Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti ...

Google adds a Rust-based DNS parser to Pixel 10 modem firmware, reducing memory vulnerabilities and strengthening defenses ...

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have ...

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...

Reclassified as a remote code execution flaw, the F5 BIG-IP APM vulnerability has been upgraded to CVSS 9.8, requiring immediate patching and compromise assessment.

Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix.

To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to ...

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and ...