Patch Tuesday delivers fixes for 59 Microsoft flaws, six exploited zero-days, plus critical SAP and Intel TDX vulnerabilities.

Pakistan-aligned APT36 and SideCopy target Indian defense and government entities using phishing-delivered RAT malware across Windows and Linux system ...

Microsoft patches 59 vulnerabilities, including six actively exploited zero-days, with CISA mandating urgent federal remediation.

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.

UNC1069 targets crypto firms via Telegram lures, fake Zoom meetings, and multi-stage malware to steal credentials, browser data, and funds.

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.

Ivanti EPMM zero-day flaws enabled cyberattacks on Dutch, EU, and Finnish government systems, exposing employee contact and device data.

Bloody Wolf spear-phishing campaign deploys NetSupport RAT across Uzbekistan and Russia, hitting 60+ victims and multiple ...

This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.

UNC3886 targeted Singapore’s telecom operators via zero-day exploits, rootkits, and VMware systems; no customer data breach confirmed.

Germany’s BSI and BfV warn of state-linked Signal phishing using fake support chats, PIN theft, and device linking to access ...