How to guarantee a speaker gig: Hack the system. Literally

A security researcher found a foolproof way to guarantee tech conferences accept his speaker submissions: hack their systems.
Dark Reading

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

Critical API security flaws have put millions of users at risk for account takeover, by using a modern authentication standard to resurrect a longtime vulnerability. The bugs were found in the Hotjar ...

Microsoft warns of Exchange zero-day flaw exploited in attacks

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...
Dark Reading

Microsoft Exchange Zero-Day Under Attack, No Patch Available

Microsoft on Thursday disclosed a zero-day vulnerability in Exchange that's under active exploitation, but four days later customers are still awaiting a patch. The zero-day, tracked as CVE-2026-42897 ...
ET CIO

Top 7 WAF Tools for CIOs in 2026

Explore the top 7 Web Application Firewall (WAF) tools that CIOs should consider in 2026 to protect their organizations from online threats and ensure compliance with emerging regulations.