Latest cybersecurity dispatches

Fresh reporting on active vulnerabilities, security patches, incident response, and threat research for defenders.

May 17, 2026, 12:08 PM EDT · AI Security · AI Coding Tools12 minClaude Code vs OpenAI Codex Limits: Which $100 or $200 Plan Is Better for Developers?

Claude Code and OpenAI Codex both offer $100 and $200 developer plans, but Codex gives clearer published limits while Claude remains stronger for reasoning-heavy coding workflows.

May 17, 2026, 11:49 AM EDT · AI Security · AI Coding Tools8 minClaude Max $100 vs $200: Which Plan Gives Developers More Real-World Claude Code Usage?

Claude Max 5x is the better-value plan for many solo developers, while Max 20x gives heavier Claude Code users more room for long sessions, large repositories and agentic workflows.

May 17, 2026, 11:34 AM EDT · AI Security · AI Coding Tools6 minChatGPT Pro $100 vs $200: Which OpenAI Codex Plan Gives Developers More Real-World Usage?

OpenAI's $100 Pro plan is the best short-term Codex value for many solo developers, while the $200 Pro plan remains the safer choice for continuous large-repo, cloud-task and code-review workflows.

May 17, 2026, 10:15 AM EDT · Exploits · Linux Kernel6 minFragnesia Linux Kernel Flaw Gives Local Attackers a Public Path to Root

Fragnesia, tracked as CVE-2026-46300, is a Linux kernel local privilege escalation flaw involving ESP/IPsec page-cache corruption, with public proof-of-concept code increasing patch urgency.

May 17, 2026, 9:52 AM EDT · Exploits · Web Framework Security6 minCVE-2026-23870: React Server Components DoS Flaw Hits Next.js App Router Apps; How to Reproduce Safely and Patch

A high-severity React Server Components denial-of-service flaw can let unauthenticated attackers degrade vulnerable Next.js App Router apps through crafted Server Function requests.

May 16, 2026, 2:31 AM EDT · AI Security · AI Gateway Security6 minLiteLLM CVE-2026-42208: Critical Pre-Auth SQL Injection Exposes AI Gateway Secrets

Critical LiteLLM CVE-2026-42208 pre-auth SQL injection exposes AI gateway databases, virtual keys and upstream model-provider credentials.

May 15, 2026, 6:09 PM EDT · AI Security · AI Cloud8 minOllama Cloud Slowdown Frustrates Users as Low Token Rates Raise Questions About Hosted Open-Model Economics

User-reported token rates as low as 8 tokens per second show why Ollama Cloud needs clearer performance metrics, queue visibility and paid-tier expectations.

May 15, 2026, 3:29 PM EDT · Exploits · Edge Appliances5 minFortinet Patches Critical FortiVoice Zero-Day Exploited for Credential Theft and Network Scanning

Fortinet patched CVE-2025-32756, a critical unauthenticated RCE flaw exploited against FortiVoice systems for credential theft, FastCGI debugging and network scanning.