Security news.
Today's security news highlights critical vulnerabilities and ongoing exploitation campaigns, alongside significant data breaches and new defenses. A zero-day in Gogs and active exploitation of a FortiClient EMS flaw demand immediate attention, while Google Chrome rolls out enhanced cookie theft protection.
Gogs Zero-Day Exposes Servers to Remote Code Execution
A critical-severity (CVSS 9.4) argument injection flaw in the Gogs self-hosted Git service allows authenticated attackers to achieve RCE via malicious branch names in pull requests.
Google Chrome Adds Session Cookie Theft Protection for All Users
Google is rolling out its Device Bound Session Credentials (DBSC) security feature to all Chrome users to prevent account takeovers by protecting against session cookie theft.
Hackers Exploit FortiClient EMS Flaw to Push Infostealer Malware
Threat actors are actively exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer named EKZ.
Charter Communications Data Breach Affects 4.9 Million Accounts
The ShinyHunters extortion gang stole personal information from 4.9 million Charter Communications accounts following a hack in early April.
Carnival Data Breach Exposed 6 Million People
A data breach at Carnival has exposed personal information of nearly 6 million customers, putting them at risk of identity theft.
New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
A previously undocumented Russian-speaking threat actor, GREYVIBE, has been targeting Ukraine and related entities since August 2025, utilizing AI-generated lures and custom malware.
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
Researchers found an exploit chain involving over-permissioned roles, secrets discovery, and non-human identities that could have compromised a popular automation service.
Supply Chain Compromises Impact Nx Console and GitHub Repositories
CISA is responding to multiple software supply chain intrusion campaigns targeting CI/CD pipelines, including a GitHub compromise via a malicious Nx Console Visual Studio Code extension.