Software developers shift to AI code reviewers
The use of artificial intelligence (AI) in coding is shifting the role of software development, but measuring lines of code is no longer a valid…
Month: May 2026
PoC Code Published for Critical NGINX Vulnerability
Technical details and proof-of-concept (PoC) exploit code targeting a newly patched critical-severity vulnerability in NGINX are now available. Tracked as CVE-2026-42945 (CVSS score of 9.2),…
OpenAI hit by supply chain attack linked to malicious TanStack packages
OpenAI hit by supply chain attack linked to malicious TanStack packages Pierluigi Paganini May 16, 2026 OpenAI said the TanStack supply chain attack compromised two…
Why geopolitical turmoil is a gift for scammers, and how to stay safe
Conflict is a boon for opportunistic fraudsters. Look out for their ploys. 15 May 2026 • , 5 min. read It didn’t take long for…
The economics of ransomware 3.0
Guidance: NIST’s Cybersecurity Framework 2.0 provides the most widely adopted reference architecture for incident response capability maturity, covering identification, protection, detection, response and recovery functions.…
Incident Response: A Choose Your Own Adventure Exercise
When I was a kid, I loved choose your own adventure books. You made decisions and could become a powerful Sho-Gun warrior—or if you chose…
Avada Builder WordPress plugin flaws allow site credential theft
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive…
Malicious JPEG Images Could Trigger PHP Memory Safety Vulnerabilities
Two critical memory-safety vulnerabilities in PHP’s image-processing functions could allow attackers to leak sensitive heap memory or to execute denial-of-service attacks via specially crafted JPEG…
Linux “ssh-keysign-pwn” Flaw Exposing Critical Authentication Files
A newly disclosed Linux kernel vulnerability, dubbed “ssh-keysign-pwn” by Qualys researchers, exposes millions of Linux systems to unauthorized access to sensitive SSH private keys and hashed passwords…
Rocky Linux launches opt-in security repository for urgent fixes
Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code…
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
Ravie LakshmananMay 15, 2026Vulnerability / Credential Theft The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN…
UAE Cyber Security Council and Dell launch cyber security centre to strengthen digital resilience
The UAE Cyber Security Council and Dell Technologies have launched a new chapter in national cyber resilience by establishing a Cybersecurity Centre of Excellence in…