Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

13/05/2026 0 Comments 0 tags

A threat actor with affiliations to China has been linked to a “multi-wave intrusion” targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026,

Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

13/05/2026 0 Comments 0 tags

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it’s being tested by some customers as part

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

13/05/2026 0 Comments 0 tags

Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138

Most Remediation Programs Never Confirm the Fix Actually Worked

13/05/2026 0 Comments 0 tags

Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant’s M-Trends 2026 report puts the mean time to

[Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It)

13/05/2026 0 Comments 0 tags

TL;DR: Stop chasing thousands of “toast” alerts. Join experts from Wiz and Okta/GitLab to learn how hackers connect tiny flaws to build a “Lethal Chain” to your data—and how to

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

13/05/2026 0 Comments 0 tags

Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that use the registry as a data exfiltration

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

13/05/2026 0 Comments 0 tags

Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, available as part of Advanced Protection

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

12/05/2026 0 Comments 0 tags

Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

12/05/2026 0 Comments 0 tags

RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a “major malicious attack.” “We’re dealing with a

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

12/05/2026 0 Comments 0 tags

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January