Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...

CERT-UA links the AgingFly credential-stealing campaign to phishing, browser theft, and modular remote access.

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...

Attackers are exploiting trust in Adobe’s brand to deliver covert remote access, using a fake Acrobat Reader download page to install ConnectWise ScreenConnect through a fileless, memory-heavy attack ...

MSBuild, a legitimate Microsoft build tool embedded in many Windows and developer environments, is drawing renewed scrutiny after fresh threat research showed how attackers are using it to run ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Alabama has set a June execution by nitrogen gas for a man convicted of killing two people during a 1998 robbery of a pawn shop. Alabama Gov.

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...

Microsoft this week released one of the largest Patch Tuesday bundles in its history, delivering fixes for 163 new Microsoft CVEs in a month that includes three zero-days and eight Critical-rated ...

Critical154Important1Moderate0LowMicrosoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day ...