The Hacker News

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

CVE-2026-33626 exploited within 13 hours of disclosure, enabling SSRF-based cloud credential theft and internal scanning.

Microsoft fixes bug behind Windows Server 2025 automatic upgrades

Microsoft has finally fixed a known issue that was causing systems running Windows Server 2019 and 2022 to "unexpectedly" ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...
Bleeping Computer

Microsoft rolls out fix for broken Windows Start Menu search

Microsoft has pushed a server-side fix for a known issue that broke the Windows Start Menu search feature on some Windows 11 23H2 devices. In a Windows release health update (WI1273488) seen by ...

Microsoft patches vulnerability with highest risk rating in Entra ID

Microsoft has published a vulnerability advisory. The security vulnerability with the entry CVE-2026-35431 (CVSS 10.0, risk ...
Security Boulevard

Exposed LLM Infrastructure: How Attackers Find and Exploit Misconfigured AI Deployments

Exposed LLM servers are being actively scanned and exploited. Learn how attackers find misconfigured AI infrastructure and ...
Dark Reading

'Zealot' Shows What AI's Capable of in Staged Cloud Attack

The proof of concept revealed AI-based attacks unfold too fast for human defenders to respond, and that AI evinced more ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

F5, Inc. (FFIV) Q2 2026 Earnings Call Transcript

Good afternoon, and welcome to the F5, Inc. Second Quarter Fiscal 2026 Financial Results Conference Call. [Operator Instructions] Also, today's conference is being recorded. If anyone has any ...

The Prompt Engineering Cheat Sheet: How to Write Better AI Prompts

Learn prompt engineering with this practical cheat sheet that covers frameworks, techniques, and tips for producing more ...
CSO Online

April Patch Tuesday roundup: Zero day vulnerabilities and critical bugs

This month’s threat landscape is ‘defined by immediate, real-world exploitation rather than just theoretical vulnerabilities, ...