Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer 
Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code 
NSAuditor AI EE 0.15.3 Closes the 4th and Final S3 Public-Exposure Vector with Object-Level ACL Enumeration and a BucketOwnerEnforced Upstream Short-Circuit 
NSAuditor AI EE 0.15.x Cumulative — NEW Plugin 1222 Azure Key Vault Deep Auditor (27 → 28), Plus Audit-Accuracy Calibration and CloudTrail Hardening Across 0.15.0, 0.15.1, and 0.15.2 
Malicious npm Package Stole Files From Claude AI User Directory via GitHub 
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
What's new: Exim has released security updates to address a severe use-after-free vulnerability, tracked as CVE-2026-45185 (Dead.Letter), affecting GnuTLS builds....
NSAuditor AI EE 0.3.9 — First Matrix Shift Since 0.3.7: New AWS DynamoDB Audit Integrity Plugin (1060) Moves SOC 2 PI1.5 Out-of-Scope → Partial; First Serverless Entry-Point Evidence Plugin (1050 AWS API Gateway); Plugin-ID Range Realignment Closes Silent CE/EE Collision
LAS VEGAS, NV — May 12, 2026 — Nsasoft US LLC, a network-security and AI-assisted audit software company, today announced...
NSAuditor AI EE 0.3.7 + 0.3.8 — Paired Release Closes the v0.4.0 Runtime Assurance Stack: New 040 AWS CloudTrail Operational Integrity Auditor Moves SOC 2 CC7.2 + CC7.3 Partial→Covered
LAS VEGAS, NV — May 12, 2026 — Nsasoft US LLC, a network-security and AI-assisted audit software company, today announced...
NSAuditor AI EE 0.3.6 Ships — Full SOC 2 IAM Shadow-Admin Evidence-Integrity Sweep
LAS VEGAS, NV — May 11, 2026 — Nsasoft US LLC today announced the immediate availability of NSAuditor AI Enterprise...
⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
What's new: This week, multiple vulnerabilities have been reported, including the exploitation of CVE-2026-6973 in Ivanti EPMM and CVE-2026-0300 in...