SecurityWeek

Oracle Patches 450 Vulnerabilities With April 2026 CPU

The April 2026 Oracle CPU includes 481 new security patches addressing 450 unique CVEs across 28 product families.
InfoWorld

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Patching is not enough: applications embedding the insecure library will need to be rebuilt, and affected tokens and cookies expired. Developers are advised to check their applications after Microsoft ...

Microsoft releases emergency patches for critical ASP.NET flaw

Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability ...
CSO Online

Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations

A multi-tenant authentication gap in Microsoft’s AI operations agent exposed live command streams, internal reasoning, and ...
Android

No More Codes: Google is Making Android App Sign-Ups Instant with New 'Verified Email' Feature

Google is officially ending the frustration of manual verification by allowing Android apps to auto-verify Gmail addresses.

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.