BUGS

Microsoft logo

May 2026 Patch Tuesday: no zero-days but plenty to fix

May 13, 2026

May’s Patch Tuesday may not be the giant release many expected, but there are still plenty of important fixes that shouldn’t be ignored.

WhatsApp logo

Update WhatsApp now: Two new flaws could expose you to malicious files

May 5, 2026

WhatsApp patches flaws that could expose users to malicious content and disguised malware.

compromised servers

Actively exploited cPanel bug exposes millions of websites to takeover

May 1, 2026

A vulnerability in the cPanel/WHM admin interface lets attackers access websites without a username and password.

PhantomRPC elevates privileges

Microsoft won’t patch PhantomRPC: Feature or bug?

April 29, 2026

A researcher has detailed five ways to exploit PhantomRPC, which Microsoft rates “moderate” and does not plan to fix.

iPhone notifications

Apple fixes iOS bug that kept deleted notifications, including chat previews

April 23, 2026

A vulnerability in iPhones and iPads allowed law enforcement to recover deleted notifications, including Signal message previews.

Microsoft logo

April Patch Tuesday fixes two zero-days, including one under active attack

April 15, 2026

This month’s Patch Tuesday addresses 167 vulnerabilities, including two zero-days that could lead to system compromise, data exposure, and privilege escalation.

Adobe logo

Simply opening a PDF could trigger this Adobe Reader zero-day

April 13, 2026

Even though it’s patched, Adobe confirmed it was exploited in the wild, so updating is urgent, not optional.

Interview with a bug bounty hunter

Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw

March 25, 2026

We talked to Khaled Mohamed on going from script kiddie to bug bounty hunter, and the moment he uncovered a flaw in Microsoft Authenticator.

Apple

Apple patches WebKit bug that could let sites access your data

March 18, 2026

Apple has released a Background Security Improvement that silently fixes a WebKit vulnerability (CVE-2026-20643).