The Hacker News

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

"A regression in the Microsoft.AspNetCore.DataProtection 10.0.0-10.0.6 NuGet packages cause the managed authenticated ...
Macworld

iOS 26.4.2 is out now with more security and bug fixes for your iPhone

Apple has an update for iOS 26.4 that simply fixes some unspecified bugs and improves security. Earlier this month, Apple ...

Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed

More than 1,300 internet-exposed SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw Microsoft says ...
CSO Online

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Patching is not enough: applications embedding the insecure library will need to be rebuilt, and affected tokens and cookies ...
SDxCentral

CISA flags 3 exploited Cisco vulnerabilities for patching

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed three Cisco Catalyst SD-WAN Manager bugs as under ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...
Windows Report

Microsoft Ships Emergency .NET Patch After Severe Security Risk Discovered

Microsoft released .NET 10.0.7 to fix critical CVE-2026-40372 vulnerability that could allow SYSTEM-level access and data ...
ExecutiveGov

NIST Revamps Vulnerability Database Prioritization to Manage CVE Surge

NIST is focusing on enriching cybersecurity vulnerabilities and exposures that appear in CISA’s Known Exploited ...

Apple fixes iOS bug that retained deleted notification data

Apple has released out-of-band security updates for iPhone and iPad devices to fix a Notification Services flaw that could allow notifications marked for deletion to remain stored on the device.

CISA flags new SD-WAN flaw as actively exploited in attacks

CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager ...