← Latest brief

Security news.

·Morning Brief

Critical vulnerabilities dominate today's security landscape, with actively exploited flaws in Microsoft Defender, Drupal, and Cisco systems requiring immediate patching. A major supply-chain compromise affecting GitHub and other platforms via a malicious VS Code extension underscores ongoing risks in developer toolchains.

THNEXPLOIT
May 21READ

Microsoft Defender Zero-Days Under Active Exploitation

CVE-2026-41091 (CVSS 7.8) and a DoS flaw are being actively exploited in the wild, allowing privilege escalation to SYSTEM level.

SECURITYWEEKRCE
May 21READ

Drupal Highly Critical RCE Vulnerability Patched

CVE-2026-9082 enables unauthenticated remote code execution, privilege escalation, and information disclosure on PostgreSQL-backed sites.

SECURITYWEEK
May 21READ

Cisco Secure Workload Critical Authentication Bypass

Insufficient validation in REST APIs grants remote attackers Site Admin privileges without authentication.

BLEEPINGBREACH
May 20READ

GitHub Breach: 3,800 Internal Repos Stolen via Malicious VS Code Extension

Attackers compromised the Nx Console extension following the TanStack npm supply-chain attack, gaining access to GitHub's internal repositories.

THN
May 21READ

9-Year-Old Linux Kernel Privilege Escalation Disclosed

CVE-2026-46333 allows unprivileged local users to execute arbitrary commands as root on major Linux distributions.

CISAKEV
May 20READ

CISA Adds Seven Known Exploited Vulnerabilities to KEV Catalog

Seven vulnerabilities with active exploitation evidence added, including legacy Microsoft and Adobe flaws.

BLEEPINGPATCH
May 20READ

SonicWall VPN MFA Bypass via Incomplete Patching

Threat actors brute-forced credentials and bypassed MFA on Gen6 SSL-VPN appliances to deploy ransomware tools.

THNMALWARE
May 20READ

Microsoft Disrupts Malware-Signing-as-a-Service Operation

Fox Tempest threat actor weaponized Microsoft's Artifact Signing system to deliver ransomware and malicious code across thousands of machines.

Generated twice daily from public security RSS feeds. Informational only.