CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS).
Biometric Update

Aura breach and AI companion app flaws sharpen privacy fears

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.
Opinion
LGBTQ Nation on MSNOpinion

Is Donald Trump bringing conversion therapy back?

Is Trump bringing conversion therapy back? Not exactly, but he is empowering people who want to.
Security Boulevard

Fake Pudgy World site steals your crypto passwords

The phishing site it is not affiliated with Igloo Inc or Pudgy Penguins, but is designed to lure fans and steal their crypto passwords.
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
The Hacker News

ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More

ThreatsDay roundup covering stealthy attacks, phishing trends, exploit chains, and rising security risks across the threat landscape.

What patents reveal about the foundations of AI search

Every time a new large language model (LLM) drops or Google tweaks an AI Overview, the SEO industry loses its mind. We develop this weird collective amnesia, scrambling to optimize for features that ...

St. Louis aldermen advance $5.46M funding shift as city races to meet federal deadline

The city must commit its remaining federal pandemic relief funds by the end of the year or risk returning the money to Washington.

DarkSword iOS exploit chain adopted by multiple threat actors: Report

Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain exploit that compromises iOS devices running versions 18.4 through 18.7 (some ...