Security Intelligence

China-nexus threat actors intensify targeting of internet‑facing systems in North America

New research shows China-aligned threat actors abusing zero-days and stolen credentials to gain persistent access to...

Security Intelligence

Knownsec leak uncovers China’s contractor-led cyber espionage

Leaked documents reveal how Chinese contractor Knownsec supports state-aligned cyber espionage through large-scale...

Security Intelligence

Fortinet issues fixes for critical flaws in FortiSIEM and FortiFone

Two critical Fortinet vulnerabilities in FortiSIEM and FortiFone enable unauthenticated exploitation when exposed...

Security Intelligence

MuddyWater expands Rust‑based operations and exposes build artefacts

MuddyWater is using a new Rust-based malware, RustyWater, delivered via malicious Word documents. Learn how to detect,...

Security Intelligence

POC available for critical vulnerability in Trend Micro Apex Central

A critical RCE vulnerability in Trend Micro Apex Central enables SYSTEM-level compromise. Public PoC increases risk;...

Security Intelligence

Veeam fixes 4 vulnerabilities in Backup & Replication that enable RCE

Veeam has patched multiple vulnerabilities in Backup & Replication that enable authenticated RCE. Learn who’s affected,...

Security Intelligence

Maximum‑severity ‘Ni8mare’ flaw exposes n8n to full system compromise

CVE-2026-21858 is a critical n8n vulnerability enabling unauthenticated remote code execution, continuing a recent wave...

Security Intelligence

Legacy D-Link routers exploited via unauthenticated DNS hijacking

A critical vulnerability (CVE-2026-0625) in legacy D-Link DSL routers enables unauthenticated remote code execution....

Security Intelligence

Maximum‑severity flaw enables SmarterMail server takeover

A critical SmarterMail vulnerability puts unpatched, internet-facing mail servers at risk. See mitigation steps and...

Security Intelligence

MongoDB Vulnerability Exposes Server Memory to Unauthenticated Attacks

A vulnerability in MongoDB Server, tracked as CVE‑2025‑14847, involves improper handling of mismatched length fields in...

Security Intelligence

Critical Flaw in n8n Exposes Workflow Automation Environments

CVE‑2025‑68613 is a critical vulnerability in the platform’s workflow expression evaluation system. It could enable...

Security Intelligence

Critical RCE in HPE OneView Exposes Infrastructure Control Plane

HPE OneView is impacted by a maximum severity vulnerability that enables unauthenticated remote code execution via REST...