BUGS

iPhone notifications

Apple fixes iOS bug that kept deleted notifications, including chat previews

April 23, 2026

A vulnerability in iPhones and iPads allowed law enforcement to recover deleted notifications, including Signal message previews.

Microsoft logo

April Patch Tuesday fixes two zero-days, including one under active attack

April 15, 2026

This month’s Patch Tuesday addresses 167 vulnerabilities, including two zero-days that could lead to system compromise, data exposure, and privilege escalation.

Adobe logo

Simply opening a PDF could trigger this Adobe Reader zero-day

April 13, 2026

Even though it’s patched, Adobe confirmed it was exploited in the wild, so updating is urgent, not optional.

Interview with a bug bounty hunter

Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw

March 25, 2026

We talked to Khaled Mohamed on going from script kiddie to bug bounty hunter, and the moment he uncovered a flaw in Microsoft Authenticator.

Apple

Apple patches WebKit bug that could let sites access your data

March 18, 2026

Apple has released a Background Security Improvement that silently fixes a WebKit vulnerability (CVE-2026-20643).

Zombie zip

Zombie ZIP method can fool antivirus during the first scan

March 16, 2026

Researchers published about the Zombie ZIP vulnerability (or not a vulnerability, that's up for debate) that can bypass a first AV inspection.

week in security

A week in security (March 9 – March 15)

March 16, 2026

A list of topics we covered in the week of March 9 to March 15 of 2026

Chrome logo

[updated] Google patches two Chrome zero-days under active attack

March 13, 2026

Google has released an out-of-band Chrome update to patch two zero-day vulnerabilities that are already being actively exploited.

three iPhones

Apple patches Coruna exploit kit flaws for older iOS versions

March 12, 2026

Apple issued security updates for older iOS and iPadOS versions to close vulnerabilities exploited by the Coruna exploit kit.