The Hacker News

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

CISA added two actively exploited CVEs to KEV after confirmed attacks, mandating FCEB patching by May 12, 2026.
Dark Reading

AI Finds 38 Security Flaws in Electronic Health Record Platform

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...
SecurityWeek

38 Vulnerabilities Found in OpenEMR Medical Software

Dozens of vulnerabilities were discovered recently in the open source electronic medical records platform OpenEMR.
GovInfoSecurity

Breach Roundup: US Cyber Command Flags Election Threats

This week, election threats resurfaced. A prolific hacker arrested. Black Axe network disrupted. China-linked disinformation ...

CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog

The Cybersecurity and Infrastructure Security Agency added two major software flaws to its Known Exploited Vulnerabilities ...
SecurityWeek

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities across its products, including four critical-severity bugs in Webex and Identity Services ...

Malicious code vulnerability with maximum rating threatens Firebird

The open-source database management system Firebird is vulnerable in several ways. It can allow malicious code onto systems.
Dark Reading

Every Old Vulnerability Is Now an AI Vulnerability

AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones. On March 10, 2026, Microsoft patched ...
Game Rant

I Played Over 3 Hours of 007 First Light, IOI's New James Bond Game

For the better part of a decade, IO Interactive has been known as the Hitman studio, but that all changes next month. 007 ...
Security Boulevard

Attacking the MCP Trust Boundary

Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol ...