Security Intelligence

Critical NetScaler ADC and NetScaler Gateway vulnerabilities disclosed

Critical Citrix NetScaler vulnerabilities could enable session hijacking and authentication bypass—patch now to reduce...

Security Intelligence

Threat actors leverage 2025 Quest KACE SMA vulnerability

A critical authentication bypass vulnerability in Quest KACE SMA is being actively exploited, enabling attackers to...

Security Intelligence

Internet‑exposed Langflow deployments targeted hours after patch release

Critical Langflow vulnerability under active exploitation allows unauthenticated remote code execution, putting exposed...

Security Intelligence

Trivy breach: Modified version tags enabled CI/CD secret theft

A supply-chain attack targeting the widely used Trivy scanner allowed attackers to inject malicious code into trusted...

Security Intelligence

Critical authentication bypass in Aruba AOS-CX impacts CX-series switches

HPE released updates for Aruba AOS-CX switches to fix multiple vulnerabilities, including a critical authentication...

Security Intelligence

Ivanti Endpoint Manager under active exploitation

CISA has added CVE-2026-1603, an actively exploited authentication bypass in Ivanti Endpoint Manager, to the KEV...

Security Intelligence

Fortinet devices under increased targeting as AI-enabled attacks scale in 2026

Field Effect researchers observed increased targeting of Fortinet devices in early 2026, with attackers using...

Security Intelligence

Latest Iranian cyber activity amid Middle East escalation

Iran-linked cyber activity involving Seedworm malware and compromised surveillance cameras highlights how IoT devices...

Security Intelligence

Researchers report a maximum‑severity flaw in a pac4j JWT library

A pac4j-jwt flaw (CVE-2026-29000) allows attackers to bypass authentication by exploiting how encrypted JWTs are...

Security Intelligence

CISA warns of remote code execution risk in VMware Aria Operations

CISA added a VMware Aria Operations flaw (CVE-2026-22719) to its KEV catalog amid reports of active exploitation....

Security Intelligence

Cyber spillover risks amid the February 2026 Middle East escalation

Escalating conflict in the Middle East raises cyber spillover concerns as Canada and the UK warn of potential Iranian...

Security Intelligence

Critical TLS authentication bypass impacts VMware Tanzu

Broadcom patches CVE-2025-68121, a critical TLS flaw in Go affecting multiple VMware Tanzu products, including RabbitMQ...