Morning Overview on MSN

Ivanti patches a zero-day that gave attackers remote code execution on mobile management servers — CISA says patch by tomorrow

Ivanti has released an emergency patch for a zero-day vulnerability in its Endpoint Manager Mobile (EPMM) platform after ...
CSO Online

AI finds 20-year-old bugs in PostgreSQL and MariaDB

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs ...
Hosted on MSN

Google issues May 2026 Android update with critical fix

Google has released its May 2026 Android updates, addressing a critical system vulnerability that could allow remote code execution without user interaction. The update also adds new Google System ...
Bleeping Computer

Trend Micro fixes critical vulnerabilities in multiple products

Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption ...
CSOonline

Some Brother printers have a remote code execution vulnerability, and they can’t fix it

An authentication bypass vulnerability in the printers, hardcoded at the factory, can be chained with another flaw for remote code execution on affected devices. Brother Industries is grappling with a ...
Bleeping Computer

SAP fixes suspected NetWeaver zero-day exploited in attacks

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under ...
The Hacker News

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.