Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

Multiple vulnerabilities in the Orthanc DICOM server could be exploited to cause crashes, leak information, or execute ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...

When a visitor lands on your website, they look for immediate signs of safety. That little padlock icon next to your web address tells them their data remains private. If your site lacks this security ...

Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more. Of course, the international ...

A foreign hacker unknowingly compromised a cache of the FBI’s documents on Jeffrey Epstein three years ago and was so disgusted by what they saw in the files that they threatened to report them to the ...

A hacker in 2023 was able to access an FBI server that contained some files related to Jeffrey Epstein, according to documents released by the Department of Justice earlier this year. In a statement ...