RC RANDOM CHAOS

The Wire

Curated cybersecurity and tech news — AI-summarized, source attributed.

vulnerabilitycybersecurity

Critical nginx-ui Flaw Under Active Exploitation Allows Full Server Takeover

A critical vulnerability in nginx-ui, tracked as CVE-2026-33032, is being actively exploited in the wild to gain complete control over Nginx web servers. The fl

via The Hacker News ·
cybersecurityai

Exposure Validation Needs Both Deterministic and Agentic AI Working Together

Security teams are drowning in vulnerability findings from scanners that flag thousands of theoretical exposures without context on which ones are actually expl

via The Hacker News ·
cybersecuritypolicy

FCC Grants Netgear First Exemption From Foreign Router Ban, No Explanation Given

Netgear has become the first major consumer router vendor to secure an exemption from the FCC's broad ban on foreign-manufactured routers. The approval covers i

via Ars Technica ·
tech-culturecybersecurity

Ford CEO Warns Chinese Auto Overcapacity Could Wipe Out US Manufacturing Jobs

Ford CEO Jim Farley argued against allowing Chinese vehicle imports into the US, citing the threat to nearly a million domestic jobs. He highlighted China's mas

via Ars Technica ·
tech-culture

Good Omens Season 3 Trailer Drops Ahead of 90-Minute Series Finale

Amazon has released the official trailer for the third and final season of Good Omens, which will consist of a single 90-minute episode rather than a full seaso

via Ars Technica ·
aitech-culture

Google Launches Gemini 3.1 Flash TTS with Prompt-Driven Voice Direction

Google has released Gemini 3.1 Flash TTS, a text-to-speech model accessible through the standard Gemini API under the model ID gemini-3.1-flash-tts-preview. Unl

via Simon Willison ·
tech-cultureopen-source

Gruber: Apple's Real Moat Was Great Apps, and It's Eroding

John Gruber argues that Apple's true competitive advantage was never the App Store's revenue cut - it was that the best software lived exclusively on Apple plat

via Simon Willison ·
cybersecurityidentity

Kraken Refuses Extortion After Insiders Leaked Customer Support Data

Cryptocurrency exchange Kraken disclosed that a criminal group is attempting to extort the company using videos of internal systems displaying client data. The

via BleepingComputer ·
aivulnerability

Microsoft and Salesforce Fix Data Leak Vulnerabilities in AI Agent Platforms

Microsoft and Salesforce have issued patches addressing security flaws in their AI agent platforms that could have allowed unauthorized access to sensitive data

via Dark Reading ·
cybersecuritymalware

Microsoft Locks Down RDP Files With New Anti-Phishing Protections in Windows

Microsoft's April 2026 cumulative updates for Windows 10 and Windows 11 introduce built-in defenses against a phishing vector that has been exploited heavily by

via BleepingComputer ·
vulnerabilitycybersecurity

Microsoft Patch Tuesday Dominated by Privilege Escalation Fixes

Microsoft's latest Patch Tuesday release addresses a large volume of vulnerabilities, with privilege escalation flaws making up the dominant category. These bug

via Dark Reading ·
vulnerabilitycybersecurity

Microsoft Patches SharePoint Zero-Day Alongside 168 Other Vulnerabilities

Microsoft's April 2026 Patch Tuesday addresses 169 vulnerabilities across its product ecosystem, including an actively exploited zero-day in SharePoint. The Sha

via The Hacker News ·