Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE

Ravie LakshmananJun 10, 2026Vulnerability / Open Source A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings…

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

Ravie LakshmananJun 10, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation. The list…

CISA Issues New Directive Improving How Federal Agencies Prioritize the Mitigation of Cyber Vulnerabilities

by CISA
June 10, 2026
Security News, Assessments & Alerts
3 min read

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) today issued Binding Operational Directive 26-04: Prioritizing Security Updates Based on Risk, that requires federal civilian agencies to assess and align their vulnerability management policies to…

Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar

The Hacker NewsJun 10, 2026Pentesting / Security Validation Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or…

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release. Of the 206 flaws, 39 are rated…

Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards

On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual: it shipped one model as two products, split not by capability but…

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances

Ravie LakshmananJun 10, 2026Cyber Attack / Vulnerability ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. “On June 5, 2026, ServiceNow…

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

Ravie LakshmananJun 10, 2026Zero-Day / Vulnerability The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named RoguePlanet. “The exploit is…

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Ravie LakshmananJun 10, 2026Vulnerability / JavaScript Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited, could result in remote code execution…

Meta to Use Off-Site Business Data for Feed and AI Personalization

Ravie LakshmananJun 09, 2026Privacy / Artificial Intelligence Meta on Tuesday announced that it will use information shared by other businesses to personalize users’ feed and responses from its artificial intelligence (AI) chatbot, expanding its scope…

« Previous
1
…
7
8
9
10
11
…
538
Next »