The Information Commissioner’s Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the personal data of 663,887 customers and employees. The company supplies 330 million liters of drinking water to 1.6 million consumers daily and, in 2022, disclosed that it was the target […]
Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud. The purpose is to introduce enough friction that users get the time to evaluate the safety of an external request. Recently, there have been attacks targeting high-profile users with […]
Today is Microsoft’s May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed. This Patch Tuesday addresses 17 “Critical” vulnerabilities, 14 of which are remote code execution, 2 are elevation of privilege, and 1 is an information disclosure flaw. The number of bugs in each vulnerability category is listed below: When […]
Microsoft has released the Windows 10 KB5087544 extended security update to fix the May 2026 Patch Tuesday vulnerabilities and resolve an issue with the new Remote Desktop warnings. If you are running Windows 10 Enterprise LTSC or are enrolled in the ESU program, you can install this update like normal by going into Settings, clicking on Windows Update, and […]
Fortinet has released security updates to address two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code on unpatched systems. The first one, tracked as CVE-2026-44277, impacts the company’s FortiAuthenticator Identity and Access Management (IAM) solution and was patched in FortiAuthenticator versions 6.5.7, 6.6.9, and 8.0.3. “An Improper […]
Microsoft has released Windows 11 KB5089549 and KB5087420 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. Today’s updates are mandatory as they contain the May 2026 Patch Tuesday security patches for 120 vulnerabilities discovered in previous months. You can install today’s update by going to Start > Settings > Windows Update and clicking on ‘Check for Updates.’ You can also manually download and […]
Škoda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers. The 130-year-old Czech car maker has over 34,000 employees and reported sales of more than €27 billion and a profit of nearly €2 […]
Android 17, expected to roll out next month, will introduce several security and privacy features focused on device theft, threat detection, and banking scam calls. Google will be expanding protections against scammers spoofing caller IDs to impersonate financial institutions and trick users into transferring money or revealing account-related information. Android will work with banking apps to detect […]
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. The attacker hijacked valid OpenID Connect (OIDC) tokens to publish malicious package versions with verifiable provenance attestation (SLSA Build Level 3) Attributed to the TeamPCP threat group, the attack started with compromising dozens of TanStack […]
SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in Commerce Cloud and S/4HANA. Commerce Cloud is an enterprise-grade e-commerce platform used by online stores owned by large retailers and global brands, while S/4HANA is a cloud-based Enterprise Resource Planning (ERP) suite that will replace the company’s […]
