Windows is getting stronger RDP file protections to fight phishing attacks
Microsoft has introduced new Windows protections starting with the April 2026 security update to reduce phishing attacks that abuse Remote Desktop (.rdp) files. With these…
Latest Cybersecurity News — Page 390
View all →
From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere
We’ve uncovered multiple campaigns distributing an infostealer we track as NWHStealer, using everything from fake VPN downloads to hardware utilities and gaming mods. What makes…
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
Ravie LakshmananApr 15, 2026Vulnerability / Data Breach A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April’s…
UK businesses must face up to AI threat, says government
A new generation of experimental, frontier AI models are rapidly developing the ability to discover and exploit software vulnerabilities and business leaders need to start…
Superloop puts functional separation bid to ACCC
Superloop is seeking regulatory approval for a joint structural separation plan extending from its $165 million acquisition of fibre-to-the-premises operator Lynham Networks. The Australian Competition…
Exploited Vulnerability Exposes Nginx Servers to Hacking
A critical Nginx UI vulnerability that allows attackers to take full control of servers has been exploited in the wild. Nginx UI (nginx-ui) is a…
CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access
CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access Pierluigi Paganini April 15, 2026 An actively exploited critical nginx-ui flaw (CVE-2026-33032) lets attackers bypass authentication and…
Medium-severity flaw in Microsoft SharePoint exploited
The flaw should be taken seriously, despite its relatively low score, according to researchers. Source link
NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities
The federal agency tasked with analyzing security vulnerabilities is overwhelmed as it and other authorities struggle to keep pace with a flood of defects that…
Critical nginx UI tool vulnerability opens web servers to full compromise
“This exposes 12 MCP tools, including config writes with automatic nginx reload, to any host on the network. One unauthenticated API call is all it…
“TotalRecall Reloaded” tool finds a side entrance to Windows 11’s Recall database
The problem, as detailed by Hagenah on the TotalRecall GitHub page, isn’t with the security around the Recall database, which he calls “rock solid.” The…
Qualys VMDR and TotalCloud Now on Oracle Cloud Marketplace
Key Takeaways Qualys VMDR and TotalCloud are now available on the Oracle Cloud Marketplace, simplifying procurement and deployment for Oracle Cloud Infrastructure (OCI) customers. Organizations can…