Breaches, ransomware and regulation — analysed the day they break, with the practical lessons your team can act on. Free to read, no account required.

A privilege-escalation zero-day in the Malware Protection Engine — the scanning core shared by every supported Defender variant — has been confirmed by Microsoft, with no patch yet shipped.

Widget Factory's JCE extension contains an unauthenticated arbitrary file-write vulnerability that attackers are already burning in the wild. Federal agencies have three weeks to patch. Everyone else should move faster.

CVE-2026-54420 carries a CVSS score of 8.5 and hands attackers root-level control over shared hosting servers. Federal agencies must patch by June 18, 2026. Everyone else should move faster.

Splunk addresses a severe flaw in its Enterprise software that could allow unauthenticated users to execute arbitrary code.

A pseudonymous researcher dropped an alleged Windows Recovery Environment exploit days after Patch Tuesday. A respected vulnerability analyst couldn't replicate it. The researcher is already hunting a workaround.

A hobbyist find targeting XML configuration files in the Windows Recovery Environment exposes a fundamental gap in full-disk encryption's trust model — and no Microsoft patch exists yet.

A write-anywhere bug in the popular open-source AI workflow builder carries a CVSS 8.8 score and is already seeing opportunistic mass exploitation — patch immediately or assume compromise.

GitHub's decision to disable lifecycle hooks in npm 12 removes the single most-abused primitive in JavaScript supply chain attacks. Here is what defenders, DevOps teams, and security engineers need to know before the cutover.

An exploit named RoguePlanet has surfaced, targeting Microsoft Defender with a local privilege escalation vulnerability, raising security concerns.

Microsoft addresses a record number of vulnerabilities amid AI-assisted bug discoveries and a high-profile researcher threatening further zero-day releases.

The June 2026 cumulative update for Windows 10 22H2 Extended Security Updates enrollees bundles this month's vulnerability fixes and adds diagnostic hooks for a looming Secure Boot certificate transition that could leave unpatched systems open to bootkit attacks.

CVE-2026-20245 lets an authenticated attacker escalate to root through the CLI. Mandiant reported the bug after spotting real intrusions, and Cisco has confirmed unauthorized configuration changes in the wild.
Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.
