cyber
·
news
News
Deep Dives
Settings
Sign in
2155 items
Unread (2155)
All
Dismissed
All
Critical
High
Supply Chain
Ransomware
Breaches
Zero-Day
CVEs
HIGH
CVE-2026-45659 (CVSS 8.8) — Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to ex...
NVD
CVE-2026-45659
+1
14d ago
INFO
Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
The Hacker News
11d ago
HIGH
Microsoft shares mitigation for YellowKey Windows zero-day
BleepingComputer
breaches
ransomware
supply-chain
+48
17d ago
INFO
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
The Hacker News
24d ago
INFO
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
The Hacker News
24d ago
HIGH
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
The Hacker News
23d ago
INFO
Zero-Day Exploit Against Windows BitLocker
rss:schneier
19d ago
INFO
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
The Hacker News
18d ago
INFO
The New Phishing Click: How OAuth Consent Bypasses MFA
The Hacker News
18d ago
INFO
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks
SecurityWeek
18d ago
HIGH
Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
SecurityWeek
18d ago
INFO
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
rss:darkreading
17d ago
HIGH
Cybercrime service disrupted for abusing Microsoft platform to sign malware
BleepingComputer
17d ago
INFO
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
The Hacker News
17d ago
INFO
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
The Hacker News
17d ago
INFO
Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
SecurityWeek
17d ago
INFO
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
The Hacker News
17d ago
INFO
Microsoft warns of new Defender zero-days exploited in attacks
BleepingComputer
16d ago
INFO
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
SecurityWeek
16d ago
INFO
China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.
rss:darkreading
15d ago
INFO
FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The Record
14d ago
INFO
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
BleepingComputer
12d ago
INFO
Microsoft: Domain Controller lookup may fail on Windows Server 2016
BleepingComputer
11d ago
INFO
Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations
SecurityWeek
11d ago
INFO
Microsoft Defender can now automatically isolate hacked endpoints
BleepingComputer
11d ago
INFO
Microsoft Issues Out-of-Band SharePoint Patch
rss:darkreading
11d ago
INFO
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
The Hacker News
10d ago
INFO
Windows 11 KB5089573 update released with performance improvements
BleepingComputer
10d ago
INFO
Microsoft fixes KB5089549 Windows security update install issues
BleepingComputer
5d ago
INFO
Microsoft confirms outage affecting MFA, My Sign-Ins platform
BleepingComputer
5d ago
INFO
Microsoft fixes outage affecting MFA setup, MySignIn service
BleepingComputer
5d ago
INFO
Microsoft says it will not pursue security researchers after zero-day backlash
The Record
5d ago
INFO
Microsoft investigates Office Apps, Teams file access issues
BleepingComputer
5d ago
INFO
Microsoft's Zero-Day Legal Threats Spark Backlash
rss:darkreading
5d ago
INFO
Microsoft Threatening Security Researcher
rss:schneier
4d ago
INFO
Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
SecurityWeek
4d ago
INFO
Microsoft Exchange Online outage causes email delays, failures
BleepingComputer
4d ago
INFO
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
rss:darkreading
3d ago
INFO
Microsoft's Coreutils project brings Linux commands to Windows
BleepingComputer
3d ago
INFO
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
The Hacker News
3d ago
INFO
Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash
SecurityWeek
3d ago
INFO
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
The Hacker News
3d ago
INFO
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
The Hacker News
3d ago
INFO
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
rss:darkreading
3d ago
INFO
VS Code Vulnerability Allows One-Click GitHub Token Theft
SecurityWeek
2d ago
INFO
Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process
The Record
2d ago
INFO
Microsoft blames unexpected Windows driver updates on caching issue
BleepingComputer
2d ago
INFO
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The Hacker News
1d ago
INFO
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
The Hacker News
1d ago
INFO
Chinese APT deploys new malware to keep access to hacked networks
BleepingComputer
1d ago
INFO
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
The Hacker News
12h ago
INFO
KnowledgeDeliver flaw exploited as a zero-day to install web shells
BleepingComputer
breaches
ransomware
supply-chain
+2
10d ago
INFO
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
The Hacker News
11d ago
INFO
Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment
SecurityWeek
11d ago
INFO
Watch on Demand: Threat Detection & Incident Response Summit – All Sessions Available
SecurityWeek
breaches
ransomware
supply-chain
11d ago
INFO
Open Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker Images
SecurityWeek
breaches
ransomware
supply-chain
11d ago
INFO
MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
The Hacker News
supply-chain
breaches
malware
11d ago
INFO
Lithuania Suspects Foreign Involvement in Data Leak of Over 600,000 National Register Entries
SecurityWeek
breaches
ransomware
supply-chain
11d ago
INFO
Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands
SecurityWeek
breaches
ransomware
supply-chain
11d ago
HIGH
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
The Hacker News
supply-chain
breaches
malware
+19
19d ago
INFO
'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
rss:darkreading
26d ago
INFO
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
rss:darkreading
24d ago
INFO
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
The Hacker News
24d ago
INFO
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
The Hacker News
24d ago
INFO
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
The Hacker News
22d ago
INFO
Can Laws Stop Deepfakes? South Korea Aims to Find Out
rss:darkreading
19d ago
INFO
Processes and Culture Top Reasons Behind Data Breaches
rss:darkreading
17d ago
INFO
When Identity is the Attack Path
The Hacker News
16d ago
INFO
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
The Hacker News
15d ago
INFO
Meta settles school district lawsuit claiming addictive design harmed students' mental health
The Record
14d ago
INFO
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
The Hacker News
14d ago
INFO
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
The Hacker News
12d ago
INFO
CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
The Hacker News
11d ago
INFO
RevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software Binaries
SecurityWeek
10d ago
INFO
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
SecurityWeek
8d ago
INFO
California AG sues 23andMe over 2023 breach exposing health data
BleepingComputer
8d ago
INFO
Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs
SecurityWeek
3d ago
INFO
Chrome 149 Patches 429 Vulnerabilities
SecurityWeek
1d ago
INFO
EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers
The Record
1d ago
INFO
CISA orders feds to patch actively exploited Drupal vulnerability
BleepingComputer
breaches
ransomware
supply-chain
11d ago
HIGH
CVE-2026-8047 (CVSS 7.5) — The affected products perform improper length checking when parsing incoming HTTP requests, resultin...
NVD
CVE-2026-8047
11d ago
HIGH
CVE-2026-8046 (CVSS 8.1) — The affected products insufficiently verify authorization when deleting user accounts. An authentica...
NVD
CVE-2026-8046
11d ago
HIGH
CVE-2026-44469 (CVSS 7.8) — The affected product extracts installation files to a temporary directory with incorrect default per...
NVD
CVE-2026-44469
11d ago
HIGH
CVE-2026-44468 (CVSS 7.8) — The affected product creates a directory with insecure default permissions during administrative ins...
NVD
CVE-2026-44468
11d ago
INFO
Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
The Hacker News
supply-chain
breaches
malware
11d ago
INFO
Hackers Leak DentaQuest Information Impacting 2.6 Million
SecurityWeek
breaches
ransomware
supply-chain
+11
1d ago
INFO
Instructure Breach Exposes Schools' Vendor Dependence
rss:darkreading
30d ago
INFO
ShinyHunters Claims Second Attack Against Instructure
rss:darkreading
28d ago
INFO
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
The Hacker News
25d ago
INFO
Congress Puts Heat on Instructure After Canvas Outage
rss:darkreading
21d ago
INFO
7-Eleven confirms breach after ShinyHunters claims
The Record
17d ago
INFO
7-Eleven data breach exposes personal information of 185,000 people
BleepingComputer
11d ago
INFO
185,000 Likely Impacted by 7-Eleven Data Breach
SecurityWeek
11d ago
INFO
Charter confirms data breach after ShinyHunters extortion threat
BleepingComputer
10d ago
INFO
Carnival Cruise confirms data breach affecting nearly 6 million people
BleepingComputer
9d ago
INFO
Charter Communications data breach affects 4.9 million accounts
BleepingComputer
8d ago
INFO
Charter Communications Data Breach Could Impact Nearly 5 Million
SecurityWeek
8d ago
HIGH
CVE-2026-9528 (CVSS 7.3) — A vulnerability was identified in itsourcecode Electronic Judging System 1.0. Impacted is an unknown...
NVD
CVE-2026-9528
11d ago
HIGH
CVE-2026-9526 (CVSS 7.3) — A vulnerability was found in itsourcecode Electronic Judging System 1.0. This vulnerability affects ...
NVD
CVE-2026-9526
11d ago
HIGH
CVE-2026-9525 (CVSS 7.3) — A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknow...
NVD
CVE-2026-9525
11d ago
HIGH
CVE-2026-9523 (CVSS 7.3) — A vulnerability was detected in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Clo...
NVD
CVE-2026-9523
11d ago
HIGH
CVE-2026-9538 (CVSS 7.5) — Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry siz...
NVD
CVE-2026-9538
11d ago
HIGH
CVE-2026-9521 (CVSS 7.3) — A security vulnerability has been detected in fraillt bitsery up to 5.2.4. Affected is the function ...
NVD
CVE-2026-9521
11d ago
HIGH
CVE-2026-42497 (CVSS 7.5) — Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside th...
NVD
CVE-2026-42497
11d ago
CRITICAL
CVE-2026-42496 (CVSS 9.1) — Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside...
NVD
CVE-2026-42496
11d ago
HIGH
CVE-2026-9517 (CVSS 7.3) — A vulnerability was determined in hemant6488 CodeIgniter-StudentManagementSystem. The affected eleme...
NVD
CVE-2026-9517
11d ago
CRITICAL
CVE-2026-8376 (CVSS 9.8) — Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a ...
NVD
CVE-2026-8376
11d ago
CRITICAL
CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability (LiteSpeed cPanel Plugin)
CISA KEV
CVE-2026-48172
actively-exploited
+2
11d ago
CRITICAL
CVE-2026-48172 (CVSS 9.8) — LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp...
NVD
16d ago
INFO
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
The Hacker News
14d ago
INFO
Kremlin appoints cyber executive with alleged GRU ties to Security Council role
The Record
breaches
ransomware
nation-state
11d ago
INFO
Dutch authorities arrest men suspected of providing infrastructure for Russian cyber operations
The Record
breaches
ransomware
nation-state
+1
11d ago
INFO
Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
Krebs
12d ago
HIGH
CVE-2026-9482 (CVSS 8.8) — A vulnerability has been found in Edimax EW-7438RPn 1.31. This impacts the function formSDHCP of the...
NVD
CVE-2026-9482
12d ago
HIGH
CVE-2026-9481 (CVSS 8.8) — A flaw has been found in Edimax EW-7438RPn 1.31. This affects the function formStats of the file /go...
NVD
CVE-2026-9481
12d ago
HIGH
CVE-2026-9480 (CVSS 8.8) — A vulnerability was detected in Edimax EW-7438RPn 1.31. The impacted element is the function formref...
NVD
CVE-2026-9480
12d ago
HIGH
CVE-2026-9479 (CVSS 8.8) — A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The affected element is the fu...
NVD
CVE-2026-9479
12d ago
CRITICAL
CVE-2026-9478 (CVSS 9.8) — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function set...
NVD
CVE-2026-9478
12d ago
CRITICAL
CVE-2026-9477 (CVSS 9.8) — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the ...
NVD
CVE-2026-9477
12d ago
CRITICAL
CVE-2026-9476 (CVSS 9.8) — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects t...
NVD
CVE-2026-9476
12d ago
CRITICAL
CVE-2026-9475 (CVSS 9.8) — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This affects the function se...
NVD
CVE-2026-9475
12d ago
HIGH
CVE-2026-9474 (CVSS 7.3) — A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92a...
NVD
CVE-2026-9474
12d ago
INFO
Anthropic’s restricted Claude Mythos model may be coming to Claude Code
BleepingComputer
breaches
ransomware
supply-chain
12d ago
HIGH
CVE-2026-9470 (CVSS 7.3) — A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d1...
NVD
CVE-2026-9470
12d ago
HIGH
CVE-2026-9469 (CVSS 7.3) — A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92ab...
NVD
CVE-2026-9469
12d ago
HIGH
CVE-2026-42782 (CVSS 7.2) — Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with a...
NVD
CVE-2026-42782
12d ago
HIGH
CVE-2026-9465 (CVSS 7.3) — A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability ...
NVD
CVE-2026-9465
12d ago
HIGH
CVE-2026-9463 (CVSS 8.8) — A flaw has been found in Edimax EW-7438RPn 1.31. Affected by this issue is the function formLicence ...
NVD
CVE-2026-9463
12d ago
HIGH
CVE-2026-9462 (CVSS 8.8) — A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the functi...
NVD
CVE-2026-9462
12d ago
HIGH
CVE-2026-47077 (CVSS 7.5) — Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Floodin...
NVD
CVE-2026-47077
12d ago
HIGH
CVE-2026-47075 (CVSS 7.5) — Improper Neutralization of CRLF Sequences vulnerability in benoitc hackney allows HTTP Request Split...
NVD
CVE-2026-47075
12d ago
HIGH
CVE-2026-47073 (CVSS 7.5) — Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Floodin...
NVD
CVE-2026-47073
12d ago
Prev
Page 19 / 44
Next
HIGH
NVD
Fri, 22 May 2026 23:16:56 UTC
✕ Dismiss
CVE-2026-45659 (CVSS 8.8) — Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to ex...
https://nvd.nist.gov/vuln/detail/CVE-2026-45659
TL;DR
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-45659
Read full story ↗
Related coverage (1)
Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
The Hacker News
11d ago