CalPhishing Scam Exploits Outlook Invites To Steal M365
Hackers now hijacking M365 accounts through Outlook calendar invites. The EvilTokens kit lets attackers steal session tokens and bypass MFA entirely.
May 2026
Read More
Microsoft Warns Of Exchange Zero-Day Exploited In Attacks
Microsoft reveals Exchange Server zero-day being actively exploited. Attackers use XSS to execute arbitrary code targeting Outlook on the web. Patch now.
Pwn2Own Berlin Day Two: $523K In Exploits Awarded
Day Two of Pwn2Own Berlin 2026: $523K awarded for 24 zero-days on Day One. SharePoint, Exchange, and Safari under attack today. The race for Master of Pwn intensifies
CISA Adds Cisco SD-WAN Flaw To KEV Catalog
CISA adds Cisco SD-WAN authentication bypass to KEV catalog. Critical flaw CVE-2026-20182 exploited for admin access. Federal agencies have until May 2026.
Canvas Hackers Claim Data Deleted—Nobody Believes Them
Canvas LMS hacked: cybercriminals claim they deleted stolen student data. Yeah right. Nobody’s buying it except maybe the executives.
iOS 26.5 Finally Encrypts iPhone-Android RCS Chats
Apple’s iOS 26.5 introduces default end-to-end encrypted RCS messaging between iPhone and Android devices, closing a long-standing cross-platform security gap. The update also patches over 50 vulnerabilities across iOS and iPadOS components.
Pentagon Official Calls Advanced AI Revolutionary Warfare
Pentagon’s top cyber official warns advanced AI represents revolutionary warfare. The future of conflict is here and it’s algorithmic.
Smartphones: Your Personal Snitch In Your Pocket
Your phone knows everything. Law enforcement knows that too. Every text, photo, and location ping becomes evidence when investigators come knocking.
Pentagon Labels Advanced AI Revolutionary Warfare
Pentagon cyber official labels advanced AI as revolutionary warfare—a stark warning about how artificial intelligence is fundamentally transforming military conflicts
Cisco SD-WAN Zero-Day Exploited In Active Attacks
Cisco SD-WAN controllers under active zero-day attack. Critical auth bypass flaw lets attackers grab admin access. Patch immediately if you’re running affected versions.