Background Circle Background Circle
Mythos Preview

Mythos Preview PoC Exploits: AI Now Builds Working Exploits Automatically [2026]

The AI That Finds Bugs Can Now Weaponise Them If you work in cybersecurity, you’ve been hearing about Anthropic’s Claude Mythos Preview for months. First, it was finding vulnerabilities in every major operating system. Then it was outpacing every benchmark. Now, Mythos Preview has crossed a threshold that changes the game entirely: it builds working […]

CVE-2026-20182

Cisco SD-WAN Zero-Day CVE-2026-20182: Sixth Zero-Day Exploited in 2026 by UAT-8616

The Perfect Storm in Enterprise Networking When Cisco’s own threat intelligence team confirms active exploitation of a vulnerability they just patched, you know it’s serious. On May 14, 2026, Cisco disclosed CVE-2026-20182 — a critical authentication bypass in Cisco Catalyst SD-WAN Controller and Manager — and simultaneously revealed that a sophisticated threat actor, tracked as […]

CVE-2026-42897

Microsoft Exchange Zero-Day CVE-2026-42897: What You Need to Know

🚨 Critical security alert: Microsoft has disclosed a zero-day vulnerability in on-premises Exchange Server that is actively being exploited in the wild. If your organisation runs any on-prem Exchange deployment, this is your cue to act right now. What Happened? On May 14, 2026, Microsoft released an out-of-band security advisory for CVE-2026-42897 — a high-severity […]

CVE-2026-3854

How a Semicolon Broke GitHub: Inside CVE-2026-3854

One git push. Full server takeover. Here’s the full technical breakdown of CVE-2026-3854 — one of the most severe vulnerabilities in GitHub’s history. The Vulnerability Explained CVE-2026-3854 was a critical RCE (Remote Code Execution) vulnerability in GitHub Enterprise Server and GitHub.com, discovered by Wiz Research using AI-assisted reverse engineering. The CVSS score was 8.8 — […]

CVE-2026-33032

How a Single Missing Middleware Call Gave Attackers Full nginx-ui Takeover (CVE-2026-33032)

The Short Version There’s a bug in nginx-ui that’s been sitting in production since the MCP integration landed. A single HTTP endpoint — /mcp_message — handles every destructive operation the MCP tools can perform (config writes, nginx restarts, anything with side effects). It has an IP whitelist. It does NOT have authentication. The paired endpoint […]

canvas data breach 2026

Canvas Data Breach 2026: How ShinyHunters Exploited the LMS Supply Chain

The education sector has just suffered its most devastating cyberattack on record. In May 2026, Instructure—the parent company behind the widely used Canvas Learning Management System (LMS)—succumbed to a massive double-extortion ransomware attack orchestrated by the notorious threat group ShinyHunters. With over 41% of North American higher education institutions and thousands of K-12 school districts […]

invisible folder

How To Make An Invisible Folder On a PC

Are you looking for a way to declutter your desktop and keep your files organised? One simple solution is to create invisible folders. In this tutorial, we’ll show you how to create invisible folders on your desktop in just a few easy steps. To create an invisible folder on your desktop, follow these steps: A […]