Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013323 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use onlinevcpus, not createdvcpus, to iterate over vCPUs Use the kvmforeachvcpu helper ...

Oracle多款产品 安全漏洞

Oracle Java SE, among others, are products of Oracle Corporation in the United States. Oracle Java SE is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Oracle GraalVM for JDK is a high-performance, multi-language runtime an...

EUVD-2026-23875

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center...

Exploit for Improper Access Control in Fortinet Forticlientems

CVE-2026-35616 Author: wa6n3r | GitHubhttps://github...

CVE-2026-6066

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center...

Making opportunistic cyberattacks harder by design

This is part of a series of blogs and interviews conducted with our Microsoft Deputy CISOs , in which we surface a number of mission-critical security recommendations and best practices that businesses can enact right now and derive real meaningful benefits from. In this article, Ilya Grebnov,...

Making opportunistic cyberattacks harder by design

This is part of a series of blogs and interviews conducted with our Microsoft Deputy CISOs , in which we surface a number of mission-critical security recommendations and best practices that businesses can enact right now and derive real meaningful benefits from. In this article, Ilya Grebnov,...

CVE-2026-6066 Unencrypted Client‑Server Communication in ConnectWise Automate™ Solution Center

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center...

CVE-2026-6066

The CVE-2026-6066 entry concerns ConnectWise Automate, specifically the Solution Center component. The vulnerability is described as client-to-server communications potentially occurring without transport-layer encryption, enabling network-based interception of Solution Center traffic in Automate...

Quantum Computers Are Not a Threat to 128-bit Symmetric Keys

The advancing threat of cryptographically-relevant quantum computers has made it urgent to replace currently-deployed asymmetric cryptography primitives—key exchange ECDH and digital signatures RSA, ECDSA, EdDSA—which are vulnerable to Shor’s quantum algorithm. It does not, however, impact existi...

OPENSUSE-SU-2026:20571-1 Security update for go1.26

This update for go1.26 fixes the following issues: - Update to version go1.26.2 bsc1255111. - CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. - CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination bsc1261654. - CVE-2026-27144:...

AppleSEPKeyStore Stress Tester / Fuzzer

This code is not a fully functional exploit, but rather a concurrency stress test and race-condition trigger targeting the Apple Secure Enclave key management driver AppleSEPKeyStore...

PT-2026-33785

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center...

Linux Distros Unpatched Vulnerability : CVE-2025-54510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing lock verification in AMD Secure Processor ASP firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routin...

[20260518] - Core - Transport encryption downgrade for password and username reset links

The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set...

[SECURITY] Fedora 42 Update: curl-8.11.1-8.fc42

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

A Novel Quantum Augmented Framework to Improve Microgrid Cybersecurity

Small modular nuclear reactors SMRs are redefining the energy generation landscape by enabling the deployment of modular, scalable, and pre-built power units that can be used to build distributed autonomous microgrids for critical infrastructure and burgeoning AI factories. Often, these microgrid...

April 19, 2026—KB5091573 (OS Build 17763.8647) Out-of-band

April 19, 2026—KB5091573 OS Build 17763.8647 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices...

April 19, 2026—KB5091575 (OS Build 20348.5024) Out-of-band

April 19, 2026—KB5091575 OS Build 20348.5024 Out-of-band ​​​​​​​Announcements and messages This section provides key notifications related to this release, including announcements, change logs, and end-of-support notices. Windows Secure Boot certificate expiration Windows Secure Boot certificate...

April 19, 2026—KB5091572 (OS Build 14393.9062) Out-of-band

April 19, 2026—KB5091572 OS Build 14393.9062 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices...