Security news.
Critical vulnerabilities in widely-used infrastructure tools are under active exploitation, while major breaches continue to impact healthcare and education sectors. Patch Tuesday brought a record 169 Microsoft fixes, and authentication bypass flaws in Nginx UI and Cisco services demand immediate attention.
Critical Nginx UI Auth Bypass (CVE-2026-33032) Actively Exploited
A critical authentication bypass in nginx-ui with CVSS 9.8 is being exploited in the wild for full server takeover without authentication.
McGraw Hill Breach Exposes 13.5 Million User Accounts
ShinyHunters extortion group leaked data from 13.5 million McGraw Hill accounts after breaching the company's Salesforce environment.
Cisco Patches Four Critical Webex and Identity Services Flaws
Critical vulnerabilities including CVE-2026-20184 (CVSS 9.8) in Cisco Webex and Identity Services enable code execution and user impersonation; patches require customer action.
Tennessee Hospital Breach Affects 337,000 Patients
Cookeville Regional Medical Center was targeted by Rhysida ransomware group, which stole 500GB of patient data.
Over 30 WordPress Plugins Compromised with Malware
More than 30 plugins in the EssentialPlugin package were compromised to deliver malicious code allowing unauthorized website access.
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Finance Attacks
A novel campaign abuses Obsidian note-taking app to distribute previously undocumented PHANTOMPULSE RAT targeting financial and cryptocurrency sector individuals.
Splunk Enterprise Patches Remote Code Execution Flaw
A vulnerability allowing low-privileged users to upload files to temporary directories and achieve RCE has been patched.
CISA Flags Windows Task Host Vulnerability as Actively Exploited
A Windows Task Host privilege escalation vulnerability is being exploited to gain SYSTEM privileges; CISA warned federal agencies to patch immediately.