DXO

20/05/2026

The latest findings from VulnCheck show that threat actors have begun to weaponize the flaw, with exploitation attempts detected against its honeypot networks. The nature of the attack activity and the end goals are presently unknown. Users are advised to apply the latest fixes from F5 to secure their networks against active threats.

CVE-2026-42945 is exploited after disclosure, impacting NGINX 0.6.27–1.30.0 and enabling crashes or RCE.

14/05/2026

Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years.

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

14/05/2026

SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in Commerce Cloud and S/4HANA.

Commerce Cloud is an enterprise-grade e-commerce platform used by online stores owned by large retailers and global brands, while S/4HANA is a cloud-based Enterprise Resource Planning (ERP) suite that will replace the company's on-premises ECC ERP system.

SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in the Commerce Cloud enterprise-grade e-commerce platform and the S/4HANA ERP suite.

07/05/2026

Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks.

07/05/2026

Cisco released security updates to fix a Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) denial-of-service (DoS) vulnerability that requires manually rebooting targeted systems for recovery.

Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems for recovery.

24/04/2026

Anthropic’s latest Claude models are introducing serious security issues into code, cyber experts say. The company is yet to officially explain why.

14/04/2026

Stolen session cookies bypass MFA because tokens remain valid for hours or days, enabling silent account takeovers without triggering security alerts.

10/04/2026

Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December.

10/04/2026

𝗗𝗜𝗖𝗧 𝗘𝘅𝗽𝗮𝗻𝗱𝘀 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗢𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝘀, 𝗢𝗻𝗯𝗼𝗮𝗿𝗱𝘀 𝟲𝟬 𝗠𝗼𝗿𝗲 𝗔𝗴𝗲𝗻𝗰𝗶𝗲𝘀 𝗶𝗻𝘁𝗼 𝗡𝗦𝗢𝗖

The Department of Information and Communications Technology (DICT) has significantly scaled the country’s cyber-defense capabilities, welcoming 60 additional government agencies into the National Security Operations Center (NSOC). This expansion brings the total number of participating agencies to 90, marking a pivotal step in securing the nation’s critical digital infrastructure.

The onboarding was formalized during the NSOC Executive Onboarding Conference held on 19 March 2026 in Quezon City, where DICT Secretary Henry Aguda emphasized that the initiative is a direct response to the evolving complexity of global digital threats.

Moving away from isolated security measures, Secretary Aguda introduced the concept of "Digital Bayanihan"—a collective strategy designed to unify the country’s defensive posture.

"Following the directive of President Ferdinand Marcos, Jr., we are called to strengthen the country’s digital resilience," Secretary Aguda stated. "Hindi lang ito simpleng instruction; ito ay malinaw na mandato para sa bawat ahensya na i-level up ang cybersecurity standards at kumilos nang mabilis para protektahan ang ating national systems."

Secretary Aguda further explained that the NSOC expansion embodies a shift toward a resilient, coordinated system. "Our goal is clear: a secure, stable, and sustainable digital government where agencies no longer stand alone against cyber threats."

As the government’s central hub for 24/7 monitoring and threat detection, the NSOC serves as a specialized unit under the DICT Cybersecurity Bureau. It provides National Government Agencies, Local Government Units, and government-owned or controlled corporations with a resilient, coordinated system designed to respond effectively to cyber incidents. By consolidating these defenses, the DICT ensures the continuity of critical public services in an increasingly interconnected digital ecosystem.

Engineer George Tardio, Officer-in-Charge of the DICT Cybersecurity Bureau, highlighted that the NSOC is more than a facility—it is a shared national capability. It enables continuous monitoring, early threat detection, coordinated incident response, and real-time collaboration across agencies, ensuring the government is better prepared against cyber incidents.

To ensure seamless integration, the DICT provides technical guidance and onboarding support at no cost to participating agencies. This initiative reflects the Department’s commitment to a "whole-of-government" approach, providing agencies with the protocols and coordination mechanisms necessary to thrive in an increasingly interconnected digital ecosystem.

29/03/2026

The PSA has rolled out PSAHelpline in the GCash app via GLife, allowing users to access official copies of birth, marriage, and death certificates, as well as the Certificate of No Marriage (CENOMAR) and the Certificate of No Death (CENODEATH).

PSA certificates for birth marriage and death records are now accessible through GCash making adulting errands way more convenient.
Link at the comment section!