Please turn on your JavaScript for this page to function normally.
Microsoft Windows
Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)

Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Notepad that could be …

1Password
1Password open sources a benchmark to stop AI agents from leaking credentials

Research has shown that some AI models can identify phishing websites with near-perfect accuracy when asked. When those same models are used as autonomous agents with access …

Apple
Apple fixes zero-day flaw exploited in targeted attacks (CVE-2026-20700)

Apple has released fixes for a zero-day vulnerability (CVE-2026-20700) exploited in targeted attacks last year. CVE-2026-20700 is a memory corruption issue in dyld, the …

Microsoft Store
Microsoft Store updated with a new CLI, analytics, and Web Installer improvements

Microsoft has introduced new developer tools, updates to developer analytics, and a Web Installer in the Microsoft Store on Windows to help developers build and scale apps on …

OpenVPN
OpenVPN releases version 2.7.0 with expanded protocol and platform updates

OpenVPN version 2.7.0 is now available. The update advances support for multi-address server configurations and updates client functionality across operating systems. The …

Chris O'Ferrell
When security decisions come too late, and attackers know it

In this Help Net Security, Chris O’Ferrell, CEO at CodeHunter, talks about why malware keeps succeeding, where attackers insert malicious code in the SDLC, and how CI/CD …

OpenClaw Scanner
OpenClaw Scanner: Open-source tool detects autonomous AI agents

A new free, open source tool is available to help organizations detect where autonomous AI agents are operating across corporate environments. The OpenClaw Scanner identifies …

OWASP GenAI Security Project
Picking an AI red teaming vendor is getting harder

Vendor noise is already a problem in traditional security testing. AI red teaming has added another layer of confusion, with providers offering everything from consulting …

cloud
Cloud teams are hitting maturity walls in governance, security, and AI use

Enterprise cloud programs have reached a point where most foundational services are already in place, and the daily work now centers on governance, security enforcement, and …

Java
Java security work is becoming a daily operational burden

Security teams in large enterprises already spend significant time tracking vulnerabilities across software supply chains, third-party libraries, and internal codebases. Java …

Ivanti
Ivanti EPMM exploitation: Researchers warn of “sleeper” webshells

A massive wave of exploitation attempts has followed the disclosure of CVE-2026-1281, a critical pre-authentication Ivanti EPMM vulnerability, the Shadowserver Foundation has …

Windows
Microsoft begins Secure Boot certificate update for Windows devices

Microsoft has begun updating Secure Boot certificates originally issued in 2011 to ensure that Windows devices continue to verify boot software as older certificates reach the …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools