Information security
fromTheregister
8 hours agoCrime crew impersonates help desk, abuses Teams chats
A new threat group uses social engineering and custom malware to steal data through Microsoft Teams and phishing tactics.
CrowdStrike published an advisory for CVE-2026-40050, a critical unauthenticated path traversal vulnerability affecting its LogScale product. The flaw can allow a remote attacker to read arbitrary files from the server filesystem.
A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.