Security Intelligence

Active exploitation of unpatched Cisco SD‑WAN Manager flaw

A zero‑day in Cisco Catalyst SD‑WAN Manager enables attackers with netadmin access to execute commands as root and push...

Security Intelligence

Critical Cisco Unified CM flaw exposes voice infrastructure to remote compromise

A newly disclosed flaw in Cisco Unified Communications Manager exposes organizations to a high-impact attack path that...

Security Intelligence

Linux container escape flaw exploited: validate kernel fixes/controls

A 2022 Linux kernel flaw allowing a local adversary to escape a container and execute code as root on the host system...

Security Intelligence

Red Hat npm packages backdoored via compromised CI/CD pipeline

Multiple npm packages were compromised in a major supply-chain attack distributing a Shai-Hulud-derived...

Security Intelligence

PAN-OS GlobalProtect auth flaw actively targeted

A critical missing authentication flaw in marimo, an open-source Python notebook platform, allows unauthenticated...

Security Intelligence

Critical Marimo notebook flaw exploited in LLM-agent-driven intrusion

A critical missing authentication flaw in marimo, an open-source Python notebook platform, allows unauthenticated...

Security Intelligence

Public PoC available for 7‑Zip memory corruption flaw

A high-severity flaw in 7-Zip (CVE-2026-48095) exposes systems to potential code execution via malicious archive files,...

Security Intelligence

Public exploit code available for Apache Tomcat clustering flaw

A recently disclosed Apache Tomcat vulnerability, CVE-2026-34486, exposes clustered deployments to remote code...

Security Intelligence

Trend Micro Apex One flaw enables post-compromise code distribution across endpoints

Trend Micro disclosed and patched CVE-2026-34926, an actively exploited directory traversal vulnerability in Apex One,...

Security Intelligence

Actively exploited LiteSpeed cPanel flaw enables root access

A critical vulnerability in the LiteSpeed cPanel plugin is actively exploited and allows low-privileged users to gain...

Security Intelligence

Maximum-severity UniFi OS vulnerabilities enable full network takeover

Patches for three max-severity UniFi Operating System flaws allowing unauthenticated remote access to network...

Security Intelligence

Cisco Secure Workload API flaw creates cross-tenant exposure risk

A critical vulnerability (max CVSS score) in Cisco Secure Workload allows unauthenticated actors to gain Site Admin...