> TritonInfoSec News
Home / Apr 23, 2026 / Story
0
#3 BleepingComputer general April 22, 2026 at 08:08 UTC

Microsoft releases emergency patches for critical ASP.NET flaw

By Sergiu Gatlan

AI Summary

Microsoft released emergency out-of-band patches for CVE-2026-40372, a critical ASP.NET Core privilege escalation vulnerability with a CVSS score of 9.1. The flaw involves improper verification of cryptographic signatures and affects authentication mechanisms across Windows, macOS, and Linux systems running ASP.NET Core applications.

Read full article → https://www.bleepingcomputer.com/news/microsoft/mi…

Relevance score: 90.0/100

# More from April 23

  1. 1
    Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack The Hacker News
  2. 2
    Kyber ransomware gang toys with post-quantum encryption on Windows BleepingComputer
  3. 4
    New Mirai campaign exploits RCE flaw in EoL D-Link routers BleepingComputer
  4. 5
    New npm supply-chain attack self-spreads to steal auth tokens BleepingComputer
  5. 6
    Hackers deployed wiper malware in destructive attacks on Venezuela’s energy sector The Record
  6. 7
    New GoGra malware for Linux uses Microsoft Graph API for comms BleepingComputer
  7. 8
    Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks BleepingComputer
  8. 9
    Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles The Hacker News
  9. 10
    Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens The Hacker News