Articles from 2026
Browse all Windows news articles published in 2026
CISA KEV Update: CVE-2026-39987 Marimo Pre-Auth RCE Now Actively Exploited
CISA’s April 23, 2026 update to its Known Exploited Vulnerabilities Catalog is a reminder that the most dangerous security problems are often the ones attackers have already operationalized. This time
Assassin’s Creed Black Flag Resynced: PC Specs, Ray Tracing & July 9, 2026 Launch
Assassin’s Creed Black Flag Resynced has gone from industry rumor to officially staged comeback, and Ubisoft has now pulled back the curtain on one of the most anticipated remakes in its catalog. With
SpiceJet Booking System Flaws: PNR Enumeration & No-Auth Access (CVSS 7.5)
The newly disclosed SpiceJet Online Booking System vulnerabilities are the sort of defects that turn a simple airline lookup page into a privacy nightmare. CISA says the flaws affect all versions of t
CISA Warns SpiceJet Booking Flaws Expose PNR Passenger Data (CVE-2026-6375/6376)
The latest CISA advisory on the SpiceJet Online Booking System is a straightforward but serious warning: two unauthenticated access-control flaws could let attackers disclose passenger data, including
CVE-2026-6074 Path Traversal in Intrado 911 Emergency Gateway: Urgent Patch
Intrado’s 911 Emergency Gateway is facing a severe security issue that could let an attacker with existing network access reach the management interface without authentication, then read, modify, or d
Intrado EGW CVE-2026-6074 Patch Urgently: Unauthenticated Management & File Access
Intrado’s 911 Emergency Gateway (EGW) has landed in the crosshairs of a severe security advisory, and the details make clear why defenders in emergency services and enterprise telephony should treat i
CISA Warns Milesight Cameras: Multiple CVEs Lead to RCE, Injection, and Device Crashes
Milesight Cameras are back in the security spotlight with a sprawling CISA advisory that ties five CVE families to a wide range of AIoT, LPR, and network camera product lines, many of them still runni
Yadea T5 E-Bike Flaw CVE-2025-70994 Lets Attackers Forge Key-Fob Signals Locally
Yadea’s T5 electric bicycle has just become the latest reminder that modern transportation security is no longer limited to cars, trucks, and public transit. According to CISA’s newly published ICS ad
CISA Critical Flaw in Xiongmai XM530 IP Cameras (CVE-2025-65856) Auth Bypass
The latest CISA advisory on the Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera is not a routine firmware notice; it is a critical authentication-bypass disclosure that can let unauthenticated a
Windows 11 Drop Tray Update: Smaller Peek, New Name, Less Intrusive File Sharing
Microsoft has quietly done something Windows users have been asking for with unusual consistency: it took a small but intrusive file-sharing gesture and made it feel like part of the desktop again. Th
Windows 11 “Update Later” Lets Users Skip Setup Updates—Security vs Convenience
Microsoft’s latest Windows 11 setup tweak is small in appearance but significant in practice: after months of tightening the Out-of-Box Experience, the company is now letting some users skip post-inst
CISA Critical Auth Bypass Flaw in Hangzhou XM530 IP Cameras via ONVIF
The latest CISA ICS advisory on the Hangzhou Xiongmai Technology Co., Ltd. XM530 IP Camera describes a severe authentication bypass that could let an unauthenticated attacker reach sensitive device in