Security news.
Today's security brief highlights critical vulnerabilities, with a new Windows zero-day offering admin privileges and actively exploited Fortinet and SharePoint flaws added to CISA's KEV catalog. Ransomware continues to impact major industries, and the growing role of AI in cybersecurity, both for defense and as a potential attack vector, remains a key theme.
New Windows LegacyHive zero-day grants hackers admin privileges
A security researcher released the "LegacyHive" zero-day exploit, allowing privilege escalation on up-to-date Windows systems.
CISA urges immediate action on actively exploited Fortinet flaws
CISA has ordered government agencies to patch two actively exploited vulnerabilities (CVE-2026-25089, CVE-2026-39808) in Fortinet FortiSandbox, adding them to the KEV catalog.
CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV
A critical deserialization vulnerability (CVE-2026-58644) in Microsoft SharePoint Server, allowing remote code execution, has been added to CISA's Known Exploited Vulnerabilities catalog.
Coca-Cola Suspends US Fairlife Production Due to Ransomware Attack
A ransomware attack impacting Coca-Cola's Fairlife dairy subsidiary has disrupted operations and temporarily halted production across the United States.
E.U. Orders Google to Open Android Mic, Camera and Screen to Rival AI Assistants
The European Commission has mandated that Google grant rival AI assistants the same deep access to Android features as Gemini, including camera, microphone, screen content, and background app control.
ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files
The ACR Stealer infostealer is leveraging "ClickFix" lures to compromise enterprise networks, exfiltrating browser passwords, session tokens, PDFs, and Microsoft 365 documents.
New GoSerpent Malware Targets Southeast Asian Governments and Diplomats for Espionage
Cybersecurity researchers uncovered GoSerpent, a previously undocumented malware used in cyberattacks since late 2025, primarily targeting government and diplomatic entities in Southeast Asia for long-term access and intelligence gathering.
New ClickLock macOS malware traps users into revealing login password
A new macOS information-stealing malware named ClickLock terminates all visible processes to coerce users into entering their system login password.