Security & IT News

Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup after previously stating it was "by design." [...]

A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research

Stolen browser sessions and authentication tokens are becoming more valuable than stolen passwords. Flare explains how the REMUS infostealer evolved around session theft and operational scalability. [...]

Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence. The vulnerabilities, collectively dubbed Claw Chain by Cyera, can permit an attacker to establish a foothold, expose sensitive data, and plant backdoors. A brief description of the flaws is below -

The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition

Microsoft is introducing a new capability that will allow it to remotely roll back problematic Windows drivers delivered through Windows Update. [...]

p CISA has added one new vulnerability to its a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog" Known Exploited Vulnerabilities (KEV) Catalog /a , based on evidence of active exploitation. /p ul li a href="https://www.cve.org/CVERecord?id=CVE-2026-42897" target="_blank" CVE-2026-42897 /a Microsoft Exchange Server Cross-Site Scripting Vulnerability /li /ul p This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. /p p a href="https://www.cisa.gov/binding-operational-directive-22-01" Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities /a established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the a href="https://www.cisa.gov/sites/default/files/publications/Reducing_the_Significant_Risk_of_Known_Exploited_Vulnerabilities_211103.pdf" BOD 22-01 Fact Sheet /a for more information. /p p Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog" KEV Catalog vulnerabilities /a as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the a href="https://www.cisa.gov/known-exploited-vulnerabilities" data-entity-type="node" data-entity-uuid="f2adba9a-0404-494c-a90c-4363a4a5c934" data-entity-substitution="canonical" title="Reducing the Significant Risk of Known Exploited Vulnerabilities" specified criteria /a . nbsp; /p

Some AI-based video age-verification checks can be fooled with a fake mustache .

In Your Biggest Security Risk Isn't Malware — It's What You Already Trust, we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration. PowerShell, WMIC, netsh, Certutil, MSBuild — the same trusted utilities your IT team uses every day are also the preferred toolkit of modern threat actors. Bitdefender's analysis

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified in an unauthorized manner. "Upon identification of the malicious activity, we worked quickly to investigate, contain, and take steps to

Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts.

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. [...]

A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive toolkit

:root { --isc-maroon: #7a1f1f; --isc-maroon-dark: #5e1717; --isc-link: #0066cc; --isc-text: #1a1a1a; --isc-muted: #555; --isc-rule: #d0d0d0; --isc-code-bg: #f4f4f4; --isc-code-text: #c0392b; --isc-block-bg: #1e1e1e; --isc-block-text: #e6e6e6; --isc-callout-bg: #fafafa; --isc-table-header: #ececec; } * { box-sizing: border-box; } html, body { margin: 0; padding: 0; background: #ffffff; color: var(--isc-text); font-family: "Open Sans", "Source Sans Pro", -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif; font-size: 15px; line-height: 1.6; } .isc-header { background: var(--isc-maroon); color: #ffffff; padding: 14px 24px; border-bottom: 4px solid var(--isc-maroon-dark); } .isc-header .brand { font-family: Arial, Helvetica, sans-serif; font-size: 22px; font-weight: bold; letter-spacing: 0.3px; } .isc-header .brand a { color: #ffffff; text-decoration: none; } .isc-header .tagline { font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #f3d6d6; margin-top: 2px; } main { max-width: 920px; margin: 0 auto; padding: 28px 32px 48px; } h1.diary-title { font-family: Arial, Helvetica, sans-serif; font-size: 26px; line-height: 1.25; color: var(--isc-maroon); margin: 8px 0 10px 0; border-bottom: 1px solid var(--isc-rule); padding-bottom: 12px; } .meta { font-family: Arial, Helvetica, sans-serif; font-size: 13px; color: var(--isc-muted); margin-bottom: 24px; } .meta strong { color: var(--isc-text); } .meta a { color: var(--isc-link); text-decoration: none; } .meta a:hover { text-decoration: underline; } h2 { font-family: Arial, Helvetica, sans-serif; font-size: 19px; color: var(--isc-maroon); margin-top: 32px; margin-bottom: 10px; padding-bottom: 4px; border-bottom: 1px solid var(--isc-rule); } h3 { font-family: Arial, Helvetica, sans-serif; font-size: 16px; color: var(--isc-text); margin-top: 22px; margin-bottom: 8px; } p { margin: 10px 0; } a { color: var(--isc-link); } a:hover { text-decoration: underline; } code, .inline-code { font-family: "SFMono-Regular", Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13px; background: var(--isc-code-bg); color: var(--isc-code-text); padding: 1px 5px; border-radius: 3px; word-break: break-all; } .callout { background: var(--isc-callout-bg); border-left: 3px solid var(--isc-maroon); padding: 10px 16px; margin: 14px 0; font-family: "SFMono-Regular", Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13px; color: var(--isc-text); } figure { margin: 22px 0; text-align: center; } figure img { max-width: 100%; height: auto; border: 1px solid #cccccc; display: block; margin: 0 auto; } figcaption { font-family: Arial, Helvetica, sans-serif; font-size: 13px; color: var(--isc-muted); margin-top: 8px; font-style: italic; } figcaption strong { color: var(--isc-text); font-style: normal; } table.diary-table { border-collapse: collapse; width: 100%; margin: 16px 0; font-family: Arial, Helvetica, sans-serif; font-size: 13.5px; } table.diary-table th, table.

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the issue. "

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026. The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It's

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. [...]

Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [...]

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices. [...]