The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent ...
techtimes

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...

Scam alert: An official Microsoft email is being used for phishing links

Scammers have found a way to weaponize an official Microsoft email address in order to spread their cyber crimes. Credit: ...

dbForge 2026.1 Introduces Improved AI SQL Generation and Advanced PostgreSQL Development Features

New dbForge release improves AI-powered SQL generation and adds PostgreSQL visual query building and table editing By ...
Lifehacker

That Email From 'Microsoft' Is Actually a Scam

Jake Peterson is Lifehacker’s Tech Editor, and has been covering tech news and how-tos for nearly a decade. His team covers all things technology, including AI, smartphones, computers, game consoles, ...
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

In its warning, Drupal said a vulnerability in this API allows an attacker to send specially crafted requests resulting in ...
Tech Times

Exchange Server OWA Zero-Day CVE-2026-42897 Exploited With No Permanent Patch and New Mitigation Gaps

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...
CIO

How IT teams are putting AI agents to work

I’ve spent a lot of time inside enterprise AI deployments, and one thing that has become clear is that IT departments are ...
Cameroon-Tribune

Digitalizing Public Governance: MINFOPRA Launches Documentary On Triumphs Of AIGLES System

On May 12, 2026, Cameroon’s Ministry of the Public Service and Administrative Reform (MINFOPRA) announced the release of a ...
CSO Online

Fortinet fixes two critical RCE flaws in FortiAuthenticator and FortiSandbox

The company — whose recent vulnerabilities have been hit with zero-day and n-day exploits — also released three patches for ...
SecurityWeek

Fortinet, Ivanti Patch Critical Vulnerabilities

Fortinet and Ivanti have released fixes for multiple vulnerabilities, including critical flaws leading to code execution.