Security NEXT

「NGINX JavaScript」に深刻な脆弱性 - 修正版が公開

現地時間2026年5月19日にセキュリティアドバイザリを公開。特定環境下において、認証なしにリモートより悪用できるヒープバッファオーバーフローの脆弱性「CVE-2026-8711」について明らかにしたもの。
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
Opinion
Foreign AffairsOpinion

A New Order for the Gulf

ROBERTS is Reader in Middle East Security Studies at King’s College London, Head of the King’s Institute for Applied Security Studies, and the author of Security Politics of the Gulf Monarchies. The U ...

Ill-gotten gains

The growth of the ‘Active Club’ movement reveals white nationalists’ ability to appeal to disillusioned young men using the ...