Security Intelligence
Bitwarden CLI compromised as part of supply-chain campaign
A malicious release of the Bitwarden CLI was published to npm in April 2026 as part of an expanding software...
Security Intelligence
A malicious release of the Bitwarden CLI was published to npm in April 2026 as part of an expanding software...
Security Intelligence
Microsoft issued an out-of-band update to address a high-severity elevation of privilege vulnerability introduced in...
Security Intelligence
On April 20, 2026, Progress Software released patches for critical vulnerabilities affecting MOVEit Web Application...
Security Intelligence
Vercel confirms a supply-chain breach tied to a third-party AI tool, exposing risks in OAuth integrations, environment...
Security Intelligence
Over the month of April 2026, three distinct flaws affecting Microsoft Defender Antivirus were publicly disclosed, and...
Security Intelligence
Fortinet disclosed two critical FortiSandbox vulnerabilities in April 2026 that allow unauthenticated execution of OS...
Security Intelligence
Critical nginx-ui flaw (CVE-2026-33032) enables auth bypass and full admin control. Active exploitation reported....
Security Intelligence
Microsoft patches 163 vulnerabilities, including two zero days affecting SharePoint and Defender. One is actively...
Security Intelligence
Critical Axios vulnerability (CVE-2026-40175) enables header injection via prototype pollution chains, risking SSRF and...
Security Intelligence
A security researcher reports potential Adobe Acrobat Reader zero-day involving JavaScript access to privileged APIs,...
Security Intelligence
Google warns that financially motivated actor UNC6783 is exploiting helpdesk workflows to bypass MFA through fake...
Security Intelligence
A public exploit chain for Apache ActiveMQ has been disclosed, abusing exposed Jolokia JMX management interfaces to...