← Latest brief

Security news.

·Afternoon Brief

Today's security news is dominated by the May 2026 Patch Tuesday releases from Microsoft and Adobe, addressing numerous vulnerabilities. Additionally, several critical supply chain attacks and data breaches have been reported, alongside new security features from Signal and upcoming Android enhancements.

BLEEPINGRCE
May 12READ

Fortinet Warns of Critical RCE Flaws in FortiSandbox and FortiAuthenticator

Fortinet has released patches for critical remote code execution vulnerabilities in FortiSandbox and FortiAuthenticator.

THNVULN
May 12READ

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has issued updates for CVE-2026-45185, a severe use-after-free vulnerability in its Mail Transfer Agent that could lead to memory corruption and code execution.

THNMALWARE
May 12READ

RubyGems Suspends New Signups After Hundreds of Malicious Packages Uploaded

RubyGems has temporarily paused new account registrations following a "major malicious attack" involving the upload of numerous malicious packages.

BLEEPINGPATCH
May 12READ

Microsoft May 2026 Patch Tuesday Fixes 120 Flaws

Microsoft has released its May 2026 Patch Tuesday updates, addressing 120 vulnerabilities across various products, including critical flaws in Azure, Windows, and Dynamics 365, with no zero-days reported.

SECURITYWEEKPATCH
May 12READ

Adobe Patches 52 Vulnerabilities in 10 Products

Adobe has released security updates for 52 vulnerabilities across 10 products, many of which could lead to arbitrary code execution, though none are currently exploited in the wild.

BLEEPINGMALWARE
May 12READ

Shai-Hulud Attack Ships Signed Malicious TanStack, Mistral npm Packages

A new "Mini Shai-Hulud" supply-chain campaign has compromised hundreds of npm and PyPI packages, including those from TanStack and Mistral AI, to deliver credential-stealing malware.

BLEEPINGBREACH
May 12READ

Škoda Warns of Customer Data Breach After Online Shop Hack

Škoda Auto has disclosed a data breach affecting an undisclosed number of customers after attackers compromised its online shop and stole personal information.

SECURITYWEEK
May 12READ

BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months

BWH Hotels has revealed that threat actors had access to guest reservation data, including names and contact information, for six months.

Generated twice daily from public security RSS feeds. Informational only.