SecurityWeek

Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days

The bugs could be exploited to elevate privileges to System or create a denial-of-service (DoS) condition. Microsoft this week released patches for two vulnerabilities in Defender, warning they have ...
Microsoft

CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across ...

Microsoft Defender is investigating a high-severity local privilege escalation vulnerability (CVE-2026-31431) affecting multiple major Linux distributions including Red Hat, SUSE, Ubuntu, and AWS ...
Bleeping Computer

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers. The flaw is tracked as ...
Fox News

173 House Democrats vote against resolution honoring police amid rising attacks

House Democrats split over a resolution backing law enforcement as assaults on officers surged last year. Just 29 House Democrats on Wednesday voted for a GOP-authored measure paying tribute to the ...
SecurityWeek

Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises

CVE-2026-40361 is similar to a vulnerability found a decade ago, BadWinmail, which at the time was dubbed an “enterprise killer”. One of the 137 vulnerabilities patched by Microsoft with its Patch ...
InfoWorld

The best new features in Python 3.15

Highlights of Python 3.15, now available in beta, include lazy imports, faster JITs, better error messages, and smarter profiling. The first full beta of Python 3.15 ...
Forbes

Meta Discloses 2 WhatsApp Vulnerabilities In New Security Advisory

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Meta confirms two WhatsApp vulnerabilities in new security advisory. A new WhatsApp security ...
The Verge

Severe Linux Copy Fail security flaw uncovered using AI scanning help

Some distributions have already released patches or mitigations for the exploit, including Arch Linux and RedHat Fedora. Some distributions have already released patches or mitigations for the ...
The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation ...
CSOonline

NIST cuts down CVE analysis amid vulnerability overload

The agency will only add enrichment details to CVEs in limited cases going forward, prioritizing known exploited flaws and vaguely defined ‘critical software.’ Overwhelmed by an escalating volume of ...
CSOonline

Behind the Mythos hype, Glasswing has just one confirmed CVE

As hype builds around Anthropic’s offensive AI model, VulnCheck’s analysis finds just one confirmed CVE tied directly to Project Glasswing, raising questions about how Mythos’ real-world impact should ...