Follow on Google News
SAP patches critical S/4HANA SQL injection flaw in May 2026 update
SAP has released its May 2026 Security Patch Day updates, fixing a critical SQL injection vulnerability in SAP S/4HANA and another critical flaw in SAP…
New Vidar Stealer campaign uses obfuscated Windows scripts to steal credentials
A new Vidar Stealer campaign is targeting Windows users with phishing emails, malicious shortcut files, obfuscated scripts, and trusted system tools to steal passwords, cookies,…
Zoom patches Windows and iOS flaws that can expose systems to privilege escalation
Zoom has patched three security vulnerabilities affecting Zoom Rooms for Windows, the Zoom Workplace VDI Plugin for Windows, and Zoom Workplace for iOS. The two…
Threat actors use Vercel AI tools to create realistic phishing sites at scale
Threat actors are abusing Vercel and its AI website-building tools to create realistic phishing pages that imitate trusted brands and steal login credentials. Cofense researchers…
No blind spots: how MSSPs prevent incidents with live threat visibility
MSSPs prevent incidents by seeing active threats early, connecting that intelligence to client environments, and acting before alerts turn into breaches. That visibility depends on…
Ivanti patches seven vulnerabilities across Secure Access, Xtraction, vTM, and Endpoint Manager
Ivanti has released its May 2026 security updates, fixing seven vulnerabilities across four enterprise products: Ivanti Secure Access Client, Ivanti Xtraction, Ivanti Virtual Traffic Manager,…
Open WebUI patches SVG profile image flaw that could lead to one-click RCE
Open WebUI has patched a stored cross-site scripting flaw that could let attackers abuse SVG profile images to run malicious JavaScript in a victim’s browser.…
Critical FortiSandbox flaw lets unauthenticated attackers run code
Fortinet has fixed a Critical vulnerability in FortiSandbox that could let remote attackers execute unauthorized code or commands without logging in. The flaw is tracked…
Fortinet patches critical FortiSandbox flaw and four more enterprise vulnerabilities
Fortinet has patched five security vulnerabilities affecting FortiSandbox, FortiSandbox Cloud, FortiSandbox PaaS, FortiAP, FortiAP-W2, FortiAP-U, FortiOS, FortiAnalyzer, and FortiManager. The most serious issue is CVE-2026-26083,…
Microsoft’s May 2026 Patch Tuesday fixes 120 flaws with no zero-days reported
Microsoft’s May 2026 Patch Tuesday update fixes 120 security flaws across Windows, Office, SharePoint, Dynamics 365, SQL Server, Azure tools, Visual Studio Code, and Microsoft…
November 21, 2025
1 comment 
