Google has begun rolling out an update to the Chrome Extended Stable channel for desktop users on Windows and macOS. The new version, 144.0.7559.177, will be gradually deployed over the coming days and weeks. This release includes one high-severity security fix addressing CVE-2026-2441, a use-after-free vulnerability in CSS. Google has confirmed that this issue is

Continue Reading

Microsoft has announced an update to the Secure Boot certificates used across the Windows ecosystem, part of a broader effort to maintain the security foundations of modern devices. Secure Boot is a low-level security feature that ensures only trusted software runs during system startup. The certificates it relies on have defined lifespans, and periodic updates

Continue Reading

Security researchers at Koi Security have identified what they describe as the first known malicious Microsoft Outlook add-in actively used in real-world attacks. The campaign abused Microsoft’s add-in ecosystem to steal more than 4,000 user credentials, raising concerns about how browser-style extensions and add-ins are maintained over time. The incident involved an Outlook add-in that

Continue Reading

Apple has released a new round of software updates across its ecosystem, delivering security fixes and system improvements for iPhone, iPad, Mac, Apple Watch, Apple TV, and Vision Pro. The release includes iOS and iPadOS 26.3, along with updates for macOS, watchOS, tvOS, visionOS, and Safari iOS 26.3 and iPadOS 26.3 apply to iPhone 11

Continue Reading

As part of its February 2026 Patch Tuesday cycle, Microsoft released security updates addressing 59 vulnerabilities across supported versions of Windows and related products, according to the Microsoft Security Update Guide. The updates apply to: Microsoft reported no actively exploited zero-day vulnerabilities in this release. However, several fixes address Critical and Important–rated issues affecting core

Continue Reading

Security researchers have uncovered a malware campaign that abuses lookalike websites impersonating the popular 7-Zip utility to infect Windows computers and covertly enlist them into residential proxy networks, allowing third parties to route internet traffic through victims’ home systems. The activity was documented in detailed research by cybersecurity software company Malwarebytes, which analyzed a trojanized

Continue Reading

Payment processor BridgePay Network Solutions has confirmed in a status update on their website that a ransomware attack is responsible for a multi-day outage affecting its payment gateway and related services. The company shared updates through its official status page. According to BridgePay, the incident has resulted in widespread service disruptions across its production and

Continue Reading

The nginx project has released nginx 1.29.5, a mainline update that includes a security fix for an SSL upstream injection vulnerability, tracked as CVE-2026-1642. The patched vulnerability affects certain configurations where nginx proxies traffic to upstream servers over TLS. Under specific conditions, an attacker positioned between nginx and its upstream server could potentially inject plaintext

Continue Reading