The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.
SecurityWeek

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...
SecurityWeek

SAP Patches Critical ABAP Vulnerability

SAP has released 19 new security notes on its April 2026 security patch day, including one that resolves a critical-severity ...
Morning Overview on MSN

Hackers hide credit-card skimmer code inside 1×1-pixel SVG images

A credit card skimmer campaign discovered in early 2025 and still actively tracked as of April 2026 has compromised an ...
GitHub

GitHub MCP Server

The GitHub MCP Server connects AI tools directly to GitHub's platform. This gives AI agents, assistants, and chatbots the ability to read repositories and code files, manage issues and PRs, analyze ...