WhatsApp has begun rolling out parent‑managed accounts for pre‑teens, a new account type that gives parents and guardians control over who can contact their child and which groups the child can join. The feature is limited to messaging and calling and intentionally excludes access to Meta AI, Channels, Status, and location sharing. What the accounts do Parents control contact and
Category: Cybersecurity
Zero-Day, APT, Exfiltration, Lateral-Movement, Privilege-Escalation, Botnet, Rootkit, Backdoor, Keylogger, Smishing, Vishing, Spear-Phishing, Social-Engineering, MITM, SQL-Injection, XSS, CSRF, Path-Traversal, Buffer-Overflow, Honeypot, CVE, CVSS, Red-Team, Blue-Team, Threat-Hunting, Malware-Analysis, MITRE-ATT&CK, Insider-Threat, Jailbreak, Shellcode, Exploit-Kit, LFI, RFI, Obfuscation, Payload, security advisory, vulnerability disclosure, CWE, OWASP, cybersecurity news, threat intelligence, SOC, SIEM, cryptotheft, evasion, CVE Security
Microsoft Active Directory Domain Services Vulnerability (CVE-2026-25177) — What Administrators Need to Know
In early March 2026, Microsoft released an important security update addressing a high-severity vulnerability in Active Directory Domain Services (AD DS) tracked as CVE-2026-25177. The flaw received a CVSS score of 8.8 and can allow an authenticated network actor with limited permissions to escalate privileges to full SYSTEM on a targeted domain controller. Microsoft and third-party researchers coordinated fixes and
Google Completes $32 Billion Acquisition of Wiz
Google has finalized its acquisition of Wiz, the Israeli cloud and AI security company, in an all-cash transaction valued at $32 billion. The deal, announced as closed in March 2026, is the largest acquisition in Google’s history and represents a major move by Google Cloud to deepen its capabilities in cloud-native and AI security. Deal overview The acquisition brings the
Zombie ZIP: How Malformed Archives Can Hide Malware from Security Scanners
A new archive-manipulation technique called “Zombie ZIP” lets attackers conceal payloads inside ZIP files in a way that can evade many antivirus and endpoint detection solutions. The method was described by security researcher Chris Aziz of Bombadil Systems and has drawn warnings from CERT/CC and the wider security community. This post explains how Zombie ZIP works, what research and evidence
Microsoft .NET Out-of-Bounds Read (CVE-2026-26127) Causes Remote Denial-of-Service Risk
Microsoft has issued an emergency security update to address a newly disclosed vulnerability in the .NET ecosystem that can be triggered remotely and results in denial-of-service (DoS) conditions. The flaw, tracked as CVE-2026-26127, affects multiple .NET runtime and package versions across Windows, macOS, and Linux. Administrators and developers should prioritize applying the available patches to prevent service disruption. What the
Zero-Day on the Market: $220K Exploit Targets Windows Remote Desktop Services (CVE-2026-21533)
Remote Desktop Services (RDS) has come under renewed scrutiny after reports that a working exploit for CVE-2026-21533 — an elevation-of-privilege vulnerability in Windows Remote Desktop Services — was listed for sale on a dark web forum for $220,000. The listing and surrounding reporting are factual and straightforward: a recently created account advertised a claimed zero-day exploit, observers recorded the posting,