Collaborate Disseminate
Microsoft has disclosed a privilege-escalation vulnerability in Windows Admin Center (WAC), a browser-based platform widely used by IT administrators and infrastructure teams to manage Windows clients, servers, clusters, Hyper-V hosts and virtual machi… Continue reading Microsoft reveals critical Windows Admin Center vulnerability (CVE-2026-26119)
In late January 2026, a malicious intruder accessed France’s national bank account registry, FICOBA, enabling them to view information tied to 1.2 million accounts, the Ministry of the Economy and Finance disclosed on Wednesday. TV5 Monde reported that… Continue reading Data on 1.2 million French bank accounts accessed in registry breach
A critical security vulnerability (CVE-2026-2329) in Grandstream VoIP phones could let hackers remotely take full control of the devices and even intercept calls, Rapid7 researchers discovered. “The vulnerability is present in the device’s … Continue reading Bug in widely used VoIP phones allows stealthy network footholds, call interception (CVE-2026-2329)
A suspected China-linked cyberespionage group has been covertly exploiting a critical zero-day flaw (CVE-2026-22769) in Dell’s RecoverPoint for Virtual Machines software since at least mid-2024, according to new research from Google’s threat intelligen… Continue reading China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769)
Threat actors have leveraged legitimate email notification feature of Atlassian Jira to deliver localized scam emails at scale. The emails From late December 2025 through late January 2026, victims were targeted with spam emails from legitimate-looking… Continue reading Scammers exploit trust in Atlassian Jira to target organizations
Threat actors have leveraged legitimate email notification feature of Atlassian Jira to deliver localized scam emails at scale. The emails From late December 2025 through late January 2026, victims were targeted with spam emails from legitimate-looking… Continue reading Scammers exploit trust in Atlassian Jira to target organizations
Notepad++, the popular text and source code editor for Windows whose update mechanism was hijacked last year,
The post Notepad++ secures update channel in wake of supply chain compromise appeared first on Help Net Security.
Continue reading Notepad++ secures update channel in wake of supply chain compromise
Can cloud-based password managers that claim “zero-knowledge encryption” keep users’ passwords safe even if their encrypted-vault servers are compromised? Researchers at ETH Zurich and Università della Svizzera italiana set out to answer th… Continue reading Design weaknesses in major password managers enable vault attacks, researchers say
Peter Steinberger, the Austrian software developer who vibe coded the popular OpenClaw autonomous AI agent, has joined OpenAI. “My next mission is to build an agent that even my mum can use. That’ll need a much broader change, a lot more thought … Continue reading OpenClaw creator Peter Steinberger joins OpenAI
Google released a security update for Chrome to address a high-severity zero‑day vulnerability (CVE-2026-2441) on Friday. “Google is aware that an exploit for CVE-2026-2441 exists in the wild,” the company said. About CVE-2026-2441 CVE-2026… Continue reading Google patches Chrome vulnerability with in-the-wild exploit (CVE-2026-2441)