Security Intelligence

Legacy D-Link routers exploited via unauthenticated DNS hijacking

A critical vulnerability (CVE-2026-0625) in legacy D-Link DSL routers enables unauthenticated remote code execution....

Security Intelligence

Maximum‑severity flaw enables SmarterMail server takeover

A critical SmarterMail vulnerability puts unpatched, internet-facing mail servers at risk. See mitigation steps and...

Security Intelligence

MongoDB Vulnerability Exposes Server Memory to Unauthenticated Attacks

A vulnerability in MongoDB Server, tracked as CVE‑2025‑14847, involves improper handling of mismatched length fields in...

Security Intelligence

Critical Flaw in n8n Exposes Workflow Automation Environments

CVE‑2025‑68613 is a critical vulnerability in the platform’s workflow expression evaluation system. It could enable...

Security Intelligence

Critical RCE in HPE OneView Exposes Infrastructure Control Plane

HPE OneView is impacted by a maximum severity vulnerability that enables unauthenticated remote code execution via REST...

Security Intelligence

WatchGuard reports active exploitation of critical Firebox RCE flaw

WatchGuard confirms active exploitation of a critical Fireware OS vulnerability (CVE-2025-14733) affecting Firebox...

Security Intelligence

Unpatched Cisco AsyncOS Vulnerability Actively Exploited

Cisco warns of active exploitation of critical AsyncOS flaw (CVE-2025-20393) enabling unauthenticated root-level RCE on...

Security Intelligence

Exploited flaw in end-of-support SonicWall SMA 100 receives hotfix

SonicWall confirmed active exploitation of CVE-2025-40602 affecting SMA appliances. Apply hotfixes and restrict public...

Security Intelligence

APT44 shifts tactics, exploits edge devices across critical infrastructure

Russian state-sponsored APT44 has shifted tactics to exploit misconfigured edge devices, enabling credential...

Security Intelligence

Seven-year-old vulnerability in Sierra Wireless routers exploited

Learn about an actively exploited flaw affecting Sierra Wireless routers, why it matters, and the steps organizations...

Security Intelligence

CISA adds critical GeoServer vulnerability to KEV

CISA warns of active exploitation of a critical GeoServer XXE vulnerability (CVE-2025-58360). Patch immediately to...

Security Intelligence

Active exploitation of Gladinet CentreStack and Triofox vulnerability

Active exploitation targets Gladinet CentreStack and Triofox using a new flaw with CVE-2025-11371, enabling forged...