Security Alerts

CVE-2026-20841 and reveals that malicious actors may be able to trick Windows 11 users into clicking a malicious link inside a Markdown (.md) file opened in Notepad.

The AgreeTo add-in for Outlook has been hijacked and turned into a phishing kit that stole more than 4,000 Microsoft account credentials.

iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw. CVE-2026-20700 (CVSS score: N/A), has been described as a memory corruption issue in dyld, Apple’s Dynamic

CVE-2026-20841 – malicious actors may be able to trick Windows 11 users into clicking a malicious link inside a Markdown (.md) file opened in Notepad.

The Patch Tuesday also addresses five “Critical” vulnerabilities, 3 of which are elevation of privileges flaws and 2 information disclosure flaws.

F5 security exposure affecting BIG-IP, NGINX, and container services; stem from denial-of-service (DoS) risks and configuration weaknesses, potentially disrupting WAF & Kubernetes ingress.

A PowerShell-based malware named TAMECAT targeting login credentials stored in Microsoft Edge and Chrome browsers.

CVE-2026-24858 (CVSS score: 9.4) affects FortiManager and FortiAnalyzer; may also include FortiWeb and FortiSwitch Manager.

Web shell named “EncystPHP.” enhance remote command execution, persistence mechanisms, and web shell deployment to resolve FreePBX vulnerability CVE-2025-64328.

Unpatched IIS servers are injected malicious web shells, executed PowerShell scripts, and deployed the BadIIS malware, including hardcoded regional configurations tailored to specific countries.

WorldLeaks claims 1.4TB Nike design and manufacturing data stolen; WorldLeaks (successor to Hunters International) do file theft over encryption.

Clawdbot, open-source AI agent gateway having 900+ unauthenticated instances exposed online and multiple code flaws that enable credential theft and remote code execution.

CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious payloads.

Version 144.0.7559.96/.97 for Windows & Mac and 144.0.7559.96 for Linux addresses V8 JavaScript engine.

CVE-2024-37079 of the DCERPC Distributed Computing Environment/Remote Procedure Calls protocol allows software to invoke procedures and services on a remote system across a network.

CVE-2025-59718 vulnerability to compromise fully patched firewalls.

CVE-2026-24061 (9.8) – critical vulnerability in the GNU InetUtils telnet daemon (telnetd) is “trivial” to exploit.

CVE-2025-14533, affects plugin versions including 0.9.2.1; carries a CVSS score of 9.8 (Critical).

CVE-2026-23550 allowing WordPress admin bypass; Vendor released fix in version 2.5.2; users urged to upgrade immediately.

Google Calendar’s privacy controls hiding a dormant malicious payload within a standard calendar invite; the bypass enabled unauthorized access to private meeting data and the creation of deceptive calendar events.