Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876)
Progress Software has fixed a slew of high-severity vulnerabilities in MOVEit WAF and LoadMaster, including a flaw (CVE-2026-21876) that may allow attackers to bypass firewall …
Tencent’s QClaw AI agent app arrives on Windows and macOS
Tencent has opened an international beta of QClaw, an AI agent application aimed at consumers in Canada, Japan, Singapore, South Korea, and the United States. The first wave …
Phishing reclaims the top initial access spot, attackers experiment with AI tools
Phishing returned as the leading method attackers used to break into organizations in the first quarter of 2026, accounting for over a third of engagements where initial …
OneDrive updates focus on AI, access control, and compliance
Microsoft OneDrive’s recent updates focus on improving intelligence, collaboration, and administrative control. “Last year, we made a promise: your files should work for you, …
PentAGI: Open-source autonomous AI penetration testing system
Penetration testers have long relied on collections of specialized tools, manual coordination, and documented runbooks to work through a target assessment. PentAGI, an …
Apple Intelligence flaw kept stolen tokens reusable on another device
Apple claims that Apple Intelligence, a GenAI service provided on its operating systems, is designed with an extra focus on user security and privacy through a two-stage …
Shadow AI, deepfakes, and supply chain compromise are rewriting the financial sector threat playbook
Financially motivated attacks continued to drive the bulk of cyber incidents against banks, insurers, and payment processors in 2025. Approximately 90% of breaches affecting …
Thunderbird 150 arrives with encrypted message search and OpenPGP improvements
Released today, Thunderbird 150.0 brings eight new features, a round of bug fixes, and security patches that cover the web engine underlying the email client. Thunderbird …
VirtualBox 7.2.8 is out with Linux kernel 7.0 support and crash fixes
Oracle shipped VirtualBox 7.2.8 on April 21, 2026, as a maintenance release covering crashes, networking problems, clipboard issues, and extended Linux kernel compatibility. …
Ransomware negotiator admits role in attacks he was hired to resolve
A Florida man, formerly employed as a ransomware negotiator, pleaded guilty to conspiring to carry out ransomware attacks against US companies. Prosecutors say Angelo Martino, …
Scattered Spider hacker pleads guilty to stealing $8 million in cryptocurrency
A British national tied to the Scattered Spider cybercrime group pleaded guilty to hacking multiple companies via SMS phishing and stealing over $8 million in virtual currency …
OpenAI’s Chronicle feature lets Codex read your screen, raising privacy concerns
OpenAI’s Chronicle is a feature designed to help Codex, an AI-powered coding assistant, better understand what users are working on by capturing context directly from their …
Featured news
Resources
Don't miss
- Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876)
- PentAGI: Open-source autonomous AI penetration testing system
- CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133)
- Researchers build an encrypted routing layer for private AI inference
- Vercel breached via compromised third-party AI tool