Latest Cybersecurity News and Articles
13 May 2026
Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack.
Of the 138 flaws, 30 are rated Critical, 104 are rated Important, three are rated Moderate, and one is rated Low in severity. As many as 61 vulnerabilities are classified as privilege escalation bugs, followed by
13 May 2026
CVE-2026-40361 is similar to a vulnerability found a decade ago, BadWinmail, which at the time was dubbed an “enterprise killer”.
The post Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises appeared first on SecurityWeek.
13 May 2026
Successful exploitation of these flaws could lead to arbitrary code execution and information disclosure.
The post Fortinet, Ivanti Patch Critical Vulnerabilities appeared first on SecurityWeek.
13 May 2026
The two chip giants have published over two dozen advisories describing recently identified security defects.
The post Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabilities appeared first on SecurityWeek.
13 May 2026
Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that use the registry as a data exfiltration channel rather than for malware distribution.
"The packages do not appear designed for mass developer compromise," Socket said. "Many have little or no download activity, and the payloads are repetitive,
13 May 2026
More than 500 packages were pushed during the attack, but the target appears to have been RubyGems itself rather than users.
The post Hundreds of Malicious Packages Force RubyGems to Suspend Registrations appeared first on SecurityWeek.
13 May 2026
Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks.
Intrusion Logging, available as part of Advanced Protection Mode, enables "persistent and privacy-preserving forensics logging to allow for investigation of devices in the event of a suspected compromise," the company said.
The feature, it
13 May 2026
Many ICS vendors have not released new advisories for the May 2026 Patch Tuesday.
The post ICS Patch Tuesday: New Security Advisories From Siemens, Schneider, CISA appeared first on SecurityWeek.
12 May 2026
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers -- including Apple, Google, Microsoft, Mozilla and Oracle -- fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases.
12 May 2026
Fresh security updates resolve critical flaws in Azure, Windows, Dynamics 365, and the SSO Plugin for Jira & Confluence.
The post Microsoft Patches 137 Vulnerabilities appeared first on SecurityWeek.
12 May 2026
Exaforce has raised a total of $200 million and plans on using the latest investment for product development and international expansion.
The post Exaforce Raises $125 Million for Agentic SOC Platform appeared first on SecurityWeek.
12 May 2026
While none of the flaws have been exploited in the wild, many of them could lead to arbitrary code execution.
The post Adobe Patches 52 Vulnerabilities in 10 Products appeared first on SecurityWeek.
12 May 2026
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution.
Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and deliver email.
The vulnerability, tracked as CVE-2026-45185, aka Dead.Letter, has been described as a use-after-free
12 May 2026
The startup will invest in accelerating product development, hiring new talent, and expanding its customer base.
The post White Circle Raises $11 Million for AI Control Platform appeared first on SecurityWeek.
12 May 2026
RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack."
"We're dealing with a major malicious attack on Ruby Gems right now," Maciej Mensfeld, senior product manager for software supply chain security at Mend.io, said in a post on X. "Signups are paused for the time being.
12 May 2026
Threat actors obtained names and contact information for an unspecified number of BWH Hotels guests.
The post BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months appeared first on SecurityWeek.
12 May 2026
Campaign uses fake OnlyFans account downloads to infect Windows and macOS systems with multi-function malware.
The post Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware appeared first on SecurityWeek.
12 May 2026
The company that operates online learning system Canvas said it struck a deal with hackers to delete the data they pilfered in a cyberattack that created chaos for students, many of them in the middle of finals.
The post Deal Reached With Hackers to Delete Data Stolen From the Canvas Educational Platform appeared first on SecurityWeek.
12 May 2026
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 12, 2026 – Watch the YouTube video The Women in Cybersecurity Report, a 7-minute video hosted by Cybercrime Magazine Deputy Editor Amanda Glassner, highlights the latest breakthroughs, voices, and stories from women leading
The post Women In Cybersecurity Report, Spring 2026 appeared first on Cybercrime Magazine.
12 May 2026
The company took systems offline globally after hackers exfiltrated data and deployed file-encrypting ransomware.
The post West Pharmaceutical Services Hit by Disruptive Ransomware Attack appeared first on SecurityWeek.