The Archive · 2026
Cybersecurity, AI, and IT news for businesses worldwide. What changed this week, and what to do about it.
CVSS 9.8 Windows Netlogon Flaw CVE-2026-41089 Is Under Active Attack: Patch Every Domain Controller Now
Belgium's CCB confirmed on June 1, 2026 that attackers are actively exploiting CVE-2026-41089, a critical unauthenticated RCE in Windows Netlogon. Every unpatched domain controller is a live target.
4 min read
Attackers Are Actively Exploiting a CVSS 9.8 Windows Netlogon Flaw: Every Domain Controller Is at Risk
CVE-2026-41089 gives unauthenticated attackers SYSTEM-level control of Active Directory domain controllers. If your Windows Server environment is unpatched, you are a live target right now.
5 min read
Attackers Are Actively Exploiting a Critical Windows Netlogon Flaw: Patch Your Domain Controllers Now
CVE-2026-41089 scores 9.8, needs zero credentials, and gives attackers full remote code execution on Windows domain controllers. Belgium's CCB confirmed active exploitation on June 1. The patch has been out since May 12.
5 min read