The use and reliance on AI is the biggest single growth area in technology. But AI is enormously energy-intensive and requires a new quality of data center. The demand is fueling rapid growth in AI data center builds. The danger is that those building this new type of data center, at speed, do not readily ..
Tag : Vulnerabilities
Splunk and Zoom this week announced patches for multiple vulnerabilities across their products, including several critical and high-severity security defects. Only three of the five advisories that Splunk published address flaws that are specific to its products, while the other two resolve dozens of bugs in third-party components. The Splunk-specific issues include CVE-2026-20296 (a high-severity ..
F5 on Wednesday announced an out-of-band security rollout that patches eight vulnerabilities in NGINX and BIG-IP. The most severe flaw is CVE-2026-42533 (CVSS score of 9.2), a critical issue in NGINX Plus and NGINX Open Source that could be exploited via crafted HTTP requests to cause a heap buffer overflow and restart the NGINX worker ..
Nightmare Eclipse, the disgruntled security researcher who has been dropping zero-day exploits targeting Microsoft products, released another unpatched Windows vulnerability this week, right on the July 2026 Patch Tuesday. The fresh exploit, named LegacyHive, is a local privilege escalation bug in the Windows User Profile Service that allows an attacker to load other users’ hives, ..
An unpatched vulnerability in Cursor on Windows can be triggered for code execution when a developer opens a repository in the application, Mindgard reports. Cursor is one of the most popular AI-assisted development environments, with more than 7 million active users. The security defect, Mindgard says, is straightforward: when opening a repository, Cursor would automatically ..
The US Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday urged immediate hardening of Microsoft SharePoint servers in light of recently disclosed zero-day vulnerabilities. The freshest of the exploited flaws is CVE-2026-56164, a privilege escalation issue that can be exploited remotely without authentication, and which was resolved with Microsoft’s July 2026 Patch Tuesday updates. On ..
A Linux vulnerability that allows untrusted virtual machines to gain root access to host machines is one of two high-severity flaws to surface this week in the open source operating system. The vulnerability resides in KVM, which is, in essence, a virtual machine app included in the kernel of many Linux distributions. The vulnerability, tracked ..
Threat actors are exploiting a vulnerability in Gitea’s reverse-proxy authentication mechanism to access internet-accessible instances by supplying only a valid username. Specific to Gitea’s official Docker images, the critical-severity security defect is tracked as CVE-2026-20896 (CVSS score of 9.8) and can be exploited with a single HTTP header, Sysdig Sr. Director of Threat Research Michael ..
Threat actors are exploiting a recently patched vulnerability in Adobe ColdFusion that carries a maximum severity rating. Tracked as CVE-2026-48282 (CVSS score of 10/10), the security defect is described as a path traversal that could lead to arbitrary code execution. It was patched on June 30 alongside five other max severity flaws in Adobe’s rapid ..
A newly disclosed Linux kernel vulnerability can be exploited to escape virtual machines (VMs) and execute code on the underlying host, security researchers warn. Tracked as CVE-2026-53359 and referred to as Januscape, the security defect impacts the shadow MMU code in Linux Kernel-based Virtual Machine (KVM) hypervisor. The guest-to-host vulnerability poses a major threat to ..


