Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...
SecurityWeek

OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...

Microsoft Exchange: Zero-day vulnerability is being attacked

A zero-day vulnerability exists in Microsoft Exchange, which attackers are already exploiting. Admins should act quickly.
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
Developer Tech

Anthropic says AI can turn software patches into exploits within hours

Anthropic’s AI turned Firefox and Windows software patches into exploits within hours, including one Windows proof-of-concept ...

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...
The Hacker News

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now

Google released security updates for 74 Chrome vulnerabilities, including CVE-2026-11645, a high-severity V8 out-of-bounds ...
Tech Times

Claude Code Dynamic Workflows: Scripts Replace Context Windows, Ultracode Automates Orchestration

Claude Code Dynamic Workflows, launched May 28, 2026, replaces context-window orchestration with a JavaScript script Claude writes on the fly for each task. Runs cap at 1,000 parallel subagents with ...

Google posts Chromium browsers' proof-of-concept exploit code without a fix

Chrome, Edge, Brave, Opera, and other Chromium-based browsers could reportedly be exposed to abuse after Google accidentally revealed exploit code for an unfixed vulnerability ...
Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

Browser Updates: Chrome, Firefox, and Thunderbird Patch Security Holes

Updates for the web browsers Chrome and Firefox, as well as the Thunderbird email client, patch partly critical security vulnerabilities.