Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days
Microsoft has marked May 2026 Patch Tuesday by releasing fixes for 120+ CVE-numbered vulnerabilities, none of which (for a change) are actively exploited or have been publicly …
Tenable unveils OT discovery engine to expose cyber-physical risks
Tenable unveiled a new OT asset discovery engine that enables security teams to bring risks associated with cyber-physical systems (OT, IoT, and shadow IT) into a unified view …
Software supply chain hacks trigger wave of intrusions, data theft
After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be …
Tenable Hexa AI automates exposure management and security workflows
Tenable has revealed Tenable Hexa AI, the agentic AI engine of the Tenable One Exposure Management Platform that automates security workflows and transforms exposure …
Major vulnerabilities found in Google Looker, putting self-hosted deployments at risk
Researchers at Tenable have disclosed two vulnerabilities, collectively referred to as “LookOut,” affecting Google Looker. Because the business intelligence platform is …
New infosec products of the month: January 2026
Here’s a look at the most interesting products from the past month, featuring releases from Acronis, Booz Allen Hamilton, cside, Descope, JumpCloud, MIND, Noction, Obsidian …
Tenable One AI Exposure delivers unified visibility and governance across AI, cloud and SaaS
Tenable announced general availability of Tenable One AI Exposure. With this release, the Tenable One Exposure Management Platform unifies AI protection, discovery and usage …
PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155)
A critical vulnerability (CVE-2025-64155) in Fortinet’s FortiSIEM security platform has now been accompanied by publicly released proof-of-concept (PoC) exploit code, raising …
PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258)
Trend Micro has released a critical patch fixing several remotely exploitable vulnerabilities in Apex Central (on-premise), including a flaw (CVE-2025-69258) that may allow …
Microsoft patches three zero-days actively exploited by attackers
On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and …
Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday
On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is that none of them are actively …
Attackers test the limits of railway cybersecurity
Railway systems are the lifeblood of many economies, supporting everything from daily passenger transport to military and industrial operations, so the question arises: how …
Featured news
Resources
Don't miss
- What happens when your identity provider becomes the kill chain
- PureLogs infostealer is stealing credentials worldwide
- Earbud sensors can authenticate users by their heartbeat, study finds
- AI is drowning software maintainers in junk security reports
- Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)