2026Vulnerability

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

AndyC 22 April 2026

Ravie LakshmananApr 21, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have discovered a vulnerability in Google's agentic integrated development environment (IDE),...

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

AndyC 18 April 2026

Ravie LakshmananApr 17, 2026Vulnerability / Endpoint Security Huntress is warning that threat actors are exploiting three recently disclosed security flaws...

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

AndyC 17 April 2026

Ravie LakshmananApr 17, 2026Vulnerability Management The National Institute of Standards and Technology (NIST) has announced changes to the way it...

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

AndyC 17 April 2026

Ravie LakshmananApr 17, 2026Vulnerability / Enterprise Security A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active...

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

AndyC 17 April 2026

Ravie LakshmananApr 16, 2026Vulnerability / Network Security Cisco has announced patches to address four critical security flaws impacting Identity Services...

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

AndyC 16 April 2026

Ravie LakshmananApr 15, 2026Vulnerability / Data Breach A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have...

OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams

AndyC 15 April 2026

Ravie LakshmananApr 15, 2026Vulnerability / Secure Coding OpenAI on Tuesday unveiled GPT-5.4-Cyber, a variant of its latest flagship model, GPT‑5.4, that's specifically...

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

AndyC 15 April 2026

Ravie LakshmananApr 14, 2026Vulnerability / DevSecOps Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully...

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

AndyC 14 April 2026

Ravie LakshmananApr 14, 2026Vulnerability / Network Security A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in...

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

AndyC 14 April 2026

Ravie LakshmananApr 14, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen...

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

AndyC 12 April 2026

Ravie LakshmananApr 12, 2026Vulnerability / Endpoint Security Adobe has released emergency updates to fix a critical security flaw in Acrobat...

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

AndyC 11 April 2026

Ravie LakshmananApr 10, 2026Vulnerability / Threat Intelligence A critical security vulnerability in Marimo, an open-source Python notebook for data science and...

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets

AndyC 10 April 2026

Ravie LakshmananApr 09, 2026Vulnerability / Mobile Security Details have emerged about a now-patched security vulnerability in a widely used third-party...

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

AndyC 10 April 2026

Ravie LakshmananApr 09, 2026Vulnerability / Threat Intelligence Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader...

APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies

AndyC 9 April 2026

Ravie LakshmananApr 08, 2026Vulnerability / Cloud Security The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has...

2026Vulnerability

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

As breakout time accelerates, prevention-first cybersecurity takes center stage

Digital assets after death: Managing risks to your loved one’s digital estate

This month in security with Tony Anscombe – March 2026 edition

RSAC 2026 wrap-up – Week in security with Tony Anscombe

Donate Bitcoin to this address

Donate Ethereum to this address

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed