders letting …

Microsoft Intune security update status
Microsoft is rewriting Windows patch guidance because of AI

Microsoft is recommending that organizations shorten Windows update deployment timelines, warning that advances in AI are reducing the time attackers need to identify and …

Microsoft Windows Defender
Microsoft releases fix for RoguePlanet Defender flaw (CVE-2026-50656)

Microsoft has finally released a security update for its Microsoft Malware Protection Engine, which fixes CVE-2026-50656, the Windows Defender local privilege escalation …

ClamAV
New ClamAV security patch closes seven scanner bugs dating back two decades

Open source antivirus scanning sits inside mail gateways, file upload checks, and endpoint tooling at organizations of every size. Much of that work runs through ClamAV, the …

Synology
Synology issues critical fix for MailPlus Server vulnerabilities

Synology has has fixed critical vulnerabilities in MailPlus Server, a software package used to run private email infrastructure on Synology NAS devices. The security update …

Windows 10
Microsoft gives Windows 10 users an unexpected extra year of free security updates

Microsoft has given Windows 10 users another year of free security updates, extending its consumer Extended Security Updates (ESU) program until October 12, 2027. “Windows 10 …

patch tuesday
Record Microsoft Patch Tuesday, fresh zero-day

Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher …

Google Chrome
Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)

Google has fixed 74 vulnerabilities in Chrome, including a high-severity zero-day (CVE-2026-11645) that has been exploited in the wild. “Google is aware that an exploit …

Microsoft
Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows

Microsoft will distribute Defender for Endpoint EDR updates through Microsoft Update, enabling EDR security improvements to be released independently of monthly Windows …

Android
Google fixes actively exploited Android vulnerability (CVE-2025-48595)

Google has announced the June 2026 Android security updates, which fix a bucketload of vulnerabilities, including a high-severity vulnerability (CVE-2025-48595) in the Android …

Trend Micro
Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)

A relative directory path traversal vulnerability (CVE-2026-34926) in Trend Micro’s Apex One platform has been exploited in zero-day attacks, the company confirmed. …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools