Oracle pushes emergency fix for critical Identity Manager RCE flaw
Update: Added that Oracle declined to comment on whether the vulnerability has been exploited. Oracle has released an out-of-band security
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a
Anthropic Launches Projects Feature for Claude Cowork Desktop
Anthropic is expanding Claude Cowork Desktop with a new Projects feature designed to keep files, instructions, and task context organized
Windows 11 March Update Breaks Microsoft Teams and OneDrive Sign-Ins
Windows 11 March Update Breaks Teams Microsoft has acknowledged a significant bug introduced by its March 2026 cumulative update that
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed
Hackers Compromised 7,500+ Magento Websites to Upload Hidden Malicious Files and Steal Data
A sweeping cyberattack campaign has compromised more than 7,500 Magento-powered e-commerce websites since late February 2026, with attackers uploading hidden
New VoidStealer Variant Bypasses Chrome ABE Without Injection or Privilege Escalation
A newly identified variant of the VoidStealer infostealer has drawn serious attention from the security community after it became the
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
Ravie LakshmananMar 20, 2026Data Privacy / Mobile Security Google on Thursday announced a new “advanced flow” for Android sideloading that
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
Artificial Intelligence (AI) is changing how individuals and organizations conduct many activities, including how cybercriminals carry out phishing attacks and
Microsoft: March Windows updates break Teams, OneDrive sign-ins
Microsoft says the March Windows 11 update breaks sign-ins with Microsoft accounts across multiple Microsoft apps, including Teams and OneDrive.
SILENTCONNECT Uses VBScript, PowerShell and PEB Masquerading to Deploy ScreenConnect
SILENTCONNECT is a newly discovered multi-stage malware loader that has been silently targeting Windows machines since at least March 2025.
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
The U.S. Department of Justice (DoJ) on Thursday announced the disruption of command-and-control (C2) infrastructure used by several Internet of