Exim BDAT flaw affects 4.97–4.99.2 GnuTLS builds, causing heap corruption and possible code execution.
Get the latest international news and world events from around the world.
IOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android
RCS is a modern, internet-based messaging protocol that allows Android and iPhone users to send high-resolution photos and videos, see typing indicators, and receive read receipts, features all typically present in instant messaging apps. It is built on an industry specification called the RCS Universal Profile.
“When RCS messages are end-to-end encrypted, they can’t be read while they’re sent between devices,” Apple said in a statement. “Users will know that a conversation is end-to-end encrypted when they see a new lock icon in their RCS chats.”
Apple began testing with E2EE in RCS messages in iOS and iPadOS 26.4 Beta, initially limiting it to only conversations between Apple devices. In early 2025, the GSM Association (GSMA) announced support for E2EE for safeguarding messages sent via the RCS protocol.
US govt seeks Instructure testimony on massive Canvas cyberattack
The U.S. House Committee on Homeland Security is calling on Instructure executives to testify about two cyberattacks by the ShinyHunters extortion group that targeted the company’s Canvas platform, allowing threat actors to steal student data and disrupt schools during final exams.
In a letter sent Monday afternoon to Instructure CEO Steve Daly, Homeland Security Committee Chairman Andrew R. Garbarino said the committee is investigating the massive breach at Instructure that impacts millions of students.
“The Committee on Homeland Security (Committee) is investigating the concerning reports related to recent cybersecurity incidents affecting Instructure Holdings, Inc. and the tens of millions of students, educators, and administrators who rely on its Canvas learning management platform,” reads the letter.
Signal adds security warnings for social engineering, phishing attacks
Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud.
The purpose is to introduce enough friction that users get the time to evaluate the safety of an external request.
Recently, there have been attacks targeting high-profile users with bogus ‘Signal Support’ alerts, as highlighted by the FBI, the Dutch government, and the German authorities.
Microsoft releases Windows 10 KB5087544 extended security update
Microsoft has released the Windows 10 KB5087544 extended security update to fix the May 2026 Patch Tuesday vulnerabilities and resolve an issue with the new Remote Desktop warnings.
If you are running Windows 10 Enterprise LTSC or are enrolled in the ESU program, you can install this update like normal by going into Settings, clicking on Windows Update, and manually performing a ’Check for Updates.’
After installing this update, Windows 10 will be updated to build 19045.7291, and Windows 10 Enterprise LTSC 2021 will be updated to build 19044.7291.
Popular PlayStation emulator clamps down on AI submissions: ‘Leave behind something useful to humanity when you’re gone, instead of peddling slop’
In response to questions (and more than a little AI evangelist bellyaching), the devs pointed out that it is not the use of AI code in PRs that is the issue for them, but that it is undisclosed. “We won’t ban if disclosed, except for abuse cases, e.g. throwing a lot of random slop at us to see what passes reviews. Hint: programmers that can understand the problem, the solution, and the implementation can write the same code without AI, and tend to use LLMs to automate repetitive code refactoring instead. It is not the case with the AI slop PRs we have seen.”
The final result is a new set of hard-and-fast rules about AI code right there on RPCS3’s GitHub repo: “Use of AI tools for research and reverse engineering purposes is permitted. However, contributors are expected to fully own and understand all code they submit. Any communication with the team—including code, code comments, and GitHub comments—must come from the human contributor, not an AI agent acting autonomously.”
Back on X, the team signed off with a final message: “As for all the AI bros seething on our socials, we’re simply blocking you. Learn how to debug, code, and leave behind something useful to humanity when you’re gone, instead of peddling slop.”