Compromised npm packages targeted Red Hat cloud services, enabling credential theft and expanding supply chain risks.
Get the latest international news and world events from around the world.
Critical Windows Netlogon RCE flaw now exploited in attacks
The Centre for Cybersecurity Belgium (CCB), the country’s national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability in attacks.
Netlogon is a remote procedure call (RPC) interface and a core Microsoft Windows Server background service that authenticates services and users on Windows domain-based networks.
Microsoft patched this vulnerability (CVE-2026–41089) during the May 2026 Patch Tuesday, describing it as a stack-based buffer overflow in Windows Netlogon that allows attackers without privileges to gain remote code execution on targeted domain controllers.
WordPress malware campaign hides payloads in Steam profiles
Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.
The threat actor used invisible Unicode characters to encode a payload that builds a URL to a malicious script. By leveraging Valve’s platform, the attacker avoids maintaining a separate C2 infrastructure and evades traditional detection methods.
Since the campaign was first uncovered in July 2025, GoDaddy security engineers have found malware on approximately 1,980 WordPress websites.
Microsoft investigates Office Apps, Teams file access issues
Microsoft says an ongoing incident is preventing users of its Teams collaboration platform and Office for the web cloud-based productivity suite from opening files.
“We’re investigating reports that some users are unable to open files in Office for the web or Microsoft Teams,” the company’s Microsoft 365 Status tweeted earlier.
According to further information shared in the admin center under MO1329446, this issue impacts multiple Office Apps, including Microsoft Excel for the web.
Ceres’ Surface Is Much More Complex Than Previously Thought
The long, puzzling dwarf planet Ceres, in reality the first named asteroid, has surface features that are much more complex than previously thought. Or at least that’s the conclusion of a recent paper given at the recent European Geosciences Union 2026 General Assembly in Vienna.
New data analysis from NASA’s Dawn mission points to a surface with steep slopes, fractures, and albedo variations complicating crater identification.
In fact, Ceres has perplexed astronomers since its discovery in 1801 by Italian astronomer Giuseppe Piazzi. Yet in 2006, it was controversially reclassified as a dwarf planet, primarily due to its large size and differentiated interior. That is, unlike most asteroids, Ceres has a core, a mantle, and a crust. Some astrobiologists posit that the dwarf planet may have even once developed primitive microorganisms.
AI godbots: religious leaders warn of ‘alarming consequences’ when machines speak in the name of God
Researchers interviewed almost 30 religious leaders across all six major religious faiths in the UK to find out how AI was affecting them.
Daraxonrasib or Chemotherapy in Previously Treated Metastatic Pancreatic Cancer
Current therapies offer limited benefit for patients with previously treated metastatic pancreatic ductal adenocarcinoma (mPDAC). Aberrant activation of the RAS pathway is the key driver of PDAC, with oncogenic RAS mutations present in more than 90% of cases. Daraxonrasib is an oral RAS(ON) multiselective, tri-complex inhibitor of the active guanosine triphosphate–bound state of mutant and wild-type RAS.
