SecurityWeek

GitLab Patches Code Execution, Information Disclosure Vulnerabilities

GitLab CE/EE security updates resolve 13 vulnerabilities, including high-severity code execution and information disclosure ...
SecurityWeek

Microsoft Patches Exploited Exchange Server Vulnerability

Microsoft’s latest Patch Tuesday updates resolve an actively exploited Exchange Server vulnerability tracked as CVE-2026-42897. The tech giant warned Exchange users about zero-day attacks exploiting ...
Bleeping Computer

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web ...
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal. Forums go down and come ...