Latest Cybersecurity News & Insights
23 May 2026
The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide command-and-control traffic.
The post ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains appeared first on SecurityWeek.
23 May 2026
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild.
The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts with elevated permissions.
"Any cPanel user (including an attacker or a compromised account) may
23 May 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions of Drupal Core.
"Drupal Core
22 May 2026
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks.
The disruption of First VPN Service was led by France and the Netherlands, with several other nations supporting the investigation since December
22 May 2026
Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites.
The post Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure appeared first on SecurityWeek.
22 May 2026
1 Introduction
This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the need to evaluate the exploitability of individual findings, which frequently affect code whose reachability is hardware-gated. The
22 May 2026
CVE-2026-34926 is a directory traversal flaw that can be exploited against the on-premise version of Apex One.
The post TrendAI Patches Apex One Zero-Day Exploited in the Wild appeared first on SecurityWeek.
22 May 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerabilities in question are listed below -
CVE-2025-34291 (CVSS score: 9.4) - An origin validation error vulnerability in Langflow that could
22 May 2026
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data.
Tracked as CVE-2026-20223 (CVSS score: 10.0), the vulnerability arises from insufficient validation and authentication when accessing REST API endpoints.
"An attacker could exploit this vulnerability if they are able to send
21 May 2026
Insufficient validation and authentication in the Secure Workload’s REST APIs provide remote attackers with Site Admin privileges.
The post Cisco Patches Critical Vulnerability in Secure Workload appeared first on SecurityWeek.
21 May 2026
CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution.
The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek.
21 May 2026
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild.
The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM privileges.
"Improper link resolution before file access ('link following') in Microsoft Defender
21 May 2026
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have opened a path to some 98% of entities in the company's cloud
21 May 2026
The bugs could be exploited to elevate privileges to System or create a denial-of-service (DoS) condition.
The post Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days appeared first on SecurityWeek.
21 May 2026
More than 200 vulnerabilities patched in recent Chrome releases are marked as ‘reported by Google’.
The post Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI appeared first on SecurityWeek.
21 May 2026
Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years.
The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privilege management that could permit an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major
20 May 2026
Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information disclosure.
The vulnerability, now tracked as CVE-2026-9082, carries a CVSS score of 6.5 out of 10.0, per CVE.org. Drupal said the vulnerability resides in a database abstraction API that is
20 May 2026
The researcher who found it says the vulnerability could have been chained with a prompt injection to exfiltrate data.
The post Anthropic Silently Patches Claude Code Sandbox Bypass appeared first on SecurityWeek.
20 May 2026
Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week.
The zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass.
"Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as 'YellowKey,'" the
19 May 2026
Verizon’s 2026 DBIR finds vulnerability exploitation has overtaken credential abuse as the leading breach vector, as AI accelerates attacks, patching delays worsen, and ransomware and third-party compromises continue to surge.
The post Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector appeared first on SecurityWeek.