Security news.
Critical vulnerabilities dominate today's security landscape, with actively exploited flaws in Microsoft Defender, Drupal, and Cisco systems requiring immediate patching. A major supply-chain compromise affecting GitHub and other platforms via a malicious VS Code extension underscores ongoing risks in developer toolchains.
Microsoft Defender Zero-Days Under Active Exploitation
CVE-2026-41091 (CVSS 7.8) and a DoS flaw are being actively exploited in the wild, allowing privilege escalation to SYSTEM level.
Drupal Highly Critical RCE Vulnerability Patched
CVE-2026-9082 enables unauthenticated remote code execution, privilege escalation, and information disclosure on PostgreSQL-backed sites.
Cisco Secure Workload Critical Authentication Bypass
Insufficient validation in REST APIs grants remote attackers Site Admin privileges without authentication.
GitHub Breach: 3,800 Internal Repos Stolen via Malicious VS Code Extension
Attackers compromised the Nx Console extension following the TanStack npm supply-chain attack, gaining access to GitHub's internal repositories.
9-Year-Old Linux Kernel Privilege Escalation Disclosed
CVE-2026-46333 allows unprivileged local users to execute arbitrary commands as root on major Linux distributions.
CISA Adds Seven Known Exploited Vulnerabilities to KEV Catalog
Seven vulnerabilities with active exploitation evidence added, including legacy Microsoft and Adobe flaws.
SonicWall VPN MFA Bypass via Incomplete Patching
Threat actors brute-forced credentials and bypassed MFA on Gen6 SSL-VPN appliances to deploy ransomware tools.
Microsoft Disrupts Malware-Signing-as-a-Service Operation
Fox Tempest threat actor weaponized Microsoft's Artifact Signing system to deliver ransomware and malicious code across thousands of machines.