MN

Maya Nair

Cybersecurity reporter

Maya Nair covers vulnerabilities, privacy enforcement, ransomware, and the practical security decisions facing teams and consumers.

CybersecurityPrivacyIncident response

Recent stories by Maya Nair

CrowdStrike LogScale vulnerability leaves self-hosted users with urgent patch work
SecurityRansomware and Breaches
CVE-2026-40050 is a critical unauthenticated path traversal flaw in self-hosted LogScale, while SaaS and Next-Gen SIEM customers are in a different position.
Maya NairApr 24, 20263 min read
Risk, resilience, and the systems companies rely on.Read story
Nginx UI MCP vulnerability: why this exploited flaw matters now
SecurityRansomware and Breaches
A newly exploited flaw in Nginx UI shows how quickly AI-connected management features can turn into a live server risk when core protections are skipped.
Maya NairApr 23, 20263 min read
Risk, resilience, and the systems companies rely on.Read story
The Cisco SD-WAN vulnerability on CISA's list needs attention now
SecurityRansomware and Breaches
A Cisco SD-WAN flaw that was only part of a broader February advisory has become more urgent after CISA flagged it as actively exploited, pushing network teams to revisit internet-facing management setups that may have looked low priority weeks ago.
Maya NairApr 22, 20264 min read
Risk, resilience, and the systems companies rely on.Read story
The Apache ActiveMQ vulnerability on CISA's exploited list needs faster patching
SecurityRansomware and Breaches
CISA says attackers are already exploiting the Apache ActiveMQ vulnerability tracked as CVE-2026-34197, turning an old piece of enterprise middleware into another urgent reminder that forgotten infrastructure still creates outsized security risk.
Maya NairApr 22, 20264 min read
Risk, resilience, and the systems companies rely on.Read story
Entra passkeys on Windows bring phishing-resistant sign-ins to unmanaged PCs
SecurityIdentity Security
Microsoft has moved Entra passkeys on Windows into public preview, giving organizations a way to use device-bound passkeys on personal and shared PCs without relying on passwords.
Maya NairApr 21, 20263 min read
Risk, resilience, and the systems companies rely on.Read story
Microsoft says device-code phishing has become a faster identity threat
SecurityIdentity Security
Microsoft’s April 6, 2026 research says attackers are scaling device-code phishing with automation and AI-written lures, turning a niche OAuth trick into a more practical account-takeover path.
Maya NairApr 20, 20263 min read
Risk, resilience, and the systems companies rely on.Read story