Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...
Gigwise

Unlimited RAW File Backup and Archiving: What to Look for in a Scalable Storage Solution

As your photo library grows, your storage strategy needs to grow with it. Here's what professional photographers should evaluate when choosing a scalable RAW file backup and archiving solution.
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
CSO Online

April Patch Tuesday roundup: Zero day vulnerabilities and critical bugs

This month’s threat landscape is ‘defined by immediate, real-world exploitation rather than just theoretical vulnerabilities, ...
The Hacker News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...

The great music hijack: How AI impersonators are siphoning royalties, and distorting the souls of Indie musicians

A shadow economy is taking shape, where AI generated tracks are piggybacking on the reputation of real musicians to fool their listeners and make illicit gains.
Security Boulevard

Top XBOW Alternatives in 2026

Escape is the best XBOW alternative for continuous AI pentesting across APIs, web apps, and complex authentication — with ...

Cisco tells Webex users to patch critical security flaws immediately

Four critical flaws were recently patched, and some AP versions are creating undeletable, growing files.
Security Boulevard

Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign

The compromise of a version of Bitwarden's CLI is connected to the ongoing Checkmarx supply chain campaign, but differences in the operational methods of both incidents are making it difficult to ...

An almost two-decade-old Excel vulnerability is being actively exploited by bad actors

The little exploit that could.
The Guardian Nigeria

Election data at risk as hackers hold govt agencies, banks to ransom

A sophisticated wave of ransomware attacks has remained a threat to Nigerian government agencies and tier-1 financial ...
Arabian Post

Ollama flaw exposes AI server memory

The weakness centres on the handling of GGUF model files, a format commonly used for running and distributing local AI models. By uploading a specially crafted file and triggering quantisation, an ...