Security Intelligence

Zyxel patches critical UPnP command‑injection flaw, POC available

Zyxel patched a critical UPnP command-injection flaw in the EX3510-B0 router that enables unauthenticated remote...

Security Intelligence

Maximum‑severity zero day in Cisco Catalyst SD‑WAN now patched

Cisco patches CVE-2026-20127, a critical 10.0 zero-day in Catalyst SD-WAN enabling unauthenticated admin access and...

Security Intelligence

Typosquatting campaign targets npm, CI pipelines, and AI‑driven development

Researchers uncover SANDWORM_MODE, a malicious npm supply-chain campaign abusing AI toolchains to steal credentials...

Security Intelligence

Low‑skill threat actor leverages AI in FortiGate intrusion activity

Over 600 FortiGate devices were compromised as a low-skill actor used AI to automate attacks, highlighting risks from...

Security Intelligence

Predictable credentials generated by AI tools introduce new risks

Research reveals that AI-generated passwords can be predictable and low in entropy, increasing the risk of credential...

Security Intelligence

Chrome and Chromium-based browsers receive fixes for exploited flaw

CISA adds CVE-2026-2441 to KEV following active exploitation. Updated Chrome and Chromium-based browser versions are...

Security Intelligence

End‑to‑end update verification arrives in Notepad++ with version 8.9.2

Notepad++ version 8.9.2 adds XML manifest signature validation, completing end-to-end update verification to close the...

Security Intelligence

Weekly Threat Round-Up: Critical Apple flaw, eBPF rootkit & more

This February 2026 threat round-up shines a spotlight on a critical Apple flaw being exploited in target attacks,...

Security Intelligence

Study Tests Zero‑Knowledge Protections in Cloud Password Managers

Researchers reveal 27 attack paths in cloud-based password managers, showing how a compromised provider could...

Security Intelligence

Apple addresses a critical flaw exploited in targeted attacks

Apple patched a critical flaw, CVE‑2026‑20700, that was exploited in targeted attacks on versions prior to the current...

Security Intelligence

Fortinet fixes a critical flaw in FortiClientEMS

Fortinet patched a critical flaw (CVE-2026-21643) in FortiClientEMS 7.4.4 that could allow unauthenticated remote code...

Security Intelligence

February 2026 Microsoft updates include six exploited flaws

Microsoft’s February 2026 Patch Tuesday fixes 59 vulnerabilities, including six actively exploited flaws enabling...