Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer 
Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code 
NSAuditor AI EE 0.15.3 Closes the 4th and Final S3 Public-Exposure Vector with Object-Level ACL Enumeration and a BucketOwnerEnforced Upstream Short-Circuit 
NSAuditor AI EE 0.15.x Cumulative — NEW Plugin 1222 Azure Key Vault Deep Auditor (27 → 28), Plus Audit-Accuracy Calibration and CloudTrail Hardening Across 0.15.0, 0.15.1, and 0.15.2 
Malicious npm Package Stole Files From Claude AI User Directory via GitHub 
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
What's new: A critical vulnerability (CVE-2026-42897) in on-prem Microsoft Exchange Server is being actively exploited, with a CVSS score of...
NSAuditor AI EE 0.6.1 Adds NEW Plugin 1200 AWS Inspector2 / GuardDuty Enablement Auditor — Foundation-Layer SOC 2 Evidence for CC7.1 + CC7.2 (Plugin Count 21 → 22)
What's new: Nsasoft US LLC has shipped NSAuditor AI Enterprise Edition 0.6.1 — adding NEW plugin 1200 AWS Inspector2 /...
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
What's new: A critical vulnerability identified as CVE-2026-44338, with a CVSS score of 9.8, has been disclosed in PraisonAI's web...
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
What's new: The threat actor known as UNC1151 (also referred to as Ghostwriter) has launched a phishing campaign targeting Ukrainian...
NSAuditor AI EE 0.6.0 Milestone — NEW Plugin 1160 AWS VPC Endpoints / PrivateLink Auditor Opens v0.6.x Line With Plugin-Breadth Expansion (Plugin Count 20 → 21)
What's new: Nsasoft US LLC has shipped NSAuditor AI Enterprise Edition 0.6.0 — the minor-version milestone bump opening the v0.6.x...