Guru Baran

A critical zero-day vulnerability in FortiClient EMS is actively exploited. Fortinet has released emergency patches and urges immediate action from users.

Anthropic has halted third-party access to Claude subscriptions, significantly affecting users of tools like OpenClaw. This shift raises costs and limits integration options, leading to dissatisfaction among developers. Users must now adapt to new billing structures or seek refunds.

A hacker claims to have breached Adobe, leaking sensitive data including 13 million support tickets and employee records. This incident highlights serious third-party security risks.

OpenSSH has released version 10.3, fixing a critical shell injection vulnerability. Administrators must review their configurations to avoid potential security risks. Upgrade now to enhance your SSH security.

Microsoft's Copilot AI is now labeled for entertainment only, raising concerns for enterprises. This disclaimer could expose organizations to legal risks and compliance issues. Companies must review their use of AI-generated content to avoid potential liabilities.

HSBC India is enforcing a new password policy requiring uppercase letters only. This change raises serious security concerns. Experts warn this could weaken user account protection. Customers should consider resetting their passwords for improved security.

Notepad++ has launched version 8.9.3, fixing a critical cURL vulnerability and improving performance. Users should update immediately to enhance security and stability.

Claude AI has discovered zero-day RCE vulnerabilities in Vim and Emacs. Users are at risk, especially with Emacs remaining unpatched. Immediate action is crucial to protect systems.

Starting April 1, 2026, India will ban Hikvision, TP-Link, and Dahua from selling CCTV cameras. This move aims to enhance national security and promote local manufacturers. Expect significant market changes and potential price increases as a result.

The Telnyx Python SDK was compromised in a supply chain attack. With 742,000 downloads, this breach puts many developers at risk. Immediate action is needed to secure affected environments.

A new attack method called Ghost SPN allows hackers to extract Active Directory credentials without detection. This stealthy approach poses significant risks to organizations' security. Understanding this threat is crucial for effective defense.

Node.js has released critical patches for multiple vulnerabilities, including risks of DoS attacks and process crashes. Users must upgrade to secure their systems immediately. These updates are vital for maintaining server stability and security.

OpenAI is shutting down its Sora video platform to focus on enterprise tools. This strategic shift aims to streamline offerings ahead of a potential IPO. Users and developers will need to adapt as the platform is discontinued.

A major data breach at Crunchyroll has led to the exfiltration of 100 GB of user data. This incident affects many users, exposing them to risks like identity theft and fraud. Crunchyroll has yet to acknowledge the breach publicly, raising concerns about user safety.

LAPSUS$ claims to have breached AstraZeneca, attempting to sell sensitive internal data. This breach raises alarms about the exposure of critical information. Companies must enhance their security measures to prevent similar incidents.

Anthropic has rolled out a new Projects feature for Claude Cowork Desktop. This update enhances task organization for paid users, allowing for better file management. It aims to streamline workflows, making it easier to manage complex tasks and maintain context.

A critical vulnerability in ScreenConnect allows hackers to hijack sessions by extracting unique machine keys. This affects all versions prior to 26.1, posing severe risks. Organizations must upgrade to version 26.1 immediately to protect themselves.

A vulnerability in the Kubernetes CSI Driver for NFS could allow attackers to delete or modify server directories. Organizations using affected versions are at risk. Immediate action is needed to upgrade and secure systems.

Qihoo 360 has leaked its wildcard SSL private key in a public installer. This exposes users to serious security risks, including data interception and impersonation. The company is taking steps to mitigate the fallout.

Microsoft Exchange Online is facing a global outage affecting email access. Users are experiencing connectivity issues across various platforms. Microsoft is investigating the disruption and providing updates.

A new vulnerability in OpenSSH could crash your secure connections. Many Linux distributions are affected, putting users at risk of disrupted services. Immediate updates are essential to protect against potential attacks.

A critical vulnerability in MediaTek chipsets allows hackers to steal Android phone PINs in just 45 seconds. With 25% of Android users affected, the risk is significant. Stay vigilant and check for updates to protect your device.

Hackers are using Cloudflare's security features to steal Microsoft 365 credentials. This affects anyone using Microsoft 365, putting your login details at risk. Stay vigilant and consider enhancing your security measures to protect your information.

Stryker faced a major cyberattack, resulting in data being wiped from its systems. This breach impacts operations and could affect medical services worldwide. Stryker is investigating and enhancing security measures to prevent future attacks.