vulnerability-management - FUSION GLOBAL

Critical ‘NGINX Rift’ vulnerability discovered, present for 18 years

SC Staff May 14, 2026

The vulnerability, with a CVSS v4 score of 9.2, resides in the ngx_http_rewrite_module and affects a significant...

Critical Exim vulnerability allows remote code execution

SC Staff May 14, 2026

The vulnerability, a user-after-free flaw, occurs during the TLS shutdown process when handling chunked SMTP traffic.

Researcher publishes proof-of-concept exploits for unpatched Windows vulnerabilities

SC Staff May 14, 2026

A cybersecurity researcher has released proof-of-concept exploits for two unpatched Microsoft Windows vulnerabilities, YellowKey and GreenPlasma, which...

Patch Tuesday: No zero days among 137 Microsoft CVEs, 4 Word RCEs

Laura French May 12, 2026

The May 2026 Microsoft security update included no zero days for the first time since June 2024....

Fighting fire with fire: Defending against Mythos-powered cyberattacks

Paul Wagenseil May 12, 2026

How AI-powered exposure management reduces the opportunities AI-powered attackers depend on.

Tomato, JDownloader, TempPCP, Bad Vibes, Dirty Frag, Giedi Prime, Aaran Leyland… – SWN #580

Doug White May 12, 2026

Linux maintainer proposes runtime killswitch for vulnerabilities

SC Staff May 12, 2026

Linux kernel co-maintainer Sasha Levin has proposed a runtime killswitch mechanism, accessible via securityfs, to temporarily disable...

Threat actor Mr_Rot13 exploits critical cPanel flaw to deploy Filemanager backdoor

SC Staff May 12, 2026

The exploitation of CVE-2026-41940, which affects cPanel and WebHost Manager, has been observed shortly after its public...

Federal agencies ordered to patch Ivanti EPMM zero-day in 3 days

Laura French May 8, 2026

The actively exploited flaw enables remote admin users to execute arbitrary code.

‘Dirty Frag’ Linux zero-day exposes most distributions to LPE

Steve Zurier May 8, 2026

Dirty Frag Linux zero-day exposes most distributions to root privilege escalation.