Security insights
The blog.
Analysis of the latest vulnerabilities and threats, prioritized for Saudi finance.
CVE-2026-41103: Critical Microsoft SSO Plugin Flaw Lets Attackers Forge Identities in Jira and Confluence
20 May 2026
Google Detects First AI-Generated Zero-Day Exploit in the Wild
20 May 2026
GitHub Breached via Poisoned VS Code Extension: 3,800 Internal Repos Exfiltrated by TeamPCP
20 May 2026
Mini Shai-Hulud: SAP npm Supply Chain Attack Steals Developer Credentials and CI/CD Secrets
20 May 2026
YellowKey & GreenPlasma: Unpatched Windows Zero-Days Bypass BitLocker and Escalate to SYSTEM
20 May 2026
SEPPMail CVSS 10.0 RCE Chain: Four Flaws Turn Your Email Encryption Gateway into an Open Door
20 May 2026
CVE-2026-20182: Cisco SD-WAN CVSS 10.0 Auth Bypass Actively Exploited — Sixth Zero-Day This Year
20 May 2026
Drupal Highly Critical Zero-Auth Flaw Drops Today: Patch Your Portals Before Exploits Land
20 May 2026
Four Word RCE Flaws Turn Outlook Preview Pane into an Attack Surface
20 May 2026
CVE-2026-42945: Critical NGINX Heap Overflow Under Active Exploitation Threatens Every Saudi Enterprise
20 May 2026
Coinbase Insider Bribery Breach: Why Saudi Financial CISOs Must Rethink Third-Party Personnel Risk
20 May 2026
CVE-2026-41940: cPanel Zero-Day Authentication Bypass Exposes 1.5 Million Servers to Full Takeover
20 May 2026