Security & Lifecycle News

Aggregated from vendor advisories, security research, and industry publications.

2026-05-13 Network World

Cisco open-sources agentic AI security spec

Cisco has turned over an internally developed specification for agentic AI security evaluation to the GitHub open-source community. The Foundry Security Spec is meant to be used with GitHub’s spec-kit, which is an industry-wide set of development workflows that can be used with different AI agents. The idea is to help customers and the industry create a common framework for evaluating and gover…

Cisco Foundry Networks

2026-05-13 SecurityWeek

Government to Scrutinize Instructure Over Canvas Disruption, Data Breach

The Committee on Homeland Security has requested to be briefed on the incident and Instructure’s remediation steps. The post Government to Scrutinize Instructure Over Canvas Disrup…

2026-05-13 BleepingComputer

Microsoft says some users can't install Office on Windows 365 devices

Microsoft says some customers are experiencing issues downloading and installing Office on their Windows 365 devices. [...]

2026-05-13 The Hacker News

[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud

TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register …

2026-05-13 The Register

Linux gains more critical Windows apps: 3D Movie Maker and Space Cadet Pinball

Further demonstrating its role as industry default OS the versatility of modern porting tools

2026-05-13 The Hacker News

Most Remediation Programs Never Confirm the Fix Actually Worked

Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean …

2026-05-13 SecurityWeek

716,000 Impacted by OpenLoop Health Data Breach

The telehealth platform was hacked in January, and users’ personal information was exfiltrated from its systems. The post 716,000 Impacted by OpenLoop Health Data Breach appeared f…

2026-05-13 Schneier on Security

OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities

The UK’s AI Security Institute evaluated GPT-5.5’s ability to find security vulnerabilities, and found that it is comparable to Claude Mythos. Note that the OpenAI model is general…

2026-05-13 The Register

dBase debased: Database titan fades to black after 47 years

Blog post mourning decline appears to have helped knock what was left of the veteran app's online presence offline

2026-05-13 The Hacker News

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active atta…

2026-05-13 SecurityWeek

Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises

CVE-2026-40361 is similar to a vulnerability found a decade ago, BadWinmail, which at the time was dubbed an “enterprise killer”. The post Microsoft Patches Critical Zero-Click Out…

CVE-2026-40361

2026-05-13 The Register

This browser add-in doesn't just hide ads, it tells you to OBEY

Chromium extension swaps promos for John Carpenter-style subliminal slogans

2026-05-13 SecurityWeek

Fortinet, Ivanti Patch Critical Vulnerabilities

Successful exploitation of these flaws could lead to arbitrary code execution and information disclosure. The post Fortinet, Ivanti Patch Critical Vulnerabilities appeared first on…

2026-05-13 The Register

SAP U-turn brings AI features to ECC and on-prem S/4HANA

CEO says there is 'no confusion at all' after cloud-only innovation plan drew flak

2026-05-13 SecurityWeek

Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabilities

The two chip giants have published over two dozen advisories describing recently identified security defects. The post Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabiliti…

2026-05-13 The Register

ZTE advances intelligent network monetization strategy at AGC2026, empowering ISPs for sustainable growth

Leveraging 10G PON, light OTN, and Wi-Fi 7 to modernize infrastructure and reduce operational costs for local operators

2026-05-13 The Register

Civil servants to protest outside Capita AGM over pension shambles

Union demands government strips outsourcer of contract after delays, bereavement failures, and data breach

2026-05-13 The Register

ZTE hosts 2026 Broadband User Congress in São Paulo, under the Theme "Monetize Your Intelligent Broadband"

Empowering operators to move beyond basic connectivity with next-gen AI and ODN systems

2026-05-13 The Hacker News

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that use the registry as a dat…

2026-05-13 The Register

ZTE and MediaTek unveil Tri-band Wi-Fi 7, targeting a relatively unexplored premium niche in Brazil

Empowering Brazilian ISPs with next-gen Wi-Fi 7 infrastructure

2026-05-13 SecurityWeek

Hundreds of Malicious Packages Force RubyGems to Suspend Registrations

More than 500 packages were pushed during the attack, but the target appears to have been RubyGems itself rather than users. The post Hundreds of Malicious Packages Force RubyGems …

2026-05-13 The Register

AI will soon be capable of telling convincing lies

That's fine when playing poker, but less useful when we trust LLMs with serious work like finding software flaws

2026-05-13 FortiGuard PSIRT Advisories

Linux Kernel Vulnerability copy.fail - CVE-2026-31431

CVSSv3 Score: 7.8 CVE-2026-31431In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts …

CVE-2026-31431

2026-05-13 The Hacker News

Security & Lifecycle News

Cisco open-sources agentic AI security spec

Government to Scrutinize Instructure Over Canvas Disruption, Data Breach

Microsoft says some users can't install Office on Windows 365 devices

[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud

Linux gains more critical Windows apps: 3D Movie Maker and Space Cadet Pinball

Most Remediation Programs Never Confirm the Fix Actually Worked

716,000 Impacted by OpenLoop Health Data Breach

OpenAI’s GPT-5.5 is as Good as Mythos at Finding Security Vulnerabilities

dBase debased: Database titan fades to black after 47 years

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises

This browser add-in doesn't just hide ads, it tells you to OBEY

Fortinet, Ivanti Patch Critical Vulnerabilities

SAP U-turn brings AI features to ECC and on-prem S/4HANA

Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabilities

ZTE advances intelligent network monetization strategy at AGC2026, empowering ISPs for sustainable growth

Civil servants to protest outside Capita AGM over pension shambles

ZTE hosts 2026 Broadband User Congress in São Paulo, under the Theme "Monetize Your Intelligent Broadband"

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

ZTE and MediaTek unveil Tri-band Wi-Fi 7, targeting a relatively unexplored premium niche in Brazil

Hundreds of Malicious Packages Force RubyGems to Suspend Registrations

AI will soon be capable of telling convincing lies

Linux Kernel Vulnerability copy.fail - CVE-2026-31431

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

ICS Patch Tuesday: New Security Advisories From Siemens, Schneider, CISA

Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub

Man jailed for packing printer with something more expensive than toner: Cocaine

Vietnam to develop domestic cloud so it can ditch risky overseas operators for government workloads

Execs admit AI makes them value human workers less

Doozy of a Patch Tuesday includes 30 critical Microsoft CVEs