Security Intelligence

CISA flags critical SolarWinds vulnerability as exploited

CISA has confirmed active exploitation of a critical remote code execution vulnerability in SolarWinds Web Help Desk,...

Security Intelligence

Update: Chinese state‑linked actors compromised Notepad++ update infrastructure

Chinese state-linked attackers compromised Notepad++ update infrastructure, delivering malicious installers via a...

Security Intelligence

Chinese state‑linked actors compromised Notepad++ update infrastructure

Chinese state-linked attackers compromised Notepad++ update infrastructure, delivering malicious installers via a...

Security Intelligence

Critical Ivanti EPMM vulnerabilities under active exploitation

Critical Ivanti EPMM vulnerabilities are under active exploitation, allowing unauthenticated remote code execution &...

Security Intelligence

Quick, You Need Assistance!

Field Effect has been tracking a Microsoft Teams vishing campaign leveraging Quick Assist to deliver a PowerShell...

Security Intelligence

Public PoC and probing reported for max‑severity Oracle Proxy flaw

Maximum-severity Oracle WebLogic vulnerability (CVE-2026-21962) is being actively probed, enabling unauthenticated...

Security Intelligence

Microsoft releases emergency patch for exploited Office flaw

Microsoft has issued an emergency patch for an actively exploited Office vulnerability that bypasses OLE protections...

Security Intelligence

CISA adds six new flaws to its KEV catalog

Multiple high-severity CVEs are being exploited in the wild, impacting enterprise infrastructure and developer...

Security Intelligence

Update: Fortinet Confirms New SAML SSO Issue Under Active Exploitation

On 01-22-2026, Fortinet released new analysis confirming the recently reported SSO intrusions stem from an unreported...

Security Intelligence

Fortinet FortiGate exploited via SSO authentication abuse

Researchers have identified an active campaign targeting Fortinet FortiGate devices, where attackers abuse SSO...

Security Intelligence

Threat actors exploit security-testing apps to breach cloud infrastructure

Threat actors are exploiting intentionally vulnerable security testing apps deployed in real cloud environments,...

Security Intelligence

Threat actors expand abuse of Visual Studio Code

Threat actors are abusing trusted Visual Studio Code workflows, using social engineering and malicious repositories to...