Rocky Linux launches opt-in security repository for urgent fixes
Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code…
Author: Cybernoz
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
Ravie LakshmananMay 15, 2026Vulnerability / Credential Theft The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN…
UAE Cyber Security Council and Dell launch cyber security centre to strengthen digital resilience
The UAE Cyber Security Council and Dell Technologies have launched a new chapter in national cyber resilience by establishing a Cybersecurity Centre of Excellence in…
TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code
The infamous TeamPCP hacking group that besieged the open source software ecosystem several times over the past half year has released the source code of…
NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light
NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light Pierluigi Paganini May 14, 2026 Researchers found a critical…
EU’s Cyber Resiliency Act will put IT leaders to the test
Although nearly everyone in SaaS alternative Cloudsmith’s recent Artifact Management Report generates SBOMs, only a quarter do that automatically rather than manually or on demand.…
Meet Andrea Colon, Restoring Peace of Mind in a Paranoid Digital World
In this edition of our “Employee Spotlight” series, I sat down with Andrea Colon, an Account Executive who sees the human side of cyber warfare…
Popular node-ipc npm package compromised to steal credentials
Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. The…
Google Project Zero Discloses Zero-Click Exploit Chain for Pixel 10 Devices
A newly disclosed zero-click exploit chain targeting Google Pixel 10 devices has raised fresh concerns about Android’s low-level security. Google Project Zero researchers demonstrated how…
Google Project Zero Details Pixel 10 Zero-Click Exploit Chain
A powerful zero-click exploit chain for the Pixel 10 that can take an attacker from a remote Dolby decoding bug to full kernel control through…
Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still…
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but…