SC Staff

Microsoft warns of active exploitation of new Exchange Server zero-day vulnerability

• vulnerability-management

Microsoft warns of active exploitation of new Exchange Server zero-day vulnerability

SC Staff May 15, 2026

The vulnerability, a cross-site scripting flaw with a CVSS score of 8.1, specifically impacts Outlook Web Access...

Read More Read more about Microsoft warns of active exploitation of new Exchange Server zero-day vulnerability

Hackers use PyInstaller to hide XWorm malware

• malware

Hackers use PyInstaller to hide XWorm malware

SC Staff May 15, 2026

The attack begins with deceptive emails or fake software updates containing a seemingly harmless file.

Read More Read more about Hackers use PyInstaller to hide XWorm malware

Researchers bypass Apple’s M5 security with AI-powered macOS exploit

• aiml

Researchers bypass Apple’s M5 security with AI-powered macOS exploit

SC Staff May 15, 2026

Researchers from Calif utilized Anthropic's Mythos Preview AI to chain two previously unknown bugs and several techniques,...

Read More Read more about Researchers bypass Apple’s M5 security with AI-powered macOS exploit

FTC begins enforcing Take It Down Act for nonconsensual deepfakes

FTC begins enforcing Take It Down Act for nonconsensual deepfakes

SC Staff May 15, 2026

The Take It Down Act mandates that online platforms remove nonconsensual intimate imagery and AI-generated "digital forgeries"...

Read More Read more about FTC begins enforcing Take It Down Act for nonconsensual deepfakes

U.S. officials discard items from China trip over security concerns

U.S. officials discard items from China trip over security concerns

SC Staff May 15, 2026

During a high-level meeting between U.S. officials, including Trump, and the Chinese government led by President Xi...

Read More Read more about U.S. officials discard items from China trip over security concerns

ESET details new Ghostwriter activity targeting Ukrainian government

• threat-intelligence

ESET details new Ghostwriter activity targeting Ukrainian government

SC Staff May 15, 2026

The latest FrostyNeighbor campaign begins with a spear-phishing email containing a PDF attachment disguised as an official...

Read More Read more about ESET details new Ghostwriter activity targeting Ukrainian government

WordPress Funnel Builder vulnerability exploited to steal payment data

• vulnerability-management

WordPress Funnel Builder vulnerability exploited to steal payment data

SC Staff May 15, 2026

The vulnerability in the Funnel Builder plugin, used by over 40,000 websites, allows unauthenticated attackers to modify...

Read More Read more about WordPress Funnel Builder vulnerability exploited to steal payment data

American Lending Center data breach impacts over 123,000 individuals

American Lending Center data breach impacts over 123,000 individuals

SC Staff May 15, 2026

The breach involved a ransomware attack where threat actors compromised the internal network and accessed files containing...

Read More Read more about American Lending Center data breach impacts over 123,000 individuals

Permiso launches AI agent runtime security

• aiml

Permiso launches AI agent runtime security

SC Staff May 15, 2026

The new capabilities extend Permiso’s unified identity platform to address the growing challenge of securing AI agents,...

Read More Read more about Permiso launches AI agent runtime security

Critical vulnerability in Burst Statistics plugin allows admin takeover

• vulnerability-management

Critical vulnerability in Burst Statistics plugin allows admin takeover

SC Staff May 15, 2026

The flaw, identified as CVE-2026-8181, was introduced in version 3.4.0 and persists in 3.4.1 of the Burst...

Read More Read more about Critical vulnerability in Burst Statistics plugin allows admin takeover