The best early Amazon Spring Sale deals: Save on streaming, Apple, Samsung, and more

Amazon’s Big Spring Sale is back next week. Here are our favorite spring deals on home, tech, and more live early.

Latest news – ​Read More

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit

A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level.
Tracked as CVE-2026-3888 (CVSS score: 7.8), the issue could allow an attacker to seize control of a susceptible system.
“This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access

The Hacker News – ​Read More

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS.
The vulnerability, tracked as CVE-2026-20643 (CVSS score: N/A), has been described as a cross-origin issue in WebKit’s Navigation API that could be exploited to bypass the same-origin policy when processing maliciously crafted web content.
The

The Hacker News – ​Read More

MacBook Neo just set a new bar for cheap laptops – and rattled the PC market

For years, Apple has refused to compete with the makers of cheap laptops – but not anymore. Here’s who wins and who loses now that premium computing just got more affordable.

Latest news – ​Read More

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges.
The vulnerability, tracked as CVE-2026-32746, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of out-of-bounds write in the LINEMODE Set

The Hacker News – ​Read More

Crypto e-commerce platform Bitrefill accuses North Korea of stealing 18,500 purchase records

Bitrefill said hackers allegedly tied to North Korea’s Lazarus group accessed around 18,500 purchase records that contained email addresses, crypto payment addresses, and metadata including IP addresses.

The Record from Recorded Future News – ​Read More

More Attackers Are Logging In, Not Breaking In

Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.

darkreading – ​Read More

Less Lucrative Ransomware Market Makes Attackers Alter Methods

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.

darkreading – ​Read More

Apple rolls out first ‘background security’ update for iPhones, iPads, and Macs to fix Safari bug

Apple’s first-ever “background security improvement” fixes a vulnerability in its Safari browser running its latest software.

Security News | TechCrunch – ​Read More

Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish

The cyberattackers leveraged trusted brands and domains in an attempt to redirect a C-suite executive at Outpost24 to give up his credentials.

darkreading – ​Read More